Big California Privacy News: Legislative and Enforcement Updates

Privacy never sleeps in California.  In recent days and as California’s legislative session comes to a close, there have been a number of significant legislative and regulatory developments in the state, each of which will likely (again) change the privacy landscape in California and, by extension, the rest of the country.  For businesses operating in California or whose websites, products or services reach California residents, these changes mean new compliance obligations, some of which could require significant investments of time and resources.  The impact of these changes highlight once again how the United States lacks a consistent national policy on privacy that could be set by a comprehensive federal privacy law.  (more…)

, , , ,

SEC Encourages Self-Reporting of Recordkeeping Violations Resulting From Employees’ Use of Personal Devices for Business Communications

On December 17, 2021, the U.S. Securities and Exchange Commission (SEC) announced settled charges against a broker-dealer firm for recordkeeping violations arising from its employees’ use of personal devices for business communications. The firm agreed to pay a $125 million penalty and to retain a compliance consultant to conduct a comprehensive review of its policies and procedures relating to the retention of electronic communications found on personal devices. In announcing this enforcement action, the SEC encouraged registrants to self-report similar failures to the SEC. (more…)

, , ,

Is the SEC Coming for Your Texts? SEC’s New Enforcement Director Telegraphs a Warning to Registrants About Improper Use of Personal Devices for Business-Related Communications

The U.S. Securities and Exchange Commission (SEC) Division of Enforcement is stepping up investigative efforts looking at registered firms’ use of personal devices for business communications, which can implicate their recordkeeping obligations and result in failure to retain and produce responsive business-related communications in SEC investigations. These risks are particularly acute in the current work-from-home posture at many firms, where employees may more easily blur the line between personal and business communications. Firms should review their policies, procedures, and communication monitoring to ensure that employees are not engaging in business-related communications outside of the firm’s official channels and in a manner that the firm is unable to capture and preserve if required.

(more…)

, ,
Stephen L. Cohen

Washington, D.C., Boston, ...

scohen@sidley.com

Supreme Court Limits Scope of Computer Fraud and Abuse Act

It is a common story: An employee who knows he is about to leave his employer for a competitor uses his last days of computer access to download (or email himself) confidential information from his employer’s network. Once his employer discovers the misappropriation, the employee has moved on to his next job, leaving the employer scrambling to protect itself, often through a tangle of state-law tort and trade-secret claims.

(more…)

, ,

An Early Recap of Privacy in 2020: A US Perspective

*This article was adapted from “Global Overview,” appearing in The Privacy, Data Protection and Cybersecurity Law Review (7th Ed. 2020)(Editor Alan Charles Raul), published by Law Business Research Ltd., and first published by the International Association of Privacy Professionals Privacy Perspectives series on September 28, 2020.

Privacy, like everything else in 2020, was dominated by the COVID-19 pandemic. Employers and governments have been required to consider privacy in adjusting workplace practices to account for who has a fever and other symptoms, who has traveled where, who has come into contact with whom, and what community members have tested positive or been exposed.

As a result of all this need for tracking and tracing, governments and citizens alike have recognized the inevitable trade-offs between exclusive focus on privacy versus exclusive focus on public health and safety.

(more…)

, , , , , , , , , , , , , , , , , , ,
Alan Charles Raul

Washington, D.C., New York

araul@sidley.com

COVID-19 – Privacy and Cybersecurity: An Action Plan For Business

As the COVID-19 pandemic evolves, companies should not lose sight of the privacy, data protection and cybersecurity implications of the new and sudden digital reality. This Action Plan sets out some key issues and recommendations to consider as your business manages this rapidly developing dynamic and considers protocols to support the workforce and mitigate risk in a transition back to work. (more…)

, ,

COVID-19 – Return to Work: European and U.S. Privacy and Employment Law Issues

The novel COVID-19 global pandemic continues to raise numerous issues for employers and consequences for employees across all industries. This situation is without precedent in modern times and is extremely dynamic with rapidly occurring new developments, guidance and issues that will impact employers. In this webinar, we consider the privacy and employment law issues for employees returning to work, and discuss strategies to deal with this situation in a holistic and coordinated manner.

REGISTER FOR THIS WEBINAR

, , ,

COVID-19: Walking the Line Between Worker Safety and Privacy

The COVID-19 pandemic poses unprecedented challenges for employers. Businesses must walk the line between keeping workers safe and respecting their privacy. How do employers ensure a safe and healthy workplace? And how do they manage layoffs, furloughs and benefits in this rapidly deteriorating economic environment? Our latest episode of The Sidley Podcast grapples with those questions and many others. Join host and Sidley partner Sam Gandhi as he speaks with two of Sidley’s thought leaders on the critical issues that employers face—Wendy Lazerson, co-chair of Sidley’s Labor and Employment practice, and Kate Heinzelman, who advises clients on privacy and cybersecurity issues.

(more…)

,

Chambers 2020 Global Practice Guides for Data Protection & Privacy and Cybersecurity Available

The updated 2020 Chambers Global Practice Guides for Data Protection & Privacy and Cybersecurity, edited by Alan Charles Raul, are available, covering important developments across the globe and bringing expert legal commentary for businesses.  Read the intros to each Guide here and here.

, , , , , , , ,

COVID-19 – European and U.S. Privacy and Employment Law Issues

A discussion on the latest European and U.S. privacy and employment law issues with COVID-19 and strategies to deal with this situation in a holistic and coordinated manner. In particular, we consider the latest guidance from Data Protection Authorities, how to develop a privacy protocol that deals with the GDPR and U.S. privacy issues and UK and U.S. employment law issues and latest developments related to COVID-19.

View the webinar here.

,