Many companies have a “no ransomware payment” stance until faced with a ransomware attack, especially an attack that causes significant business disruption. At that point, the company may reconsider its stance (or at least...more
9/24/2021
/ Corporate Counsel ,
Crypto Exchanges ,
Cyber Attacks ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Enforcement Actions ,
FBI ,
Guidance Update ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Office of Foreign Assets Control (OFAC) ,
Ransomware ,
Regulatory Oversight ,
Risk Factors ,
Sanctions ,
U.S. Treasury ,
Virtual Currency
Case Overview -
This week’s U.S. Securities and Exchange Commission enforcement cease-and-desist order (Order) In re App Annie Inc., out of the SEC’s San Francisco Regional Office, underscores the importance of taking...more
9/20/2021
/ Cease and Desist Orders ,
Civil Monetary Penalty ,
Cryptocurrency ,
Data Management ,
Data Privacy ,
Data Security ,
Intellectual Property Protection ,
Mobile Apps ,
Personal Information ,
Policies and Procedures ,
Regulation S-P ,
Securities and Exchange Commission (SEC)
The Communications Decency Act of 1996 (CDA) was a landmark law enacted to regulate content on the internet. The purpose of the legislation was to regulate indecent and obscene material online, but it is most relevant today...more
5/28/2021
/ Appeals ,
Communications Decency Act ,
Federal Trade Commission (FTC) ,
Internet ,
Liability ,
Online Platforms ,
PACT Act ,
SAFE Act ,
Section 230 ,
Social Media ,
Third-Party
In This Issue -
Section 230 and the Future of Content Moderation -
We analyze Section 230 of the Communications Decency Act—the 1996 law that provides a legal shield for internet providers from content created by their...more
5/26/2021
/ Appeals ,
Communications Decency Act ,
Copyright ,
DMCA ,
Fair Use ,
FOSTA ,
Intellectual Property Litigation ,
Non-Compete Agreements ,
Online Platforms ,
Oracle v Google ,
SCOTUS ,
Section 101 ,
Section 230 ,
Software Developers ,
The Copyright Act ,
Trademark Trial and Appeal Board ,
Trademarks ,
Uniform Trade Secrets Acts
In a ruling that affirms the immunity of user-generated content platforms from suit for removing content from their sites, a panel of the U.S. Court of Appeals for the Second Circuit unanimously held that Section 230 of the...more
The United Kingdom’s Information Commissioner’s Office (ICO) finalized a new Code of Practice (the Code) in September 2020, which applies to most companies that offer online services to or otherwise collect personal data from...more
2/5/2021
/ Certifications ,
COPPA ,
Data Collection ,
Data Protection ,
EU ,
EU Data Protection Laws ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
Minor Children ,
Online Safety for Children ,
Personal Data ,
Privacy and Electronic Communications Regulation 2003 (PECR). ,
Privacy Disclosures ,
Privacy Laws ,
UK
Concerns are mounting for companies around the world as they consider their ability to transfer data from the EU following the recent decision by the Court of Justice of the European Union in Data Protection Commissioner v....more
1/11/2021
/ Cooperation Agreement ,
Data Protection ,
Data Transfers ,
EU ,
EU-US Privacy Shield ,
European Commission ,
European Court of Justice (ECJ) ,
European Data Protection Board (EDPB) ,
European Economic Area (EEA) ,
FISA ,
General Data Protection Regulation (GDPR) ,
New Guidance ,
Personal Data ,
Schrems I & Schrems II ,
Standard Contractual Clauses ,
UK ,
UK Brexit
When Apple announced that one of the major focuses of iOS 14 would be enhancing user privacy, many in the tech community had questions. How would these changes be rolled out? How would they affect not only the mobile...more
11/3/2020
/ Advertising ,
App Developers ,
Apple ,
Consent ,
Data Collection ,
Data Privacy ,
Data-Sharing ,
Disclosure ,
Mobile Apps ,
Online Privacy Protection Act ,
Online Safety for Children
California AG Sends Initial Notices of Potential CCPA Non-Compliance.
Although the California Consumer Privacy Act (CCPA) became effective January 1, 2020, the California Attorney General (AG) was restricted from beginning...more
In a landmark opinion issued on July 16, 2020, the European Court of Justice overturned the EU-U.S. Privacy Shield, less than four years after the European Commission decision that the privacy principles of the EU-U.S....more
From antiquity through the middle ages, the authenticity of a document’s signature was confirmed by using a signet ring pressed into a wax seal. The signet was unique to the signer, so the presence of the stamp on a document...more
Revised Proposed Regulations. Just when you exhaled after the January 1, 2020, effective date of the California Consumer Privacy Act, on February 10, the California attorney general released modifications to the draft of the...more
In 2019, we published analysis to help tech and life sciences companies navigate U.S. tax law changes, an evolving IP landscape and new privacy regulations such as the California Consumer Privacy Act. We also tracked venture...more
1/8/2020
/ ABC Test ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Convertible Debt ,
Corporate Governance ,
Data Privacy ,
Debt Financing ,
Direct Listing ,
Diversity ,
Emerging Technology Companies ,
Employer Liability Issues ,
Foreign Tax Credits ,
Hiring & Firing ,
Independent Contractors ,
Intellectual Property Litigation ,
Intellectual Property Protection ,
Internal Revenue Code (IRC) ,
IRS ,
Life Sciences ,
Misclassification ,
New Guidance ,
Pharmaceutical Industry ,
Privacy Laws ,
Proposed Regulation ,
Proxy Season ,
Silicon Valley ,
Startups ,
Tax Credits ,
Tax Cuts and Jobs Act ,
Venture Capital ,
Withholding Tax ,
Woman Board Members
Eight Weeks and Counting to the Deadline. The California Consumer Privacy Act (CCPA) becomes effective on Jan. 1, 2020. With the compliance deadline rapidly approaching, the finish line seems farther away than ever. In this...more
11/7/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Brokers ,
Data Privacy ,
Employee Privacy Rights ,
Human Resources Professionals ,
Personal Information ,
Privacy Laws ,
Private Right of Action ,
Public Comment
On September 4, 2019, the U.S. Federal Trade Commission announced Google and YouTube will pay a record $170 million as part of a settlement over allegations that YouTube violated the Children’s Online Privacy Protection Act...more
9/23/2019
/ Communications Decency Act ,
COPPA ,
Cybersecurity ,
Data Collection ,
Federal Trade Commission (FTC) ,
Google ,
Mobile Apps ,
Online Advertisements ,
Online Safety for Children ,
Parental Consent ,
User-Generated Content ,
Website Owner Liability ,
Websites ,
YouTube
Pursuing negligence claims in the Eighth Circuit following a data breach just got harder. On May 31, 2019, the U.S. Court of Appeals for the Eighth Circuit again dismissed the data breach claims in In re SuperValu, Inc....more
6/6/2019
/ Actual Damages ,
Article III ,
Consumer Information ,
Consumer Protection Laws ,
Cybersecurity ,
Data Breach ,
FTC Act ,
Future Harm ,
Leave to Amend ,
Negligence ,
Popular ,
Standing ,
Unfair or Deceptive Trade Practices ,
Uniform Trade Secrets Acts ,
Unjust Enrichment
The Federal Trade Commission is putting more teeth into the multiyear compliance obligations of consent orders it enters into with companies to settle enforcement actions related to data breaches. The FTC recently issued a...more
5/30/2019
/ Best Practices ,
Consent Order ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Information Security ,
Personal Data ,
Risk Management ,
Security Risk Assessments ,
Vendor Contacts
The deadline for the United Kingdom to leave the European Union continues to be a moving target, with the latest extension placing Brexit no later than October 31, 2019, (Halloween). Whatever the final date, Brexit need not...more
The U.S. Court of Appeals for the Third Circuit added its voice to the chorus of circuit courts of appeal that have held that alleged procedural violations of the Fair and Accurate Credit Transactions Act (FACTA), such as the...more
3/14/2019
/ Appeals ,
Article III ,
Debit and Credit Card Transactions ,
Dismissals ,
FACTA ,
Identity Theft ,
Injury-in-Fact ,
J Crew ,
Privacy Concerns ,
Retailers ,
Standing ,
Statutory Violations
On February 27, 2019, the U.S. Federal Trade Commission announced a record-setting $5.7 million fine to popular short-form video sharing platform TikTok, formerly known as Musical.ly, as part of a consent order over...more
3/12/2019
/ COPPA ,
Data Collection ,
Due Diligence ,
Enforcement Actions ,
Extraterritoriality Rules ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Mergers ,
Online Safety for Children ,
Parental Consent ,
Privacy Policy ,
Website Owner Liability
In a highly anticipated ruling, the Illinois Supreme Court on January 25, 2019, held that plaintiffs who violated the Illinois Biometric Information Privacy Act — which regulates the collection of biometric information such...more
1/30/2019
/ Actual Injuries ,
Amusement Parks ,
Appeals ,
Article III ,
Biometric Information ,
Biometric Information Privacy Act ,
Data Collection ,
Data Privacy ,
Fingerprints ,
IL Supreme Court ,
Injunctive Relief ,
Liquidated Damages ,
Parental Consent ,
Personally Identifiable Information ,
Private Right of Action ,
Putative Class Actions ,
Risk Mitigation ,
Standing ,
Statutory Violations
Last week, the U.S. Supreme Court held unanimously that when an arbitration delegates gateway issues of arbitrability to the arbitator to decide, a court may not consider questions of arbitrability, even where the party...more
1/15/2019
/ Appeals ,
Arbitration ,
Arbitration Agreements ,
Arbitrators ,
Contract Terms ,
Exceptions ,
Federal Arbitration Act ,
Henry Schein Inc v Archer and White Sales Inc ,
Judicial Review ,
Motion to Compel ,
Question of Arbitrability ,
Remand ,
SCOTUS ,
Vacated ,
Wholly Groundless Doctrine
The Pennsylvania Supreme Court recently held that employers have “a legal duty to safeguard” the personal data of their employees which is stored on internet-accessible computer systems and that the economic loss doctrine...more
12/20/2018
/ Breach of Duty ,
Breach of Implied Contract ,
Class Action ,
Corporate Counsel ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Data Storage ,
Duty to Protect ,
Economic Damages ,
Economic Loss Doctrine ,
Employer Liability Issues ,
Hackers ,
Identity Theft ,
Negligence ,
PA Supreme Court ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Reasonable Care ,
Remand ,
Reversal
As the U.S. Supreme Court kicks off its 2018 term this week, it prepares to take up a series of firsts, including questions about the America Invents Act, securities fraud and privacy-related class action litigation. At the...more
10/2/2018
/ America Invents Act ,
Arbitration ,
Arbitration Agreements ,
Class Action ,
Class Arbitration ,
Class Members ,
Contract Interpretation ,
Copyright ,
Copyright Infringement ,
Copyright Litigation ,
Corporate Counsel ,
Cy Pres Funds ,
Federal Arbitration Act ,
Fee Awards ,
Intellectual Property Protection ,
Life Sciences ,
Patent Litigation ,
Patents ,
Pharmaceutical Industry ,
Prior Art ,
Privacy Laws ,
SCOTUS ,
Securities and Exchange Commission (SEC) ,
Securities Fraud ,
Settlement ,
Split of Authority ,
Technology Sector ,
The Copyright Act ,
Video Games
In a ruling that increases liability for companies that use text messaging for marketing or communicating with customers, the U.S. Court of Appeals for the Ninth Circuit adopted an expansive definition of what constitutes an...more
9/28/2018
/ Appeals ,
ATDS ,
Auto-Dialed Calls ,
FCC ,
Reversal ,
Smartphones ,
Split of Authority ,
Statutory Interpretation ,
Summary Judgment ,
TCPA ,
Telecommunications ,
Telemarketing ,
Text Messages