Privacy Plus+ News
Stay informed with our latest insights on privacy and technology trends, along with key updates from our firm.
SEC Seeks Disgorgement from Virtu for Misleading Statements on Customer Data Protection
This week, let’s highlight the SEC’s recent civil action against Virtu Americas and its parent company, Virtu Financial, seeking disgorgement for misleading statements about data protection.
“Data Provenance”: Navigating Ownership, Authenticity, and Rights in the Digital Age
This week, let’s examine “Data Provenance,” a concept that involves tracing the lineage of data — its origins, transformations, and ownership. We’ll also propose a new specialized application for “Data Provenance:” regulating the privacy of personal data.
US Intelligence Community Is Buying “Commercially Available” Surveillance Data – What are the Implications?
This week, let’s consider a recently-declassified report issued by the Office of the Director of National Intelligence on the Intelligence Community’s purchase and use of sensitive “Commercially Available Information.”
Janus - Use of Facial Recognition Expanded by the TSA
This week, let’s consider the Janus-faced tension between privacy and security as the TSA expands its use of facial recognition technologies in airports (while keeping its privacy policy far from a model of completeness).
Royal Ransomware Strikes Dallas – What Can be Learned?
When a library website goes down, it should not also disable police services. Let’s reflect on what we can learned from the Royal ransomware attack on the City of Dallas.
Five Eyes Issues Guidance for the Deployment of “Smart City” Technologies
This week, let’s review the new “smart city” cybersecurity guidance issued by the Five Eyes intelligence alliance, and offer some perspective accrued over time as long as this guidance is overdue.
Mental Health Data is For Sale
This week, let's consider banning the sale of mental health data in light of a new study published by Duke, and actions by the FTC against BetterHelp (for sharing mental health data with Facebook and others targeted advertisers) and Kochava (for selling sensitive geolocation information).
Section 702, the Supreme Court, the European Parliament, and Congress
This week, we invoke Sherlock Holmes while discussing the latest news regarding Section 702 of the National Security Act, the GDPR and cross-border data transfers.
“It’s Turtles All the Way Down” - FTC Focuses on AWS Security
This week, let’s look at a recent FTC Consent Order, then consider what lessons can be drawn about using AWS. We’ll also explain how IT infrastructure fits the turtle metaphor featured in the title of this post.
HM in DBA Headnotes Discussing Uber CSO’s Criminal Conviction
Was Uber’s Chief Security Officer a villain or a scapegoat? And how should companies respond to the news of his criminal conviction? HM attorneys discuss in this month’s Headnotes for the Dallas Bar Association.
Preserving Privilege During a Merger or Acquisition
This week, let’s address what happens to attorney-client privilege during a merger or acquisition. Here, we’re offering some suggestions about deal terms addressing privilege and data ownership, especially as they relate to sensitive pre-close deal communications about diligence, deal terms, and negotiations.
Legal Issues Surrounding Customer Lists
This week, let’s examine the nine (9) or more areas of law surrounding Customer Lists, which are often among the blue-ribbon prizes in fights among competitors or between employers and their departing employees.
The Care and Handling of CEII
This week, let’s consider Controlled Unclassified Information, and how one example of it—Critical energy/electric infrastructure information—is regulated in the energy industry.
Predicting the Future of Privacy Law into 2023
This week, let’s look ahead toward the State of Privacy in 2023. With the New Year little more than 100 days away, what should we expect?
How to Go Quasi-Dark – Email and Messaging Edition
This week, we’re covering the intriguing topic of how to communicate over the Internet as privately and securely as possible.
Clearview AI is “Persona non Grata”
This week, the Italian Supervisory Authority (ISA) – a regulatory body responsible for enforcing GDPR and related privacy concerns in Italy – fined Clearview AI € 20 million for GDPR violations stemming from Clearview’s data collection and processing in Italy. Let’s consider the opinion and some lessons learned.
“Technical Debt” in IT Systems
This week, let’s consider the liabilities presented by hidden technical debt in IT systems.
Antitrust Takes Center Stage in China?
This week, let’s consider the increased regulatory scrutiny on China’s “big tech” companies and its parallels to the U.S. antitrust and trade regulation issues.
Britain Moves a Step Closer to “Adequate”
This week, let’s consider data transfers under the GDPR, alongside the United Kingdom’s latest move toward a post-Brexit adequacy decision related to the transfer of personal data from the EEA to the UK.
Virginia Consumer Data Protection Act
This week, let’s consider the latest comprehensive state privacy law — the Virginia Consumer Data Protection Act.