Technology Law Source

Archives: Privacy

Subscribe to Privacy RSS Feed

October Privacy and Security Roundup: Cryptocurrencies endure scrutiny, China’s Privacy Law goes into effect and new EU SCCs now required

Across the globe, concerns continue regarding cryptocurrencies and digital currency exchanges. In the October edition of our Privacy and Security Roundup, we dive into the latest details surrounding OFAC’s efforts to stifle ransomware attacks, how organizations should carefully assess the new Personal Information Protection Law in China, the new EU Standard Contractual Clauses requirement effective … Continue Reading

Privacy and Security Roundup: Ransomware attack causes gasoline shortages, a new executive order to enhance cyber security and raising the stakes for trans-Atlantic data transfers

The past few weeks have provided some big developments in the area of data privacy and security. In this Privacy and Security Roundup, we cover a ransomware attack on the largest oil pipeline in the U.S., an Executive Order from President Joe Biden to enhance U.S. cybersecurity and potential mandatory reporting/sharing requirements, the U.S. Supreme … Continue Reading

Privacy and Security Roundup: The FBI removes malicious web shells from Microsoft Exchange Servers, clarity on auto-dialers and new privacy legislation

The technology industry is constantly evolving and trusted legal advice is more important than ever. The attorneys in our Privacy and Data Security practice group are proud to offer a new blog series to provide curated data privacy and security news, developments and things to know moving forward. We will provide analysis designed to keep … Continue Reading

A different approach—Virginia’s Consumer Data Protection Act

With Virginia Gov. Ralph Northam’s signature on March 2, 2021, Virginia, a bit surprisingly, became the second state to set comprehensive rules for how companies handle and share personal information. Virginia’s Consumer Data Protection Act (CDPA) will go into effect on Jan. 1, 2023, incidentally the same day as the California Privacy Rights Act (CPRA), … Continue Reading

Consumer privacy protection in recent state legislation

Special thanks to Emily Cunningham, Porter Wright law clerk, for her assistance on this article. Since California passed the California Consumer Privacy Act (CCPA), many states have introduced similar consumer data privacy legislation, but so far only Maine and Nevada have passed legislation successfully. Nevada focuses on internet website operators, whereas Maine focuses on broadband internet … Continue Reading

The GDPR: A year in review

On May 25, 2018, the General Data Protection Regulation (GDPR) became effective across the European Union. The GDPR is a regulation designed to give EU residents control over their personal data and simplify the regulatory framework for international organizations doing business in the EU. In its infancy, it was not entirely clear how the GDPR … Continue Reading

China’s draft measure on cross-border personal information transfer

On June 13, 2019, the Cyberspace Administration of China (CMA, 国家互联网信息办公室), an office that serves as China’s central internet regulator and censor, released the draft Measures for Security Assessment of Cross-border Transfer of Personal Information (the Measure, 个人信息出境安全评估办法) for public comment. Following is a brief analysis on how this Measure, if adopted, could affect U.S. … Continue Reading

Riding the waves of U.S. data privacy legislation

Much has been written about the European General Data Protection Regulation (GDPR). Commentators have touted the EU’s supposedly superior data protection regimen. But don’t lose focus on what is happening within the U.S. and the implications for U.S. companies that may not be focused on GDPR requirements. Even companies that are GDPR focused may not … Continue Reading

Trends in behavioral advertising: What you need to know about cross-device tracking

The Federal Trade Commission (FTC) recently issued a staff report (available here) on the trend to link consumers’ online behavior across multiple devices. Among other recommendations, the FTC suggests that companies not track sensitive information which may include health, financial, children’s and precise geolocation information without the consumers’ affirmative express consent. The FTC also recommends … Continue Reading

Are you a criminal because you share your Netflix password?

The United States Court of Appeals for the 9th Circuit continues to decide high profile cases that interpret the key provisions of the Computer Fraud and Abuse Act (CFAA). This post summarizes two July decisions from the court—one that sent the internet into a frenzy, and one that somewhat assuaged those fears. Overview of the … Continue Reading

Porter Wright announces the 2016 Technology Seminar Series

Porter Wright continues its tradition of providing cutting-edge information about how technology affects your business with the 2016 Technology Seminar Series, beginning  May 18. This year’s sessions are: May 18: Big Data, Data Analytics & the Law 2016: What Your Company Needs to Know About the Evolution of the Next Big Thing “Big data” is one of today’s … Continue Reading

Big data and what can be done with it

Our colleagues at AntirustLawSource.com recently shared parts one and two in a three part podcasting series; “Big data and what can be done with it.” Podcast host and editor, Jay Levine, talks with Phil Rist, executive vice president of Prosper Business Development, about challenges and opportunities for big data in 2016. From the internet of things providing more data available … Continue Reading

Minimizing the damages of health care data breaches

Our colleagues over at Antitrust Law Source recently published a podcast on the inevitable health care data breach and how you can lessen the damages. Some key issues include: when to review data security policies, how to prepare for a potential breach and how to deal with third-party vendor access. Listen to the podcast to … Continue Reading

CRTC claims its first victim under Canada’s anti-spam law

Canada’s anti-spam law (CASL), enforced by the Canadian Radio-television and Telecommunications Commission (CRTC), requires that businesses and organizations secure a recipient’s express or implied consent before sending “commercial electronic messages” (CEM). A CEM is any electronic message that encourages participation in a commercial activity, such as a coupon or message about a promotion of the … Continue Reading

Leading European privacy law conference points to key themes, suggests strategic directions

A few weeks ago, more than 1,000 academics, legal practitioners and government officials convened for one of Europe’s premier privacy law events: the Computers, Privacy and Data Protection (CPDP) conference in Brussels, Belgium. Europeans dominated this crowd but a significant number of participants from other countries, including the U.S., made this a truly international gathering. I … Continue Reading

Warrant required for cell phone searches

A recent U.S. Supreme Court decision provides “a very clear and straightforward message” to law enforcement: You must obtain a warrant to search the contents of any cell phone. Kelly Johnson provides a review of the court’s decision in his article, “Privacy Comes at a Cost — Warrant Required for Cell Phone Search,” published by … Continue Reading

App developers should beware of the risks associated with transmitting data from a user’s mobile device to external servers

The availability of third-party keyboard apps on the new iOS 8 operating system for Apple mobile devices created quite a buzz. It also served as a reminder for any developer of apps that transmit data or communications from a user’s host device to external servers to be cognizant of the risks associated with such data … Continue Reading

Sony Data Hack: “You Can’t Lose What You Ain’t Never Had”

Back in the 1960’s, legendary bluesman Muddy Waters wrote a song called “You Can’t Lose What You Ain’t Never Had.” Now, it is Sony Pictures that is singing the blues, as damages continue to mount following the cyber attack on its data networks just before Thanksgiving. A shadowy group with possible connections to the North … Continue Reading

What have you done with your data?

Companies have moved in droves to allow hosting partners to store their mission critical applications — along with valuable business information, trade secrets and customer data — in the cloud. Saving money is great, but do you know where all of your data is at all times, and, more importantly, how secure is it? Every … Continue Reading

Texas Federal Court decision illustrates need for BYOD policies

Saman Rajaee was a salesman for Design Tech Homes. He used his personal iPhone to connect to his employer’s Microsoft Exchange Server, which allowed him to access his work-related email, contacts and calendar from his phone. Design Tech did not have a BYOD policy. When Rajaee’s employment terminated, Design Tech remotely wiped his phone, which … Continue Reading
LexBlog