Feb 6, 2018

EU-US Privacy Shield: Frequently Asked Questions

Data Transfer

What is the EU-U.S. Privacy Shield? The EU-U.S. Privacy Shield (the “Privacy Shield”) is a framework designed by the U.S. Department of Commerce and the European Commission to provide companies in the U.S. and in the EU with a means to comply with data protection laws and regulations when transferring personal data between the U.S…. Read more


Jan 30, 2018

General Data Protection Regulation: Frequently Asked Questions

GDPR Compliance

What is the General Data Protection Regulation? The General Data Protection Regulation (the “GDPR”) (Regulation (EU) 2016/679) is a European Union regulation intended to harmonize data privacy laws across Europe and increase data privacy protections for all European Union citizens.  The GDPR was approved by the European Council and Parliament on April 14, 2016 and… Read more


Jan 23, 2018

Cybersecurity in M&A Transactions: Frequently Asked Questions

Cybersecurity Handshake

1. What types of transactions implicate cybersecurity and data privacy concerns? Cybersecurity and data privacy concerns arise in many different types of M&A transactions, but greater focus on potential cybersecurity and data privacy issues should be directed toward transactions involving (a) a target company that operates in certain highly regulated industries, (b) the acquisition of… Read more


Aug 28, 2017

Is Your Website a “Place of Public Accommodation” Under the Americans with Disabilities Act?

e-commerce

What do burgers and art supplies have in common? They are both sold on websites recently challenged by disabled plaintiffs. Blind plaintiffs have filed lawsuits alleging certain websites violate federal, state and city laws because they contain various access barriers and are not fully usable by the blind. This summer two federal courts in New York – the… Read more


Aug 3, 2017

Recent Cyber Insurance Decision Rejects Claim for Computer Fraud

are you covered?

A federal judge in Michigan recently granted summary judgment to Travelers in American Tooling Center, Inc. v. Travelers Casualty and Surety Company of America, Case No. 16-12108, United States District Court, Eastern District of Michigan.  That decision interpreted the “computer fraud” provision of Travelers’ insurance policy, finding no coverage for the insured for the losses… Read more


Jun 20, 2017

A Primer on the EU’s General Data Protection Regulation

Data Protection

Overview Over four years in the making, the General Data Protection Regulation (the “GDPR”) was approved by the European Council and Parliament on April 14, 2016 and will come into force beginning on May 25, 2018. In the wake of ever-increasing cyber security and data privacy threats across the globe, the GDPR is intended to… Read more


Apr 23, 2015

FTC Tracking Company Settlement Highlights Importance of Keeping Privacy Promises

By Brett Lockwood It has long been the Federal Trade Commission’s (FTC) position that if you make a privacy promise to consumers you should expect to be held to that promise.  The FTC’s complaint and its proposed settlement, announced on April 23, 2015, with Nomi Technologies, Inc. (Nomi) highlights this. Nomi’s tracking applications allow retailers to… Read more


Apr 19, 2015

Recent Cases Emphasize Clickwrap Basics

By Brett Lockwood Two court decisions in the past couple of months, both from federal courts in California, involving arbitration clauses in clickwrap agreements make clear that the manner in which affirmative assent to website terms is sought from a site’s users makes all the difference when enforceability of those terms is at issue. In… Read more


Apr 16, 2015

2015 Verizon Data Breach Investigations Report Released

By Brett Lockwood Earlier this week, Verizon released its annual Data Breach Investigations Report (DBIR) for 2015.  In the DBIR, Verizon, along with about 70 contributing organizations, presents an extensive survey and analysis of patterns and lessons from significant data breaches over the prior year.  While the 2015 DBIR offers a broad range of data… Read more


Apr 14, 2015

Can’t Just Phone In U.S.-E.U. Safe Harbor Compliance

Recent civil actions this month brought by the Federal Trade Commission (FTC) against two companies that allowed their certification under the U.S.-E.U. Safe Harbor Framework to lapse while still claiming to be compliant is a timely reminder that the Framework requires annual re-certification.  The FTC cited this lapse as a deceptive trade practice by each of… Read more