Any organization that relies on certification under the EU-U.S. Privacy Shield framework and/or entering into the Standard Contractual Clauses (“SCCs” or “Model Clauses”) to effectuate personal data transfers from the...more
7/22/2020
/ Corporate Counsel ,
Court of Justice of the European Union (CJEU) ,
Cybersecurity ,
Data Processors ,
Data Protection ,
EU ,
EU-US Privacy Shield ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Standard Contractual Clauses
A recent federal district court decision underscores the importance of structuring breach investigations with the attorney work-product doctrine in mind. In In re Capital One Consumer Data Sec. Breach Litig., 2020 WL 3470261...more
To date, all U.S. states have at least recommended that individuals wear cloth masks or face coverings (in line with the CDC’s recommendations) when in certain public spaces, especially when in situations where six feet of...more
Reopening the economy has had mixed results. Many types of businesses have reopened without triggering outbreaks in COVID-19. But, bars and other businesses are being linked to the June and July spikes in COVID-19 cases...more
With slightly less than one month before the July 1, 2020 enforcement date of the California Consumer Privacy Act (“CCPA”), California’s Attorney General announced on June 2, 2020 that he had submitted the proposed final...more
Navigating the decision as to when to reopen businesses may be just as daunting as navigating the closures caused by the pandemic. Resuming business operations will require significant preparation, constant monitoring of the...more
5/27/2020
/ Americans with Disabilities Act (ADA) ,
Business Continuity Plans ,
Centers for Disease Control and Prevention (CDC) ,
Coronavirus/COVID-19 ,
Employer Responsibilities ,
Employment Policies ,
Fair Labor Standards Act (FLSA) ,
NLRA ,
OSHA ,
Personal Protective Equipment ,
Re-Opening Guidelines
You want to reopen your place of business, and certainly do not want to harm your customers or employees in doing so. Safety from COVID-19 in your establishment is simply not something you can offer, however. No organization...more
The fluidity of the COVID-19 situation will require businesses to consider a myriad of issues as they navigate the decision as to whether, when, and how to reopen their facilities to employees and the public. The following...more
Relief for Small Businesses -
The federal CARES Act, if enacted in its current form, would contain several provisions which are intended to provide assistance and resources for small businesses impacted by the current...more
The COVID-19 pandemic has presented virtually unprecedented health challenges to the United States and the world at large. But the pandemic also may present both civic and business opportunities. One of the most immediate and...more
Although U.S. law has broadly enabled the use of electronic signatures since 2000, many companies have not fully adopted the use of electronic signatures across their operations. That resistance to the use of electronic...more
The digital advertising industry has been under attack through the GDPR and the CCPA for years now. The usual, ineffectual counters to these attacks from industry proponents trying to demonstrate the value of digital...more
COVID-19 will change organizations, government, and the relationship of individuals to both; at this moment, the right to be let alone has become the duty to be alone, not principally for one's own sake but for the protection...more
The alarm bells have been sounding about location tracking, and the state legislatures have been responding. Perhaps the loudest ringing in 2020 is from the Washington Privacy Act, the Senate and House versions of which are...more
It’s us again, back with more operationally-focused pointers on the California Consumer Privacy Act (“CCPA”) now that the music has stopped once more and everybody is looking for a place to sit. On Friday February 7th, the...more
Amanda Witt represented the U.S. on an extraordinary panel in Dublin yesterday in which the participants – leaders in data protection from both sides of the Atlantic – learned from one another and from their national...more
When the smoke cleared from California’s privacy legislative battles that ended on September 13th, many were surprised to see another large alien life form snorting alongside the CCPA. AB 1202 requires the registration of...more
9/17/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Brokers ,
Data Collection ,
Data Privacy ,
Data Security ,
Opt-Outs ,
Personal Information ,
Privacy Laws ,
Registration Requirement
On Friday, September 13th, the California legislature passed several amendments to the California Consumer Privacy Act (“CCPA”), and created a new "data broker" registration law that deserves its own blog post and heightened...more
US law fails to grasp the business uses and technical complexities of biometric data. Consent-based models, such as in Illinois, Texas, and Washington, are often wholly incompatible with the public and private sectors’ uses...more
Poor Richard does get his hoped-for trip to New York today, but not, as many others hoped a few months ago, to examine a new comprehensive privacy law that outdoes the CCPA with the first enactment of the concept of data...more
The privacy world has been abuzz about a great post on Brookings’ TechTank blog by Cameron Kerry and John Morris, Why data ownership is the wrong approach to protecting privacy. Poor Richard was impressed with its...more
Don’t worry about the new Nevada privacy law, SB 220 signed by the Governor last month, unless you’re selling personal information to a data broker, said no law firm whatsoever in its legal alert. At best they bury the lead,...more
2019 is a nonstop carnival of consultants and lawyers sending you hither and thither as each new state effort to solve the purported ills of the digital world flashes its shiny omnibus bill for a moment before being dragged...more
After almost four years of the largest and most ambitious effort in history to transform a nation with technology, India is looking ahead to protecting the data that it is generating. ...more
Attention all who collect fingerprints and other biometric information of Illinois residents: a private right of action is now available for a mere technical violation of the Illinois Biometric Information Privacy Act...more
2/12/2019
/ Actual Injuries ,
Amusement Parks ,
Biometric Information ,
Biometric Information Privacy Act ,
Data Collection ,
Data Privacy ,
Fingerprints ,
IL Supreme Court ,
Injunctive Relief ,
Liquidated Damages ,
Personally Identifiable Information