Privacy & Cybersecurity
Viewpoints
Filter by:
Employers Beware: Judge Greenlights Employee’s Privacy Lawsuit Over Dropbox Access
March 28, 2019 | Blog | By Cynthia Larose, Jennifer Budoff
Many employers maintain policies limiting their employees’ expectation of privacy in the workplace, including policies that eliminate any expectation of privacy when using company-issued electronic devices. While employers may think that having such a policy would protect them from invasion of privacy claims under the Fourth Amendment or state law, a recent federal court decision may cause employers to think otherwise. This post examines this decision and provides best practices for avoiding issues with employees’ privacy interests.
Read more
Brexit and UK-US data transfers: What’s the plan?
March 26, 2019 | Blog | By Susan Foster
Despite the overall political uncertainty about Brexit, worries about a sudden stop to personal data transfers from the UK to the US are misplaced, deal or no deal. There is, in fact, a plan, and it’s a reasonable, practical plan.
Read more
Musical.ly’s COPPA Failure Falls Flat at the FTC; Will Pay Note-Worthy Fine
March 6, 2019 | Blog | By Cynthia Larose, Elana Safner
The Federal Trade Commission (“FTC”) has handed down its largest civil penalty ever for violations of the Children’s Online Privacy Protection Act (“COPPA”). Musical.ly, now known as TikTok after a 2018 merger, agreed to a fine of $5.7 million for its violations. The settlement was significant not only because of its record amount, but also because it includes a specific agreement on how the website will operate going forward.
Read more
SB 561 Aims to Make CCPA More Consumer-Friendly by Expanding a Private Right of Action and Removing the Right to Cure
March 4, 2019 | Blog | By Cynthia Larose, Natalie Prescott
Last week, California State Senator Jackson and state Attorney General Becerra introduced a new bill, Senate Bill 561. If passed, it will greatly expand the consumers’ right to bring private lawsuits for violations of the California Consumer Privacy Act (“CCPA”). SB 561 will: (1) provide for a private right of action for all CCPA violations—not just those stemming from a data breach; (2) eliminate the 30-day safe-harbor provision that currently allows companies to cure the violation and thereby avoid a private right of action; and (3) prevent companies from seeking specific opinions from the Attorney General and instead allow the AG’s office to provide “general guidance” via publications.
Read more
Insights and News – Telephone Consumer Protection Act (TCPA)
February 27, 2019 | Blog | By Cynthia Larose
This month, Mintz’s TCPA Digest reviews the Federal Communications Commission’s (FCC) adoption of a proposal to extend the Truth in Caller ID rules to calls originating outside the United States, and to expand the scope of covered communications services. The Digest also covers the FCC’s first-ever report on illegal robocalls, the push for call authentication and call blocking technology, and the renewed push in Congress to pass the Stopping Bad Robocalls Act.
Read more
ICYMI – Overview of California Consumer Privacy Act Webinar
February 22, 2019 | Blog | By Cynthia Larose
We presented our first in a series of webinars digging into the California Consumer Privacy Act. If you registered, you should have received a link to the recording and the materials. If you missed it, we’ll help you out. To access the webinar recording, please click here. The materials can be downloaded here.
Our next installment is coming up on March 27th and will address similarities and differences between the EU’s General Data Protection Regulation and the CCPA.
Read more
Our next installment is coming up on March 27th and will address similarities and differences between the EU’s General Data Protection Regulation and the CCPA.
California Governor Floats “Data Dividend” Proposal
February 16, 2019 | Blog
On the heels of the passing one of the nation’s leading pieces of privacy legislation, the California Consumer Privacy Protection Act (“CCPA”), Governor Newsom, used his first “State of the State” address, to highlight his position on data protection and privacy, by saying that technology companies “make billions of dollars collecting, curating and monetizing our personal data have a duty to protect it” and that “Consumers have a right to know and control how their data is being used.”
Read more
Federal Trade Commission: No Changes to CAN-SPAM Rules
February 13, 2019 | Blog | By Cynthia Larose
There will be one less new privacy regulation to worry about in 2019. In June of last year, the Federal Trade Commission announced that it would review its rules implementing the CAN-SPAM Act, regulating unsolicited commercial email. Yesterday, the FTC announced that it had received 92 comments during the review process, and concluded that no changes to its CAN-SPAM Rules were needed at this time.
Read more
No Harm, Still a Foul: Illinois Supreme Court Rules on the Collection of Biometric Data
January 29, 2019 | Blog | By Cynthia Larose, Elana R. Safner
Leaving its fingerprints all over the privacy debate, the Illinois Supreme Court handed down a ruling that will significantly impact litigation under the state’s unique Biometric Information Privacy Act (“BIPA” or “Act”), creating a potential boon for plaintiffs. In its January 25 opinion in Stacy Rosenbach v. Six Flags Entertainment Corp., the court unanimously sided with the plaintiff, ruling that actual harm is not a requirement to establish standing under BIPA.
Read more
California AG’s Office Gets Public Input on CCPA
January 29, 2019 | Blog
The California Attorney General’s Office (CAGO) is conducting a series of public hearings around the state to gather input on the California Consumer Privacy Act of 2018 (CCPA). We attended the CAGO’s January 25th, 2019 hearing. The panel of CAGO staff informed those in attendance to anticipate a Notice of Proposed Regulatory Action in the fall of 2019.
Read more
It’s Data Privacy Day: Be #PrivacyAware
January 28, 2019 | Blog | By Cynthia Larose
Happy Data Privacy Day! Join the #PrivacyAware conversation all day long on Twitter. Watch the Data Privacy Data Event online from LinkedIn in San Francisco. Click here to watch at 2 PM PST/5 PM EST.
Read more
WEBINAR – The California Consumer Privacy Law is Here. Get Prepared.
January 17, 2019 | Blog | By Cynthia Larose
We have been actively covering the California Consumer Privacy Act on our blog as it evolves including here and here. Please join us on February 6th for the first webinar in our California Consumer Privacy Act Series.
Read more
Cynthia Larose Named a National Law Review "Go-To Thought Leader"
January 7, 2019 | Blog
Mintz Member Cynthia Larose and her thought leadership on all things Privacy has been selected for a National Law Review “Go-To Thought Leadership Award.” The inaugural awards recognize 65 exceptional authors and legal organizations for their reporting of complex legislative and litigation news, as well as their strategic insight and overall legal industry knowledge.
Read more
Oath (f/k/a AOL) Agrees to Pay Record Settlement over COPPA Violations
December 12, 2018 | Blog | By Cynthia Larose
Recently, Oath, a wholly-owned subsidiary of Verizon Communications agreed to pay $4.95 million to settle charges from the New York attorney general’s office that the company’s online advertising business was violating federal law.
Read more
HIPAA Penalties For Failure to Cut Off Access To Former Employee
December 12, 2018 | Blog
It has been a busy few weeks for HIPAA enforcement. On Tuesday, the Office for Civil Rights announced its third resolution of a HIPAA breach in as many weeks. In this latest matter, OCR announced that Pagosa Springs Medical Center (PSMC), a critical access hospital in Colorado, has agreed to both pay $111,400 to the Office for Civil Rights (OCR) as well as adopt a comprehensive, two-year corrective action plan (CAP) to address and settle potential HIPAA violations.
Read more
Commitment to Protection of User Data Essential To Consumer Adoption of IoT Devices – Three Things to Know about the New Hampshire Amazon Echo Case
December 6, 2018 | Blog | By Cynthia Larose
Recently, Amazon refused (registration required) to provide data from an Amazon Echo device in a case involving the a double homicide in response to an order issued by a New Hampshire state judge. Prosecutors believe that the Echo may have recorded data relevant to the crime; a potential perpetrator has already been charged.
Read more
That Local Representative Problem . . . and the New Guidelines on the Territorial Scope of the GDPR (Part I)
November 29, 2018 | Blog | By Susan Foster
Companies based outside of the European Union sometimes find it challenging to determine whether the General Data Protection Regulation (GDPR) applies to them. And if they finally work out that the GDPR applies, they then have the challenge of finding a local representative as required by Art. 27.
Read more
Uber and FTC Arrive at Settlement: Extensive Monitoring, but no FTC Fines Ahead
November 15, 2018 | Blog | By Cynthia Larose, Elana Safner
Recently, the Federal Trade Commission (“FTC”) announced that it has finalized its expanded settlement with ride-haling giant, Uber Technologies, Inc. (“Uber”) related to two major data breach incidents. The initial breach occurred in 2014 and led to an FTC investigation into Uber’s data storage practices for rider and driver data.
Read more
FDA Issues Draft Cybersecurity Guidance for Med Devices
October 22, 2018 | Blog | By Cynthia Larose
If you are a medical device manufacturer, the Food and Drug Administration (FDA) says that you should prepare a “cybersecurity bill of materials” before marketing your devices. As outlined in our sister blog’s post, the requirement would require manufacturers to produce a list of the components that could be susceptible to vulnerabilities.
Read more
“Hey Alexa – Tell Me About Your Security Measures”
October 4, 2018 | Blog | By Cynthia Larose
California continues to lead the nation in cybersecurity and privacy legislation on the heels of the recent California Consumer Privacy Act of 2018 (“CCPA”). Governor Brown recently signed into law two nearly identical bills, Assembly Bill No. 1906 and Senate Bill No. 327 (the “Legislation”) each of which required the signing of the other to become law, on September 28th, 2018.
Read more
Viewpoint Editors
Cynthia J. Larose
Member / Chair, Privacy & Cybersecurity Practice
John B. Koss
Managing Director, E-Data Consulting Group
Susan L. Foster, Ph.D.
Member
Dianne J. Bourque
Member
Christopher J. Harvie
Member
Kevin M. McGinty
Member / Co-chair, Class Action Practice
Elana R. Safner
Associate
Explore Other Viewpoints:
- Antitrust
- Appellate
- Arbitration, Mediation & Alternate Dispute Resolution
- Awards
- Bankruptcy & Restructuring
- California Land Use
- Class Action
- Complex Commercial Litigation
- Construction
- Consumer Product Safety
- Cross-Border Asset Recovery
- Debt Financing
- Diversity
- EB-5 Financing
- Education & Nonprofits
- Employment, Labor & Benefits
- Energy & Sustainability
- Environmental Enforcement Defense
- Environmental Law
- FDA Regulatory
- Federal Circuit Appeals
- Financial Institution Litigation
- Government Law
- Health Care
- Health Care Compliance, Fraud and Abuse, & Regulatory Counseling
- Health Care Enforcement & Investigations
- Health Care Transactions
- Health Information Privacy & Security
- IP Due Diligence
- IPRs & Other Post Grant Proceedings
- Immigration
- Insolvency & Creditor Rights Litigation
- Institutional Investor Class Action Recovery
- Insurance & Financial Services
- Insurance Consulting & Risk Management
- Insurance and Reinsurance Problem-Solving & Dispute Resolution
- Intellectual Property
- Investment Funds
- Israel
- Licensing & Technology Transactions
- Life Sciences
- Litigation & Investigations
- M&A Litigation
- ML Strategies
- Medicare, Medicaid and Commercial Coverage & Reimbursement
- Mergers & Acquisitions
- Patent Litigation
- Patent Prosecution & Strategic Counseling
- Privacy & Cybersecurity
- Private Client
- Private Equity
- Pro Bono
- Products Liability & Complex Tort
- Projects & Infrastructure
- Public Finance
- Real Estate Litigation
- Real Estate Transactions
- Real Estate, Construction & Infrastructure
- Retail & Consumer Products
- Securities & Capital Markets
- Securities Litigation
- Special Purpose Acquisition Company (SPACs)
- Sports & Entertainment
- Strategic IP Monetization & Licensing
- Tax
- Technology
- Technology, Communications & Media
- Trade Secrets
- Trademark & Copyright
- Trademark Litigation
- Venture Capital & Emerging Companies
- White Collar Defense & Government Investigations