Ohio Adopts Pioneering Cybersecurity Safe Harbor for Companies

Ohio has become the first state to enact legislation providing safe harbor for businesses that implement a written cybersecurity program that “reasonably conforms” to certain cybersecurity frameworks or laws to protect personal information. In the September 19, 2018 issue of The Cybersecurity Law Report, Jason Wool provides insights on the significance of the Ohio Data Protection Act, which will become effective on November 2, 2018. This article is paywalled.

Read More

Après 25 May: how has the GDPR most impacted US companies?

After the daily deluge of privacy policy update notification emails this past spring and the dramatic, 11th hour passage of GDPR-inspired legislation in California this summer, it has been almost impossible to avoid hearing about the General Data Protection Regulation (GDPR) in the US. But now that May 25 has come and gone, what are US companies actually doing to comply with the GDPR, and how has the GDPR impacted both their day-to-day operations as well as their overall privacy and security programs and strategies? Melissa Maalouf and Michelle Anderson provide their perspective on what US companies are doing, the challenges they’re facing, and the ways in which the GDPR has affected the US privacy landscape. This article was originally published in the August 2018 issue of Data Protection Leader.

Read More

ZwillGen Nabs Oath Atty to Aid Companies with Government Data Demands

ZwillGen welcomes longtime friend of the firm and former Oath/Yahoo attorney, Chris Madsen, to ZwillGen as Counsel and Managing Director for ZG Subpoena Solutions (ZGSS). “Chris brings valuable perspective and insight gained from years of in-house experience and at the Department of Justice,” said Marc Zwillinger. “He has a deep understanding of how to navigate nuanced legal and policy issues, particularly with respect to law enforcement matters. We are very lucky to have him help lead ZGSS.” This Law360 article is paywalled.

Read More

To Ease Pain of Breach Notification Laws, Protect Passwords

As an increasing number of states expand their breach notification laws to include user credentials, companies should review their policies surrounding password creation and storage. In this Law360 article, Jason Wool discusses these laws as well as issues companies should consider when reviewing their password practices. This article is paywalled.

Read More

Child Advocates Ask FTC To Investigate YouTube

More than 20 advocacy groups filed a complaint asking the FTC to investigate Google subsidiary, YouTube, for violating the Child Online Privacy Protection Act (COPPA). “If the FTC thought that a service was directed to children and it was delivering online targeted advertising without consent, that could be a violation,” Kandi Parsons weighed in.

Read More

It’s About More Than Just Privacy: Trust And Ethics

The industry is at a crossroad. With new regulations such as GDPR shaking up the scene, what can the industry do to regain the trust of regulators and consumers? Ken Dreifach discusses this topic with other panelists during RampUp’s 2018 conference.

Read More

USA: FTC Mobile Security Report “Call To Action” For Manufacturers

The Federal Trade Commission issued its report on improving mobile security update practices (‘the Report’). Melissa Maalouf spoke with DataGuidance about the Report and said, “While the Report is just ‘guidance’ and not law, the FTC often looks to the recommendations in its guidance documents as factors to consider when evaluating whether a company’s privacy and/or security practices constitute an unfair or deceptive act or practice under the FTC’s broad enforcement authority under Section 5 of the FTC Act of 1914 […] It is very likely that the recommendations in the Report will be taken into account by the FTC in analysing future data security/breach cases involving security vulnerabilities that were not patched but could have been.”

Read More

Law360 Privacy & Consumer Protection Editorial Advisory Board

Congratulations Jeff Landis on becoming a member of Law360’s 2017 Privacy & Consumer Protection advisory board!

Read More

FTC’s Smart-TV Privacy Settlement Unlikely To See An Encore

While smart-TV maker Vizio settled with the FTC for tracking users’ viewing habits, many suspect that the settlement will not set a trend. Kandi Parsons responded to the settlement, “Ohlhausen’s promise to lead an effort to ‘more rigorously’ evaluate what constitutes substantial injury hints that use of the unfairness prong of the FTC Act could require a stronger demonstration of harm, and thus be more limited, under her leadership.” This Law360 article is paywalled.

 

Read More

Google’s Setback Heats Up Overseas Warrant Debate

The Eastern District of Pennsylvania ruled that Google must comply with search warrants requesting user data stored on overseas servers, focusing on how Google stores data. Marc Zwillinger spoke with Law360 about the ruling, “Since Google cannot identify in what country the data resides at any point in time, and it keeps changing, it’s hard to see how the retrieval of the data can violate anyone’s sovereignty.” This Law360 article is paywalled.

Read More