Enacted in 1996, the Children’s Online Privacy Protection Act (COPPA) is the nation’s longest standing and most comprehensive statute aimed at regulating the collection, use and sharing of the personal information of...more
Top 10 Considerations for In-House Counsel on Privacy and Data Protection Concerns with AI: Know your legal role:
1. Privacy laws vary among jurisdictions, and your obligations using AI and personal information will change...more
The FTC recently published a policy statement with its enforcement priorities for the misuse of biometric information. To be clear, there are no new federal laws that specifically regulate the collection or use of biometric...more
5/30/2023
/ Biometric Information ,
Biometric Information Privacy Act ,
Data Collection ,
Data Privacy ,
Data Protection ,
Employees ,
Facial Recognition Technology ,
Federal Contractors ,
Federal Trade Commission (FTC) ,
FTC Act ,
Independent Contractors ,
Policy Statement ,
Section 5 ,
State Privacy Laws
The White House announced last Thursday its highly anticipated National Cybersecurity Strategy (NCS). Although largely aspirational and short on concrete plans, the 39-page NCS is the Biden administration’s most ambitious...more
3/9/2023
/ Biden Administration ,
Cloud Computing ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Justice (DOJ) ,
Financial Services Industry ,
Government Agencies ,
National Security
In September 2022, California Governor Gavin Newsom signed into law the California Age Appropriate Design Code Act (CAADCA). Beginning July 1, 2024, the act will require businesses that provide online services or features...more
12/16/2022
/ Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Governor Newsom ,
Impact Assessments ,
Mobile Apps ,
New Legislation ,
Online Gaming ,
Online Safety for Children ,
Privacy Laws ,
Regulatory Agenda ,
State Privacy Laws ,
Webinars
It’s the call you hope you never get. Your company has been hit with a ransomware attack. Your systems are offline. Your customer data was stolen by an unknown threat actor who is threatening to leak it. You have lots of...more
4/1/2022
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Protection ,
Extortion ,
FBI ,
FinCEN ,
Hackers ,
Information Technology ,
Office of Foreign Assets Control (OFAC) ,
Personally Identifiable Information ,
Ransomware ,
Risk Management
The United Kingdom’s Information Commissioner’s Office (ICO) finalized a new Code of Practice (the Code) in September 2020, which applies to most companies that offer online services to or otherwise collect personal data from...more
2/5/2021
/ Certifications ,
COPPA ,
Data Collection ,
Data Protection ,
EU ,
EU Data Protection Laws ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
Minor Children ,
Online Safety for Children ,
Personal Data ,
Privacy and Electronic Communications Regulation 2003 (PECR). ,
Privacy Disclosures ,
Privacy Laws ,
UK
Concerns are mounting for companies around the world as they consider their ability to transfer data from the EU following the recent decision by the Court of Justice of the European Union in Data Protection Commissioner v....more
1/11/2021
/ Cooperation Agreement ,
Data Protection ,
Data Transfers ,
EU ,
EU-US Privacy Shield ,
European Commission ,
European Court of Justice (ECJ) ,
European Data Protection Board (EDPB) ,
European Economic Area (EEA) ,
FISA ,
General Data Protection Regulation (GDPR) ,
New Guidance ,
Personal Data ,
Schrems I & Schrems II ,
Standard Contractual Clauses ,
UK ,
UK Brexit
The Federal Trade Commission is putting more teeth into the multiyear compliance obligations of consent orders it enters into with companies to settle enforcement actions related to data breaches. The FTC recently issued a...more
5/30/2019
/ Best Practices ,
Consent Order ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Information Security ,
Personal Data ,
Risk Management ,
Security Risk Assessments ,
Vendor Contacts
The deadline for the United Kingdom to leave the European Union continues to be a moving target, with the latest extension placing Brexit no later than October 31, 2019, (Halloween). Whatever the final date, Brexit need not...more
The Pennsylvania Supreme Court recently held that employers have “a legal duty to safeguard” the personal data of their employees which is stored on internet-accessible computer systems and that the economic loss doctrine...more
12/20/2018
/ Breach of Duty ,
Breach of Implied Contract ,
Class Action ,
Corporate Counsel ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Data Storage ,
Duty to Protect ,
Economic Damages ,
Economic Loss Doctrine ,
Employer Liability Issues ,
Hackers ,
Identity Theft ,
Negligence ,
PA Supreme Court ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Reasonable Care ,
Remand ,
Reversal
What You Need to Know Now -
• The new law takes effect January 1, 2020, but there’s a lot to do so you need to start work now.
• The new law expands the definition of personal information and gives California consumers...more
7/17/2018
/ Consumer Privacy Rights ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Rights ,
Data Security ,
Data-Sharing ,
Disclosure Requirements ,
Enforcement ,
Governor Brown ,
Minors ,
New Legislation ,
Notice Requirements ,
Opt-In ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Privacy Laws ,
Private Right of Action ,
Right to Delete ,
Statutory Damages ,
Third-Party Service Provider ,
Vendors
The U.S. Court of Appeals for the Eleventh Circuit on June 6 issued its long-awaited decision in LabMD v. Federal Trade Commission, vacating a Federal Trade Commission cease and desist order directing LabMD to overhaul its...more
7/5/2018
/ Appeals ,
Cease and Desist Orders ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Enforcement Actions ,
Federal Rules of Civil Procedure ,
Federal Trade Commission (FTC) ,
LabMD ,
Popular ,
Reversal ,
Unfair or Deceptive Trade Practices
Overview (10. – 6.) -
10. The European Union (EU) General Data Protection Regulation (GDPR) went into effect on May 25, 2018. It applies to the processing of “personal data” of EU citizens and residents (a/k/a “data...more
6/20/2018
/ Consent ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Subjects Rights ,
e-Discovery ,
Electronically Stored Information ,
Encryption ,
EU ,
EU Data Protection Laws ,
Exceptions ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Third-Party Service Provider
The Federal Trade Commission on October 23, 2017, provided guidance on how it will enforce the Children’s Online Privacy Protection Act (COPPA) with respect to audio recordings of children. This comes as part of a wave of...more
11/17/2017
/ App Developers ,
Audio Recording ,
Children's Toys ,
COPPA ,
Data Collection ,
Data Protection ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Internet ,
Mobile Apps ,
Parental Consent ,
Popular ,
Risk Management ,
Smart Devices ,
Websites
Data breaches are a reality that all businesses need to take seriously. Knowing your vulnerabilities is only part of the solution. You and your key stakeholders should be prepared with an incident response plan that defines...more
Privacy Shield – An Early Reflection -
EU law generally prohibits the transfer of personal data from the European Economic Area to the U.S., unless the transfer is made in accordance with an authorized data transfer...more
10/25/2016
/ Article III ,
Cable Communications Protection Act (CCPA) ,
Confidential Information ,
COPPA ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Breach ,
Data Collection ,
Data Protection ,
Electronic Protected Health Information (ePHI) ,
Equal Employment Opportunity Commission (EEOC) ,
EU ,
EU-US Privacy Shield ,
Gramm-Leach-Blilely Act ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Information Sharing ,
Injury-in-Fact ,
International Data Transfers ,
IP Addresses ,
Personal Data ,
Personally Identifiable Information ,
Privacy Policy ,
Standing ,
Video Privacy Protection Act ,
VPPA ,
Wellness Programs
The October 6, 2015, decision of the Court of Justice of the European Union in the Schrems v. Facebook case left significant uncertainty surrounding the legality and practicality of U.S. technology companies’ ability to...more
The CJEU’s Decision on Safe Harbor and its Effects on US Technology Companies -
On October 6, 2015, the Court of Justice of the European Union (“CJEU”), the European Union’s highest court, issued a groundbreaking...more
10/9/2015
/ Data Protection ,
Data Protection Authority ,
EU ,
EU Data Protection Laws ,
Facebook ,
International Data Transfers ,
National Security Agency (NSA) ,
Personal Data ,
Popular ,
Privacy Policy ,
Safe Harbors ,
Schrems I & Schrems II ,
Surveillance ,
Technology ,
Technology Sector ,
US-EU Safe Harbor Framework
In a closely-watched cybersecurity case, a three-judge panel of the U.S. Court of Appeals for the Third Circuit held in Federal Trade Commission v. Wyndham Worldwide Corporation (No. 14-3514) that the Federal Trade Commission...more
9/1/2015
/ Administrative Authority ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Fair Notice ,
Federal Trade Commission (FTC) ,
FTC Act ,
FTC v Wyndham ,
Popular ,
Unfair or Deceptive Trade Practices ,
Wyndham
On August 1, 2014, the Federal Trade Commission (FTC) released a report entitled What’s the Deal? An FTC Study on Mobile Shopping Apps (the FTC Report). The FTC Report is based on a study the FTC conducted (the FTC Study) to...more
In the last month, the California legislature passed and Governor Jerry Brown signed into law amendments to two of California’s signature privacy and data security laws and one new consumer privacy law aimed at enhancing...more