Data Innovation, Privacy & Cybersecurity
With innovation in data collection and monetization continuing to accelerate and concerns about data protection, privacy and cybersecurity prompting ever-greater global scrutiny, boards and senior executives require sophisticated counsel to assess and navigate risks around the use of customer, business partner or employee data. We help clients establish oversight and compliance frameworks that reduce the potential for large-scale data breaches or cyber incidents, manage and mitigate fast-moving crises when they occur, and respond to related litigation.
CJEU Invalidates EU-U.S. Privacy Shield Decision; Finds SCCs Valid, Emphasizing Need For Case-by-Case Scrutiny
The Court of Justice of the European Union announced landmark rulings on two mechanisms that organizations rely upon for the transfer of personal data from the EU to other countries, including the United States.
Litigation partner Roberto Gonzalez recently participated in “Avoiding the Corporate Crisis,” a conference hosted by DirectorCorps and Nasdaq. Roberto’s panel, “Cybersecurity, Artificial Intelligence & Data: What You Should Know Now,” discussed the major data security and privacy issues and trends that corporate leaders should be aware of.
The Cyberspace Solarium Commission’s Final Report and Recommendations Could Have Implications for Business
On March 11, 2020, the Cyberspace Solarium Commission (the “CSC” or the “Commission”) published its Final Report, which is the culmination of nearly a year of work, including approximately 30 meetings and 300 interviews.
Representing the U.S. broker-dealer industry and its industry organization, Securities Industry and Financial Markets Association (SIFMA), Paul, Weiss secured a highly favorable outcome in an unusual, high-stakes liability dispute with the national securities exchanges.
To limit the spread of COVID-19, many companies are implementing contingency plans for employees to work remotely. These steps may, however, inadvertently increase the risks of a data breach or other cyberattack. We suggest practical considerations to mitigate those risks.
Ring LLC Faces a Proposed Class Action Alleging Camera Doorbells Should Incorporate Enhanced Cybersecurity Features
On December 26, 2019, Amazon and Ring LLC were named as defendants in a putative class action filed in the U.S. District Court for the Central District of California by plaintiffs alleging claims of over $5 million.
A recent flurry of cyber attacks on asset managers should remind asset management firms and other financial institutions that they are attractive targets for cyber-exploitation and need to remain vigilant and institute appropriate preventative controls and monitoring procedures, as well as post-attack action plans.
Google and YouTube Pay Record $170 Million Fine for Allegedly Violating Children’s Privacy Law in Settlement with the FTC and the New York Attorney General
On September 4, 2019, the Federal Trade Commission (the “FTC”) and the New York Attorney General’s Office (the “NYAG”) reached a record $170 million settlement with Google and YouTube for alleged violations of the Children’s Online Privacy Protection Act (“COPPA”), a federal law that prohibits companies from collecting children’s personal information online without first notifying parents and obtaining their consent.
Jeannie Rhee, a former U.S. Deputy Assistant Attorney General, is joining the firm as a partner in the Litigation Department.
On July 25, 2019, New York Governor Andrew M. Cuomo signed into law a new data security law, the Stop Hacks and Improve Electronic Data Security (“SHIELD”) Act.
On July 8 and 9, 2019, the Information Commissioner’s Office (ICO) – the data protection authority of the United Kingdom – announced its intention to levy substantial fines against two companies for violations of the EU General Data Protection Regulation (GDPR).
Litigation partner Jeannie Rhee was quoted in a July 24 Tech Wire Asia article discussing the increase in regulatory and legal actions against organizations as global data privacy and protection standards have changed.