GDPR is Coming

Beginning in the 1980’s with the OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data and the Council of Europe Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (Convention 108), European governments sought to establish a legal regime governing data and data flows.  This ultimately found their…

Mass AG Starts Equifax Litigation Derby

Equifax’s data breach involving the sensitive and personal information of 143 million consumers has sparked a national outcry and, investigations by over 30 state Attorneys General and the Federal Trade Commission.  Last week, Massachusetts became the first state to commence litigation against Equifax and is now considering amending its data breach law in response. EQUIFAX…

Court Narrows, Restricts DOJ Warrant on Inaugural Protest Site

As we reported earlier, the Justice Department served a warrant concerning disruptj20.org on its hosting provider DreamHost seeking records of all visitors to the site, including all communications.  Rather than negotiate, the Justice Department moved to compel and DreamHost opposed the motion asserting that In essence, the Search Warrant not only aims to identify the political…

Uber Enters FTC Consent Decree Over Failure to Protect Consumer Data

In 2014, press reports revealed that Uber employees improperly accessed riders’ personal information using an internal company tool called the “God View.”  To respond to the controversy, Uber posted this statement on its site:   Uber has a strict policy prohibiting all employees at every level from accessing a rider or driver’s data. The only…

DreamHost Challenges Trump Admin Warrant

The Justice Department has been investigating certain violent protests that occurred during the inaugural festivities for President Trump and has indicted 200 people on felony rioting charges in connection with property damage and assault during the inauguration.  For example, white nationalist Richard Spencer was punched during an interview on the streets of D.C. The Justice…

FTC Updates COPPA Compliance Plan for Business

The Federal Trade Commission has updated its Compliance Plan guidance under the Children’s Online Privacy Protection Act (COPPA) to address: New business models. As technologies evolve, companies have new ways of collecting data, some of which may affect your obligations under COPPA. Just one example: voice-activated devices that collect personal information. If your clients change how…