chevron-down Created with Sketch Beta.
    Privacy & Data Security

    Practice Points

    What you need to know in a quick-to-read format. Find all of the Privacy and Data Security Committee’s practice points in this archive.

    2023

    Tips for Protecting Your Business from Wiretap Lawsuits Targeting Companies with Consumer-Facing Websites
    By Alexander (Sandy) Bilus, Joseph Lipchitz, and Allison Burdette – February 22, 2023
    Class action lawsuits stemming from use of session replay software are on the rise.

    2022

    California Attorney General Reaches $1.2 Million Settlement with Sephora
    By Patrick Hromisin and Austin Strine – November, 2022
    The settlement was part of a continued enforcement of the California Consumer Privacy Act.

    Lessons Learned from EyeMed Vision Care’s Cybersecurity Settlement
    By Dimple T. Shah – November 10, 2022

    2021

    FTC Amends Standards for Safeguarding Customer Information
    By Alexander (Sandy) R. Bilus – December 16, 2021
    The key changes will become effective one year after the Final Rule is published in the Federal Register.

    2020

    Lawyers Beware: How Data Privacy Protections Differ from Privilege and Confidentiality
    By Joanna L. Storey – December 21, 2020
    Navigating current privacy laws is like wandering through a labyrinth. Where should a lawyer start?

    The Four Ps of Privacy
    By Starr Drumm – December 16, 2020
    A quick guide to spotting issues with privacy laws.

    2019

    The Third-Party Doctrine in the Wake of a “Seismic Shift”
    By Steven Arango – June 13, 2019
    The need for data privacy legislation to keep pace with technology.

    2018

    Ohio Law Creating Affirmative Defense in Data Breach Litigation Takes Effect
    By Sean Fernandes – November 5, 2018
    While it is unclear whether the safe harbor is sufficiently effective to incentivize voluntary compliance, this statute does indicate a new approach to data security regulation that practitioners should monitor.

    Supreme Court Addresses Stored Communications Act Cases
    By Sean Fernandes – July 10, 2018
    Two recent cases, Carpenter v. United States and United States v. Microsoft, cases recently reached resolution.

    Supreme Court Hears Oral Argument on Stored Communications Act Cases
    By Sean Fernandes – March 30, 2018
    While it is a fool’s errand to predict the outcome of a case based on oral argument, the themes in these arguments will be of interest to attorneys following these issues.

    2017

    Supreme Court to Address Significant Stored Communications Act Cases
    By Sean Fernandes – August 16, 2017
    Attorneys interested in electronic communications privacy issues should take note of two cases currently under consideration.

    Spies in the Skies? D.C. Circuit Invalidates Drone Registration Rule
    By Sean Fernandes – June 7, 2017
    The court invalidated an FAA rule requiring recreational drone owners to register with the FAA, clouding the FAA's ability to regulate drone usage.

    Tips for Smart Privacy Practices from Smart TV Settlement
    By Sean Fernandes – March 27, 2017
    Several important takeaways for privacy and data security practitioners from the FTC's recent complaint against VIZIO.

    Fourth Circuit Declines to Find VA Violated Privacy and Administrative Procedure Acts
    By Danielle Pomeraniec – March 6, 2017
    The case involved the dismissal of two class actions brought against the Secretary of Veteran Affairs.

    Fourth Circuit Weighs in on Data Breach Standing
    By Sean Fernandes – February 15, 2017
    The ruling comes in Beck v. McDonald.

    Email Privacy Act Unanimously Passed by House of Representatives
    By Danielle Pomeraniec – February 14, 2017
    The act prohibits the federal government from searching individuals’ emails without a warrant.

    Former Uber Employee Files Suit for Retaliation in Reporting Insecure Data Privacy Practices
    By Angel Chiang – January 9, 2017
    This is not the first time the ride-sharing juggernaut has been accused of privacy violations.

    Insurance Data Security Model Law Expected in 2017
    By Alex Pearce – January 31, 2017
    What are the implications for insurers, agents, brokers, and service providers?

    Recent Lessons from the FTC’s July 2016 Ruling in In the Matter of LabMd., Inc.
    By Angel Chiang – November 28, 2016
    Tips for organizations storing and managing sensitive personal consumer information.

    Fight Over Amazon Echo Access in Murder Case Raises Internet of Things Privacy Concerns
    By Christina Liu – January 17, 2017
    A murder, a hot tub, and the digital assistant that may have recorded it all.

    NYS Department of Financial Services Announces Changes to Proposed Cybersecurity Regulation
    By Danielle Pomeraniec – January 5, 2017
    Covered entities will have 180 days from the effective date to become compliant.

    2016

    Review the Rule Act Aims to Delay Changes to Federal Rules of Criminal Procedure
    By Danielle Pomeraniec – November 30, 2016
    The act’s sole purpose is to gain more time to assess the impact the changes would have on individuals’ Fourth Amendment rights.

    Recent Lessons from the FTC’s July 2016 Ruling in In the Matter of LabMd., Inc.
    By Angel Chiang – November 28, 2016
    Tips for organizations storing and managing sensitive personal consumer information.

    New York State Department of Financial Services to Regulate the Cybersecurity of Financial Institutions
    By Danielle Pomeraniec – October 31, 2016
    Governor Andrew Cuomo announced the proposition in September.

    California AG’s Office Takes Lead in Tackling Cyber Crime in Establishing C4 Center
    By Christina Liu – October 19, 2016
    The center will give law enforcement assistance in investigations where cyber expertise is needed.