By Donna Ruscitti on Porter Wright is proud to announce that international business and privacy & data security attorney Katja Garvey has been elevated to serve as chair of the firm’s International Business & Trade Practice Group.… Continue Reading
By Diana Lingyu Jia, Donna Ruscitti and Porter Wright on Across the globe, concerns continue regarding cryptocurrencies and digital currency exchanges. In the October edition of our Privacy and Security Roundup, we dive into the latest details surrounding OFAC’s efforts to stifle ransomware attacks, how organizations should carefully assess the new Personal Information Protection Law in China, the new EU Standard Contractual Clauses requirement effective … Continue Reading
By Katja Garvey on On June 4, 2021, the European Commission (EC) adopted a modernized set of standard contractual clauses for international data transfers (New SCCs) aimed at better protection of the data businesses transfer out of the European Union (EU). These New SCCs, which will take effect on June 27, 2021, will replace the standard contractual clauses that … Continue Reading
By Donna Ruscitti and Porter Wright on The past few weeks have provided some big developments in the area of data privacy and security. In this Privacy and Security Roundup, we cover a ransomware attack on the largest oil pipeline in the U.S., an Executive Order from President Joe Biden to enhance U.S. cybersecurity and potential mandatory reporting/sharing requirements, the U.S. Supreme … Continue Reading
By Donna Ruscitti and Porter Wright on The technology industry is constantly evolving and trusted legal advice is more important than ever. The attorneys in our Privacy and Data Security practice group are proud to offer a new blog series to provide curated data privacy and security news, developments and things to know moving forward. We will provide analysis designed to keep … Continue Reading
By Porter Wright on With Virginia Gov. Ralph Northam’s signature on March 2, 2021, Virginia, a bit surprisingly, became the second state to set comprehensive rules for how companies handle and share personal information. Virginia’s Consumer Data Protection Act (CDPA) will go into effect on Jan. 1, 2023, incidentally the same day as the California Privacy Rights Act (CPRA), … Continue Reading
By Porter Wright on To start the year, New York lawmakers reintroduced the Biometric Privacy Act – Assembly Bill 27. The bill closely mirrors Illinois’ Biometric Information Privacy Act (BIPA), which has spawned compliance changes and hundreds of class action lawsuits, with some resulting in multimillion dollar settlements.… Continue Reading
By Porter Wright on Special thanks to Emily Cunningham, Porter Wright law clerk, for her assistance on this article. Since California passed the California Consumer Privacy Act (CCPA), many states have introduced similar consumer data privacy legislation, but so far only Maine and Nevada have passed legislation successfully. Nevada focuses on internet website operators, whereas Maine focuses on broadband internet … Continue Reading
By Porter Wright on On May 25, 2018, the General Data Protection Regulation (GDPR) became effective across the European Union. The GDPR is a regulation designed to give EU residents control over their personal data and simplify the regulatory framework for international organizations doing business in the EU. In its infancy, it was not entirely clear how the GDPR … Continue Reading
By Diana Lingyu Jia on On June 13, 2019, the Cyberspace Administration of China (CMA, 国家互联网信息办公室), an office that serves as China’s central internet regulator and censor, released the draft Measures for Security Assessment of Cross-border Transfer of Personal Information (the Measure, 个人信息出境安全评估办法) for public comment. Following is a brief analysis on how this Measure, if adopted, could affect U.S. … Continue Reading
By Donna Ruscitti on Much has been written about the European General Data Protection Regulation (GDPR). Commentators have touted the EU’s supposedly superior data protection regimen. But don’t lose focus on what is happening within the U.S. and the implications for U.S. companies that may not be focused on GDPR requirements. Even companies that are GDPR focused may not … Continue Reading
By Porter Wright on The Federal Trade Commission (FTC) recently issued a staff report (available here) on the trend to link consumers’ online behavior across multiple devices. Among other recommendations, the FTC suggests that companies not track sensitive information which may include health, financial, children’s and precise geolocation information without the consumers’ affirmative express consent. The FTC also recommends … Continue Reading
By Jason Gerken on The United States Court of Appeals for the 9th Circuit continues to decide high profile cases that interpret the key provisions of the Computer Fraud and Abuse Act (CFAA). This post summarizes two July decisions from the court—one that sent the internet into a frenzy, and one that somewhat assuaged those fears. Overview of the … Continue Reading
By Donna Ruscitti on Porter Wright continues its tradition of providing cutting-edge information about how technology affects your business with the 2016 Technology Seminar Series, beginning May 18. This year’s sessions are: May 18: Big Data, Data Analytics & the Law 2016: What Your Company Needs to Know About the Evolution of the Next Big Thing “Big data” is one of today’s … Continue Reading
By Porter Wright on Our colleagues at AntirustLawSource.com recently shared parts one and two in a three part podcasting series; “Big data and what can be done with it.” Podcast host and editor, Jay Levine, talks with Phil Rist, executive vice president of Prosper Business Development, about challenges and opportunities for big data in 2016. From the internet of things providing more data available … Continue Reading
By Donna Ruscitti on Our colleagues over at Antitrust Law Source recently published a podcast on the inevitable health care data breach and how you can lessen the damages. Some key issues include: when to review data security policies, how to prepare for a potential breach and how to deal with third-party vendor access. Listen to the podcast to … Continue Reading
By Porter Wright on Canada’s anti-spam law (CASL), enforced by the Canadian Radio-television and Telecommunications Commission (CRTC), requires that businesses and organizations secure a recipient’s express or implied consent before sending “commercial electronic messages” (CEM). A CEM is any electronic message that encourages participation in a commercial activity, such as a coupon or message about a promotion of the … Continue Reading
By Porter Wright on A few weeks ago, more than 1,000 academics, legal practitioners and government officials convened for one of Europe’s premier privacy law events: the Computers, Privacy and Data Protection (CPDP) conference in Brussels, Belgium. Europeans dominated this crowd but a significant number of participants from other countries, including the U.S., made this a truly international gathering. I … Continue Reading
By Porter Wright on A recent U.S. Supreme Court decision provides “a very clear and straightforward message” to law enforcement: You must obtain a warrant to search the contents of any cell phone. Kelly Johnson provides a review of the court’s decision in his article, “Privacy Comes at a Cost — Warrant Required for Cell Phone Search,” published by … Continue Reading
By Porter Wright on The availability of third-party keyboard apps on the new iOS 8 operating system for Apple mobile devices created quite a buzz. It also served as a reminder for any developer of apps that transmit data or communications from a user’s host device to external servers to be cognizant of the risks associated with such data … Continue Reading
By Jay L. Levine on At the end of last month, Boston hospital Beth Israel Deaconess Medical Center (BIDMC) settled a data breach lawsuit brought by the Massachusetts Attorney General related to the 2012 theft of a physician’s laptop. Under a consent decree entered on Nov. 20, 2014, BIDMC agreed to pay $100,000 and to take a number of steps … Continue Reading
By Brian Hall on Back in the 1960’s, legendary bluesman Muddy Waters wrote a song called “You Can’t Lose What You Ain’t Never Had.” Now, it is Sony Pictures that is singing the blues, as damages continue to mount following the cyber attack on its data networks just before Thanksgiving. A shadowy group with possible connections to the North … Continue Reading
By Donna Ruscitti on Companies have moved in droves to allow hosting partners to store their mission critical applications — along with valuable business information, trade secrets and customer data — in the cloud. Saving money is great, but do you know where all of your data is at all times, and, more importantly, how secure is it? Every … Continue Reading
By Porter Wright on The holiday season is upon us and by the end of the year, Americans will have spent approximately $600 billion shopping in stores and online. By now, most consumers are aware of a broad range of risks associated with the holidays. We try not to leave packages in our cars in the mall parking lot, … Continue Reading