Mason focuses on privacy, security, and Internet issues, with emphasis on helping companies that are subject to both U.S. and European law, including in relation to the EU General Data Protection Regulation (“GDPR”), ePrivacy rules, Privacy Shield, Standard Contractual Clauses (a/k/a “Model Contracts”), and the California Consumer Privacy Act (“CCPA”). A former web designer, he has extensive experience with the technology that drives digital media and e-commerce.
His work includes:
- Advising software developers and technology manufacturers on privacy and security issues in product design.
- Helping clients manage risk in the creation, marketing and licensing of innovative data services.
- Designing compliant, data-driven, global marketing strategies.
- Advising participants in the online advertising ecosystem on legal and self-regulatory compliance strategy.
- Negotiating technology transactions, intellectual property licenses and other commercial agreements.
- Developing information governance programs.
- Conducting comprehensive enterprise-wide privacy and security assessment and remediation programs, including reviews of collection, use, disclosure, storage and disposal of personal data.
- Managing data breach response.
- Resolving regulatory audits and inquiries.
- Representing clients in dispute resolution.
- Addressing a wide range of other privacy, security and Internet issues, including in the areas of data collection, data sharing, computer crime, employee monitoring and other electronic surveillance, online content, children’s privacy, health privacy, financial privacy, information management, trade secrets and intellectual property.
Mason is the former Chair of the Privacy Subcommittee of the NYC Bar Association’s Information Technology Law Committee.
On July 9, 2020, the Italian Data Protection Authority (“Garante”) issued a 16.7 million euro fine against Wind Tre S.p.A., an Italian telecom operator, for a number of unlawful data processing activities ...Read More
Today the Court of Justice of the European Union (“CJEU”) ruled that: The EU-U.S. Privacy Shield framework (“Privacy Shield”) is no longer a valid mechanism for exportation of personal data from the European Economic ...Read More
- Key Changes in the AG’s Updated Proposed CCPA Regulations
- New Push for Washington’s Privacy Bill in 2020
- CCPA Countdown: Draft Regulations Add Clarity and New Requirements
- Geolocation Sale Bill Vetoed by Hawaii Governor
- Notable GDPR Enforcement Actions in the First Year and Key Takeaways
- New EU Cookie Consent Recommendation from Advocate General
- EU to Allow Geographic Limits on Right-to-Be-Forgotten Requests if Court Adopts New AG Opinion
- Avoiding Liability for Customers’ Canadian Spam Law Violations