Skip to main content

Privacy Monday - June 2, 2014

The first Monday in June is also the first Monday of meteorological summer -and a welcome sight after a brutally-long winter for many of our readers.  So, here's to a happy Summer!

Google Receives 12,000 Take-Down Requests on Day One

According to Agence France Presse, as a result of the European Court of Justice's decision in the Google/Spain case -- which we analyzed here -- Google received 12,000 take-down requests from individuals on the very first day it offered the service.  The take-down offer only applies to information stored on Google servers in Europe.  For more, read here.   If you want to view straight-forward reporting on the decision and its effect, see NBC's Stephanie Gosk's story here.

Third Party Vendor Contracts - Is the Risk Accurately Reflected?

We have devoted a fair amount of blog space to discussion of data risk and how you should be factoring third parties into your risk assessment.  Since March of 2010, Massachusetts law has required contractual representations from third parties who will have access to data of Massachusetts residents that you use, license or store.   Further, if you are a financial institution covered by Gramm-Leach-Bliley or a health care provider covered by HIPAA, you are required to assess third party risk.   You can outsource the risk, but you cannot outsource the liability.   If your third party vendor has a breach, you own the legal responsibility for dealing with that breach.  Contracts are vehicles for allocating risk -- in fact, in combination with memorializing the business terms, risk allocation is the primary purpose of a contract.

Data collected by Advisen show that reports of third-party data breaches skyrocketed to a seven-year high in 2013, after rising steadily since 2005. Slight drops in case count were observed in 2009 and 2012, but the number of reported vendor breaches as tracked by Advisen remains well above the level of just a decade ago.

Advisen data also show that the overwhelming number of cases occur in the financial services, insurance and real estate sector, with manufacturing and public administration in second and third place.   For more, read at

Lessons From Facebook's Acquisition Of WhatsApp And Moves (registration required)

Mergers are never simple, but the acquisition of consumer products and technology requires the purchasing entity to consider questions beyond the standard concerns about executive pay, corporate valuations and per share prices. Will we be able to integrate corporate cultures? Will the service’s current users make angry reaction GIFs to demonstrate disapproval? Are Beats by Dre headphones "extraordinarily bad"? Two recent high-profile acquisitions by Facebook Inc. reveal another key question, says Jake Romero of Mintz Levin Cohn Ferris Glovsky and Popeo PC

WBZ Business Breakfast To Discuss Cybersecurity - Come Join Us!

If you are in Boston, join WBZ’s New England Business Editor and PM Drive News Anchor, Anthony Silva, along with a panel of cyber experts, including Mintz Levin's Cynthia Larose, who will explain the online safety practices you must know to protect yourself and your customers from costly scams.    Here for more information and registration.


Subscribe To Viewpoints


Cynthia J. Larose

Member / Co-Chair, Privacy & Cybersecurity Practice

Cynthia J. Larose is Chair of the firm's Privacy & Cybersecurity Practice, a Certified Information Privacy Professional-US (CIPP-US), and a Certified Information Privacy Professional-Europe (CIPP-E). She works with clients in various industries to develop comprehensive information security programs on the front end, and provides timely counsel when it becomes necessary to respond to a data breach.