Universal Consent: Building Beyond Cookie Consent
Data Dividend: What is Personal Data Worth?
Privacy Litigation Trends: Meta Pixels, Cookie Opt-Out, and Sale of Data
Data Revolution: How U.S. Privacy Laws Change the Way Data Should be Managed by Retail and Tech Industries
Fashion Counsel: Privacy in the Retail Fashion Industry
E8: Interview with Cookiebot CEO on Technical Solutions to GDPR Readiness
A California federal court recently ruled that disclosure of certain data collected through website cookies that may qualify as health information could trigger a data breach under the California Consumer Privacy Act (CCPA) –...more
In the latest iteration of privacy claims, California plaintiffs have begun filing lawsuits against online retailers using online tracking technologies to collect IP addresses under a new theory—plaintiffs allege such...more
On March 18, 2024, the Office of Civil Rights (“OCR”) within the Department of Health and Human Services (“HHS”) updated prior guidance concerning the use of online tracking technologies, including cookies, by Covered...more
FTC Announces Proposed Settlement with Software Provider to Settle Allegations that its Inadequate Security Safeguards Led to Cyberattack - On February 1, 2024, the Federal Trade Commission (“FTC”) announced a proposed...more
From October 3rd to 5th in Boston, the Attorney General Alliance (AGA) held a series of working group meetings focused on topics uppermost in the minds of state AGs: cybersecurity, organized retail crime (ORC) and cannabis....more
Earlier this month, the United States Department of Health and Human Services’ Office of Civil Rights (“OCR”), the organization that has jurisdiction over enforcement of the Health Insurance Portability and Accountability Act...more
In the tech space, the tools at our disposal and the associated terminology fluctuate more than the late, great Prince decided to change his stage name. This time up, the “Artist Formerly Known as Universal Analytics” had a...more
Recent decisions from the European Union (EU) have placed renewed focus on the use of common cookies used on ecommerce and other websites used by consumers and employees and transfers of personal data collected through...more
United Kingdom New Standard Contractual Clauses Submitted to Parliament - The United Kingdom has finalized its new International Data Transfer Agreement and Addendum to the new EU standard contractual clauses. Subject to...more
On 19 January 2022, the European Data Protection Board (EDPB) announced the outcomes of its plenary session that took place earlier this week. The EDPB adopted new guidelines that provide guidance on various aspects of data...more
The California Consumer Privacy Act (CCPA), considered one of the most expansive U.S. privacy laws to date, went into effect on January 1, 2020. The CCPA placed significant limitations on the collection and sale of a...more
The German Data Protection Conference (DSK) issued guidance on the Federal Act on the Regulation of Data Protection and Privacy in Telecommunications and Telemedia (‘TTDSG’), which went into effect on December 1, 2021...more
France’s data protection authority (CNIL) has proved again its determination to continue its enforcement strategy by issuing some 30 new formal notices to comply with its new guidelines on cookies on December 14, 2021....more
Across the economy, businesses are using digital technology to pivot into innovative service lines, accelerate growth and transform their businesses altogether. These businesses’ digital strategies and data assets play...more
A cynical online commenter once wrote this about the data collection practices of the online news site Digg: “If you are not paying for it, you’re not the customer; you’re the product being sold.” This is true of almost...more
The Virginia Consumer Data Protection Act (CDPA) overwhelmingly passed both legislative chambers this month and is expected to be signed by the Governor in the coming weeks with an effective date of January 1, 2023. Best...more
The regulation of cookies and similar tracking technologies is rapidly evolving, not only in the European Union and United Kingdom but also in the United States and globally. If you have visited a website recently, you might...more
This quarterly update highlights some of the international data protection issues that have caught our attention, and the attention of our clients, in the past three months....more
It’s generally recognized that the General Data Protection Regulation (GDPR) can apply to entities outside the European Union. However, scant court rulings guide non-European controllers and processors on this question. The...more
Website operators are not permitted to use cookies and similar tracking technologies for analysis and marketing purposes without the informed consent of users, if this involves sharing personal data with third parties and...more
On 7 December 2020, the French supervisory authority CNIL (Commission nationale de l’informatique et des libertés, French data protection authority) imposed substantive fines on Amazon and Google for allegedly placing...more
This week’s Update features two stories on the growing (temporary?) phenomenon of using hotel guest rooms and other public spaces for those seeking an alternative arrangement to working from home and how those new remote work...more
What is open-source software? To ask the question is almost to answer it. Open source software (OSS) simply describes software code that is distributed on an “open-source” basis – which means, in a way that allows others to...more
A new class action against Google in federal court in San Jose, Calif., claims that Google's collection of web browsing data from individuals who have enabled "private browsing mode" violates the Federal Wiretap Act, 18...more
In this month's edition of our Privacy & Cybersecurity Update, we examine the Seventh Circuit's ruling finding standing for an Illinois Biometric Information Privacy Act claim, the European Data Protection Board's updated...more