DEVELOPMENTS & COMMENTARY

INSIGHT: Cracking Open a Can of Worms: Why Carpenter v. United States May Not Be the Privacy Decision That Was Needed or Wanted

This article was originally published in Bloomberg Law on July 9, 2018.

 

On June 22, 2018, the United States Supreme Court appeared to establish a new standard for privacy rights when its decision in Carpenter v. United States, 2018 BL 222220 (2018), held that the government’s acquisition

Vermont Enacts Nation’s Most Stringent Automatic Renewal Law

On May 28, 2018, the Vermont legislature enacted the most stringent automatic renewal statute in the country. While similar to some state laws that govern auto-renewal contracts by requiring sellers to clearly and conspicuously disclose the material terms of the offer, obtain express consumer consent, provide an easy way to

The Clock is Ticking!: The Types of Cybersecurity Disclosures Required by the Securities and Exchange Commission

On February 21, 2018, the Securities and Exchange Commission (SEC) “voted unanimously to approve a statement and interpretive guidance to assist public companies in preparing disclosures about cybersecurity risks and incidents.”[1] The SEC did not wait long for the public to absorb this guidance. On April 24, 2018, the

Vacation is Canceled!: Consumer Reporting Agencies Must Satisfy First-in-the-Nation N.Y. Cybersecurity Regulations by the Fall

On June 25, 2018, the New York Department of Financial Services (“NYDFS”) issued a final regulation (the “Regulation”) requiring consumer reporting agencies with “significant operations” in New York to (1) register with NYDFS for the first time and (2) comply with the NYDFS’s cybersecurity regulation. Under the Regulation, consumer reporting

California Consumer Privacy Act: A Rapid Q&A

California enacted the nation’s most extensive consumer privacy law on Thursday after only a week of legislative debate. The California Consumer Privacy Act of 2018 (“CCPA”) was passed quickly to prevent a privacy ballot initiative and creates extensive notice, opt-out/opt-in, access, and erasure rights for consumers vis-à-vis businesses that collect

RESOURCES & UPDATES

IAPP Web Conference Featuring Adam Greene: Health Information Privacy and Security Trends

In the highly regulated space of health information privacy and security, it’s important to keep up to date on policy developments and enforcement action trends. The U.S. Department of Health and Human Services Office for Civil Rights is responsible for the enforcement of the Health Insurance Portability and Accountability Act

WEBINAR – Breaking Update: New California Consumer Privacy Act

In a first of its kind US privacy law, California residents will be granted new online privacy protections under the recently passed California Consumer Privacy Act of 2018. Join Christin McMeley and OneTrust privacy management software on this webinar to dive into the details of what this new law means

Early Lessons of the GDPR and ePrivacy Directive

Early Lessons of the GDPR and ePrivacy Directive

July 10 at 1:00 p.m. EDT

The implementation of the European Union’s General Data Protection Regulation (GDPR) on May 25 ushered in a new era of data restrictions and data protection obligations for all industries, particularly digital advertising, on a global scale.

What Lawyers Need to Know About Security Techniques and Technologies to Mitigate Breach Risk (Part Three of Three)

This article was first published in the Cybersecurity Law Report.

IT has an indisputably important role in implementing a defense-in-depth cybersecurity strategy, however, the legal team is also a crucial part of a company’s cyber program. With input from technical and legal experts, including DWT’s Amy Mushahwar, this

Want to Play a GDPR Breach Notice War Game?

Cyber risks are constantly evolving, but the General Data Protection Regulation (GDPR) adds a new complication to a company’s incident response procedure. Notice within a 72-hour time frame to the appropriate Data Protection Authorities.

Please join us for a mock crisis conference call of a client with data in the

LexBlog