The Bottom Line It is clear that local and state lawmakers are making data privacy protection requirements a legislative priority. As lawmakers continue to amend or enact new data protection and data breach notification laws, it will be crucial that all affected organizations ensure their policies Continue Reading
California Has a New Privacy Law. It Could Have Been Much Worse
The Bottom Line The Act becomes operative on January 1, 2020. In the meantime, the Attorney General will issue more detailed regulations.Nevertheless, companies doing business in California that collect consumers’ personal information — online or otherwise — should begin considering how to comply Continue Reading
Vermont Enacts First U.S. Law Governing Data Brokers
The Bottom Line The Vermont data broker registration requirement commences on January 1, 2019, giving data brokers subject to the law some time to become familiar with its requirements and to begin compliance efforts. After years of talking about data brokers, the first law in the nation to broadly Continue Reading
Two Bills Introduced in U.S. Senate Seek to Enhance Consumer Privacy Protections
The Bottom Line With the Facebook data breach, GDPR, and security issues attracting much attention these days, Congress has introduced two bills aimed at providing broader consumer privacy protections: The CONSENT Act and the Social Media Privacy Protection and Consumer Rights Act of 2018. While Continue Reading
U.S. Ad Tech Companies Collecting EU Data Must Prepare for the GDPR
The Bottom Line With fines that can reach up to €20 million or 4% of worldwide annual revenue, the cost of non-compliance under the GDPR could be much more significant than it has been under the prior data privacy framework in the EU. With a little more than one month before the GDPR becomes Continue Reading
South Dakota Becomes 49th State to pass Data Breach Notification Law
The Bottom Line A patchwork of state, federal and international rules impose data breach notification obligations on companies.Every company subject to these rules must have a data breach response plan in place that complies with each state's requirements. Once it becomes law, a bill passed Continue Reading
What We Can Learn from the FTC’s 2017 Privacy and Data Security Update
The Bottom Line The FTC exercises broad reach over privacy and data security issues across numerous industries. The Report shows a continuing trend towards more enforcement actions and increased penalties. All companies should review their privacy and data practices to confirm that they are in Continue Reading
With GDPR Deadline Looming, Ad Tech Community Proposes Collaborative Industry Solution
The Bottom Line Ad tech companies, and all other businesses subject to the GDPR, are facing an imminent compliance deadline. Companies may be able to seek GDPR-compliant solutions through their own internal initiatives, using third-party services or collaborating with others in the Continue Reading
Internet Vendors Now Face New Tax Obligations in Massachusetts
The Bottom Line Internet marketers and vendors with customers in Massachusetts, Ohio and Rhode Island should pay particular attention to the new regulation and legislation that expands the tax nexus for out-of-state vendors making Internet sales in those states. Vendors should consult with a tax Continue Reading
Big Changes to Canada’s Anti-Spam Law Effective July 1
The Bottom Line Although advertisers may not have to be concerned with private lawsuits at this time, they still must comply with CASL — and the Canadian Radio-television and Telecommunications Commission retains the authority to enforce the law, and has been actively doing so for the past three Continue Reading