As submitted for the comment period on Initiatives – Active Measures for Initiative 19-0021 on November 8, 2019.
Dear Mr. Mactaggart,
As privacy practitioners, we share your passion and dedication to the development of information privacy and data protection law in the United States. We acknowledge your achievement in pushing for the enactment of the California Consumer Privacy Act (CCPA) and contributing to the ongoing national conversation to advance privacy rights. Your commitment to these issues is clear, and we commend the seriousness of your work in addressing privacy rights in accordance with your vision.
We write in the spirit of constructive development of privacy regulation, and offer the following comments in the hope of contributing to the goal we share with you: improving the quality and effectiveness of U.S. privacy and data protection law while ensuring the continued innovation and flexibility that so benefit our society. Although we often advise the regulated community on privacy and data protection matters, the views expressed here are our own.
At the outset, we note that there are important improvements in your proposed initiative relative to the enacted CCPA. Many of your new initiative’s provisions could serve to move privacy and data security law in a positive direction. In this vein, we note the following: (more…)
The California Consumer Privacy Act (CCPA) takes effect in January. Sidley’s seasoned class action practitioners anticipate the CCPA will drive a proliferation of data- and privacy-driven suits, on multiple fronts.
This webinar will explore this emerging area in consumer class action litigation and highlight concrete steps businesses can take to mitigate CCPA-related risks.
The European Commission’s Medical Devices Coordination Group (MDCG) has published a much-anticipated guidance on the qualification and classification of software devices as medical devices (MDSW)1 under the new Medical Devices Regulation (MDR) and In Vitro Diagnostic Regulations (IVDR) (the Guidance, available here). The Guidance seeks to provide clarification to medical software manufacturers with respect to (i) when software is considered a device (qualification) and (ii) what risk category the device falls into (classification).
Under the currently applicable rules, supported by guidance set out in MEDDEV 2.1/6,2 most software devices are classified as low risk. However, the new classification rules set out in the MDR, in particular Rule 11, significantly change the classification of MDSW, with many software devices to be generally considered medium- or even high-risk devices.
Here we examine which areas have been clarified by the Guidance and which topics remain open to interpretation.
Please join us for the fourth in a series of programs focused on 2019 blockchain developments. This webinar will discuss legal, regulatory and other considerations for smart contracts. Lawyers from Sidley’s blockchain, investment funds and global finance practices will discuss:
- The blockchain technology behind smart contracts
- The legal validity of smart contracts under state law
- Court decisions and industry initiatives addressing obligations embedded in smart contracts
- Practical considerations for smart contract implementation in transactions
Women in Privacy™ or WIP™ invites you to join our networking event featuring a roundtable discussion of the latest data protection and privacy hot topics followed by a drinks reception.
The Women in Privacy networking group is for data protection and privacy professionals and aims to provide a platform for high-level discussion of data protection and privacy law developments, to facilitate and strengthen networking among women privacy professionals, and to mentor and promote the advancement of women in the field.
Sidley was honored as the Data – Security “Firm of the Year” at the 2019 Who’s Who Legal Awards. Click here for more information on our Privacy and Cybersecurity practice.
Sidley has consolidated its materials and resources on the CCPA, including an amendment tracker, on the new Sidley CCPA Monitor.
Explore the law and Sidley insights, available now.
William Long, partner and global co-leader of Sidley’s Privacy and Cybersecurity practice, has been working on global data privacy and information security matters for a number of years. In particular, William advises international clients on a wide variety of General Data Protection Regulation (Regulation (EU) 2016/679) (‘GDPR’), data protection, cybersecurity and financial services issues.
DataGuidance by OneTrust spoke with William about data protection issues in the financial services sector, and in particular about approaching compliance with the GDPR, sector-specific challenges, issues around Big Data, and cybersecurity.
Terms and conditions generally specify the rules governing the use of a website or mobile application. Since every website is different, custom-drafted terms and conditions are necessary to protect a particular business. Well-crafted terms and conditions might address issues such as payment, taxes, refunds, gift certificates, accounts, disclaimers, user behavior on your site, warranties and limitations on liability.