Category

General

14 May 2019

DataGuidance by OneTrust Speak to William Long About Data Protection Issues in the Financial Sector

William Long, partner and global co-leader of at Sidley’s Privacy and Cybersecurity practice, and has been working on global data privacy and information security matters for a number of years. In particular, William advises international clients on a wide variety of General Data Protection Regulation (Regulation (EU) 2016/679) (‘GDPR’), data protection, cybersecurity and financial services issues.

DataGuidance by OneTrust spoke with William about data protection issues in the financial services sector, and in particular about approaching compliance with the GDPR, sector-specific challenges, issues around Big Data, and cybersecurity.

Read the Full Interview

EmailShare
13 May 2019

Terms and Conditions: Recent Supreme Court Decisions Highlight There is More to Consider than Just the Privacy Policy

Your website is essential to your online business.  By developing and presenting an online presence, however, you take on legal obligations to your users.  It is, therefore, a timely exercise to stop and take stock of your terms and conditions in light of recent developments in the law, consumer expectations, and your legal risk profile.  The privacy policy has been getting a lot of attention lately as many websites, services and apps are rushing to get their new privacy policies in place in light of the California Online Privacy Protection Act (“CalOPPA”).  But updating the privacy policy is only one step in protecting your business in this digital economy. Terms and conditions are an important tool for limiting a company’s exposure to the various legal risks inherent in conducting business online.   Boilerplate provisions can leave you exposed and frustrate your customers.  Companies should critically consider the nature and needs of the business and transactions that may occur on their websites to determine what types of provisions will be beneficial and best practices for creating a binding contract.

Terms and conditions generally specify the rules governing the use of a website or mobile application.  Since every website is different, custom-drafted terms and conditions are necessary to protect a particular business.  Well-crafted terms and conditions might address issues such as payment, taxes, refunds, gift certificates, accounts, disclaimers, user behavior on your site, warranties and limitations on liability.

(more…)

EmailShare
06 May 2019

Fifth Annual Sidley Privacy and Cybersecurity Roundtable

We held our 5th Annual Privacy and Cybersecurity Roundtable on May 1, in Washington, D.C.  The event featured the Chair of the European Data Protection Board Andrea Jelinek and FTC Commissioner Noah Phillips.  Other government speakers represented the White House, UK’s Information Commissioner’s Office, and staff members from the U.S. Senate and House of Representatives.  Other distinguished panelists included Cam Kerry of Brookings and Jane Horvath from Apple.  The speakers addressed privacy and cybersecurity enforcement in the U.S. and EU, Brexit, Online Harms and the prospects for federal privacy legislation.  The insightful program was followed by a competition between the sausage-making (and brewing) achievements of leading privacy jurisdictions such as Brussels, California, Washington, D.C. and China (representing a privacy continuum!). Sidley also commemorated “20 Years of CyberLaw at Sidley” – two decades since the founding of today’s Privacy and Cybersecurity practice. We look forward to continuing to thrive and serve our clients. We hope to see you at next year’s Privacy and Cybersecurity Roundtable.

EmailShare
28 January 2019

European Commission Provides a Summary of the GDPR so far for Data Protection Day 2019

On January 25, 2019, the European Commission published a statement to mark Data Protection Day (January 28, 2019) which, this year, comes eight months after the entry into force of the General Data Protection Regulation (“GDPR”) on May 25, 2018.

The statement indicates that the European Commission considers the GDPR to have had a positive effect, in particular because European citizens are now more conscious of the importance of data protection and of their rights. The European Commission also notes that the Data Protection Authorities (“DPAs”) are enforcing the new rules and better coordinating their actions in the European Data Protection Board. (more…)

EmailShare
03 December 2018

Privacy Legislation Could Provide Common Ground for the Newly Divided Congress

*This article first appeared in the Hill.com on November 19, 2018

With the House having now flipped, policy consensus in Congress is not likely to get any easier. But there is one subject around which countries, companies, consumers and, yes, even Congress is increasingly converging. That issue is privacy. The new privacy zeitgeist follows years of data breaches as well as new concerns about invisible data collection, political micro-targeting and manipulation, the proliferation of internet-connected devices, and a potential lack of transparency in the decisions that machines increasingly make about us.

(more…)

EmailShare
26 November 2018

The Fifth Edition of The Privacy, Data Protection and Cybersecurity Law Review is Available

The fifth edition of The Privacy, Data Protection and Cybersecurity Law Review takes a look at the evolving global privacy, data protection and cybersecurity landscape in a time when mega breaches are becoming more common, significant new data protection legislation is coming into effect, and businesses are coming under increased scrutiny from regulators, Boards of Directors and their customers. Several lawyers from Sidley’s global Privacy and Cybersecurity practice have contributed to this publication. (more…)

EmailShare
02 October 2018

The Trump Administration’s Approach to Data Privacy, and Next Steps

* This article originally appeared in Law360 on September 27, 2018.

On Sept. 25, 2018, the Trump administration proposed an approach and initiated a process to modernize U.S. data privacy policy.  The administration’s approach is “risk-based” rather than rule-based, and, as such, signals a willingness to move away from a privacy model of mandated notice and choice that has “resulted primarily in long, legal, regulator-focused privacy policies and check boxes.” Rather, the administration is proposing that U.S. privacy policy “refocus” on achieving desirable privacy “outcomes,” such as ensuring that users are “reasonably informed” and can “meaningfully express” their privacy preferences, while providing organizations with the flexibility to continuing innovating with cutting-edge business models and technologies.

(more…)

EmailShare
24 September 2018

India’s New and Substantial Draft Data Privacy Bill

The expert committee set up by the Government of India recently published a new draft data privacy draft bill called the Personal Data Protection Draft bill 2018 along with a detailed companion report. This significant development brings India closer to a comprehensive law for personal data protection. The draft bill is modelled on the European Union’s General Data Protection Regulation (GDPR). If enacted into law, the draft bill would impose significant obligations on organizations, whether operating inside or outside India, including mandatory localization of personal data. The Government of India has invited comments to the draft bill by 30 September 2018. (more…)

EmailShare
16 August 2018

Coalition Groups Weigh In on CCPA Clean Up Legislation

On June 29, the day after California Governor Jerry Brown signed the California Consumer Privacy Act (CCPA) into law, Data Matters provided a summary of the important new legislation.  In doing so, we noted that the law was scheduled to go into effect on January 1, 2020 and that, if and when it did, it would be the “broadest privacy law in the United States” and “may well have an outsize influence on privacy laws nationwide.”  Because of this, we further predicted that “[t]he coming months will no doubt stimulate considerable legislative and litigation activity to test the acceptability of [the CCPA’s] effects on interstate commerce, free speech, commercial innovation, reasonable regulatory burdens and meaningful privacy protection.” (more…)

EmailShare
1 2 3 11
XSLT Plugin by BMI Calculator