Category

General

16 August 2018

Coalition Groups Weigh In on CCPA Clean Up Legislation

On June 29, the day after California Governor Jerry Brown signed the California Consumer Privacy Act (CCPA) into law, Data Matters provided a summary of the important new legislation.  In doing so, we noted that the law was scheduled to go into effect on January 1, 2020 and that, if and when it did, it would be the “broadest privacy law in the United States” and “may well have an outsize influence on privacy laws nationwide.”  Because of this, we further predicted that “[t]he coming months will no doubt stimulate considerable legislative and litigation activity to test the acceptability of [the CCPA’s] effects on interstate commerce, free speech, commercial innovation, reasonable regulatory burdens and meaningful privacy protection.” (more…)

EmailShare
16 July 2018

Privacy as a “Fundamental Right” Clouds Smart Regulation

*Originally Published July 12, 2018 by Chambers and Partners Data Protection & Cyber Security 2018

There is a lot going on with privacy around the world. As discussed in the chapters of this book, significant new laws are being adopted or taking effect, important judicial decisions are being decided to interpret existing legal requirements, and citizens are contending with their own expectations about confounding new technologies and business models. It is not clear, however, that the public policy being developed in any country is a thoughtful reaction to the promises and perils of today’s digital economy, rather than a knee-jerk over-reaction to imagined harms and a handful of high-profile incidents. (more…)

EmailShare
02 July 2018

First Circuit’s Decision Provides Guidance on Creating Enforceable Website Terms and Conditions

On June 25, the United States Court of Appeals for the First Circuit in Cullinane v. Uber Technologies, Inc., __ F.3d __, 2018 WL 3099388 (1st Cir. 2018), evaluated the enforceability of arbitration provisions in online contracts. The First Circuit found Uber’s arbitration provision, which contained a class action waiver, unenforceable because Uber did not make its terms of service sufficiently conspicuous. Cullinane highlights the importance of obtaining customers’ affirmative consent to an online contract and reaffirms that conspicuousness of the arbitration agreement and the form of assent that retailers require from consumers remain paramount.
(more…)

EmailShare
29 June 2018

California Enacts Broad Privacy Laws Modeled on GDPR

On June 28, 2018, California Gov. Jerry Brown signed into law the California Consumer Privacy Act of 2018 (AB 375). According to the bill’s author, it was consciously designed to emulate the new European General Data Protection Regulation (GDPR) that went into effect on May 25, and if and when it goes into effect, it would constitute the broadest privacy law in the United States. It is intended to give consumers more transparency regarding and control over their data and establishes highly detailed requirements for what companies that collect personal data about California residents must disclose.    (more…)

EmailShare
26 June 2018

California’s GDPR? Sweeping California Privacy Ballot Initiative Could Bring Sea Change to U.S. Privacy Regulation and Enforcement

*UPDATE: The ballot initiative has been replaced by a new California law, AB 375. Please see California Enacts Broad Privacy Protections Modeled on GDPR for more information.

On June 25, 2018, California Secretary of State Alex Padilla announced that a potentially significant privacy initiative is eligible for the Nov. 6 general election ballot. If passed, the ballot initiative — the California Consumer Privacy Act (CCPA) — would immediately make sweeping changes to California’s privacy laws. This initiative would likely create a de facto national standard on transparency around third-party sharing as well as consumer rights to restrict data sharing and could affect many business models that depend on data monetization to offer a free good or service. Many see the law as having echoes of the new European General Data Protection Regulation (GDPR) that went into effect on May 25. If voters pass the initiative, it would go into effect shortly after the election — providing little time to develop an extensive internal regulatory program, yet providing immediate exposure to penalties for failures to have those extensive compliance processes in operation. (more…)

EmailShare
20 June 2018

Sidley Partner William Long Recognized by Best Lawyers 2019

Sidley Partner William RM Long has been recognized by Best Lawyers 2019 for Privacy & Data Protection Law in London. William is global co-leader of Sidley’s Privacy and Cybersecurity practice and also leads the EU data protection practice at Sidley.

Recognition by Best Lawyers is based entirely on peer review. Best Lawyers’ methodology is designed to capture, as accurately as possible, the consensus opinion of leading lawyers about the professional abilities of their colleagues within the same geographical area and legal practice area.

EmailShare
14 June 2018

European Lawmakers Call on the EU to Suspend the EU-U.S. ‘Data Transfer’ Privacy Shield

On 11 June 2018, members of a Committee within the European parliament (“MEPs”) narrowly voted in favour of suspending the EU-U.S. Privacy Shield (“Privacy Shield”), an agreement that facilitates the transfer of personal data of EU data subjects to the U.S., unless the U.S. government fully complies with the Privacy Shield data protection requirements by 1 September 2018. Although the resolution is only a draft and has no legal effect, it reflects continued European concerns surrounding Privacy Shield.   (more…)

EmailShare
24 May 2018

GDPR Day is Here!

Whether you are marking today with a glass of champagne, a shot of whiskey, or a hot cup of tea, today marks a significant day for privacy professionals world-wide.

Here’s to all of the privacy professionals who have put in so many hours to prepare for the GDPR, fully effective as of Friday May 25, 2018 at midnight in Brussels; that is 6 PM eastern on Thursday, May 24th for toasting purposes.

For business executives, policymakers, and consumers who have become aware of the GDPR in recent weeks and are interested in learning more, visit our GDPR resource page here.

EmailShare
22 May 2018

Supreme Court Finds Expectation of Privacy for Rental Car Driver

In its preview of hot privacy and cybersecurity topics for 2018, Data Matters noted that this year the Supreme Court was scheduled to decide a number of cases with potentially substantial privacy implications.  This past week, the Court issued its opinion in one such case, Byrd v. United States, a case concerning “whether a driver has a reasonable expectation of privacy in a rental car when he or she is not listed as an authorized driver on the rental agreement.”  Concluding that a driver does have such an expectation, the Court issued a narrow and unanimous opinion that, as laid out below, could have implications for commercial privacy expectations in other contexts. (more…)

EmailShare
1 2 3 10
XSLT Plugin by BMI Calculator