Should Businesses Have a Separate CCPA Privacy Policy for California & Non-California Consumers?

The CCPA only provides enhanced rights and protections for consumers who are California residents. As a result, businesses with national or global customer bases must decide whether to extend the CCPA’s consumer rights and disclosure requirements to their entire customer base, including both California and Non-California residents—Or should they provide CCPA rights to only consumers […]

CCPA: New Website Accessibility Requirements

The Article in 60 Seconds The California Attorney General (“CAG”) published, in its notice of modifications to the proposed CCPA regulations, a requirement that online privacy disclosures be—reasonably accessible—to consumers with disabilities. Notably, the CAG clarified that reasonable accessibility means that businesses must comply with “generally recognized industry standards,” such as the Web Content Accessibility […]

Data Retention Under the GDPR

The impact of the GDPR on US companies will be significant. One of the most difficult issues to overcome will be handling data retention. Creating a data retention policy is easy, implementing it will be significantly more difficult. Article 5 sets forth the principle that personal data may be maintained for no longer than is […]

Cybersecurity the EU Network & Information Security Directive: U.S. Companies Take Note

Preventing or minimizing business risks should result in maximizing profits, but unexpected losses due to cybersecurity incidents can be costly to both businesses and affected consumers. The European Commission has finally addressed this rising issue with the new draft Directive, the Network and Information Security Directive (“NIS Directive”).  The intent behind the Directive is to […]

GDPR vs. HR Data: Time to Reconsider Consent as a Lawful Basis to Collect Personal Data?

In light of the GDPR’s stringent requirements for consent, HR departments will need to review the legal basis for processing employee data under employment contracts based on consent. The GDPR heightened the requirements for using consent as a legal basis, making this method risky and burdensome. The GDPR requires that consent must be: Freely given, […]

FTC Approves $5 Billion Dollar Fine Against Facebook Over Cambridge Analytica Scandal.

Although the E.U. handed down significant fines earlier this week, the U.S. ended the week by issuing record-setting fines against Facebook for 5 billion dollars. The fine against Facebook represents the powerful posture taken by the United States to enforce privacy legislation in the post-GDPR era. The chart above outlines the EU’s early GDPR enforcement efforts […]

Non-Disclosure and Confidentiality Agreements- The Importance of Remedies

Non-disclosure, confidentiality, and/or proprietary information agreements are one of the most frequently used agreements in business today. Businesses entering into a new relationship or extending the scope of an ongoing relationship with clients, vendors, or customers will often require a formal agreement between the parties outlining the use and further disclosure of confidential information. Confidential […]

Designing International Marketing Efforts to Avoid Data Privacy Risks

Expanding into international markets can ensure success and longevity for your business, yet many businesses are reluctant to reach out to international markets for various reasons. Fear of failure to comply with data privacy laws is just one. It is true that data privacy laws are growing increasingly stricter. The good news is there is […]

Skip to content