The Feds Are Coming (Or Not)

I think Facebook could probably characterize 2019 year-to-date as “less than fantastic.”  The ongoing fallout from Cambridge Analytica in the UK, massive consumer distrust, the internal strife between what appears to be Team Zuck versus Team Cheryl, and now the looming multibillion-dollar fine that FTC seems to be preparing. It’s enough to make you drink.… Read More

As Transparent as Mud

Transparency is one of the principles driving recent developments in data privacy and data security.  We’ve spent a lot of time discussing how important it is to be open with consumers and data subjects, to give them a clear idea of how their data is used, and why.  The primary reason for this is to… Read More

GDPR Fines, Data Privacy Day, and Other Hot Takes

It’s Data Protection Day, the happiest day of the year!  A year ago, we were talking about the changes that GDPR would bring, and how to gear up operations to ensure that you didn’t violate the law or mislead your customers.  The premise was simple: transparency is a fundamental precept under GDPR (and US law),… Read More

It’s 3am. Does the Dark Web Know Where You Are? (Yes.)

In a move likely driven by federal pressure and calls for an investigation, AT&T yesterday announced that it will no longer sell its customers’ location data to third parties, including data aggregators who, in turn, sell the information to others.  The public response has been to say “It’s about time” immediately after saying “Hold on,… Read More

Predictions, Lists, and Complete Wild Guesses

Now that it’s January and everyone is finally returning to the reality where things don’t always taste like peppermint or eggnog (or both, which is just….no), it’s a good time to think about how you’re going to approach 2019.  This time of year is rife with predictions and, more often, guesses about what privacy, tech,… Read More

Data Leverage: Unlocking the Surprising Growth Potential of Data Partnerships

We are proud to announce the release of our book, Data Leverage: Unlocking the Surprising Growth Potential of Data Partnerships.  This book, which outlines our approach to establishing partnerships, sharing data, and protecting data assets, is a single-source guide for what we believe the most important aspects of data management programs are.  We could not be… Read More

We All Care About Data Security, Except When We Don’t

It should be clear by now that we are most comfortable expressing our thoughts in the form of movie quotes, falling as we do into that demographic of Americans who believe that if you can’t say it with a gif from an 80s movie, you don’t need to say it at all. Really, it works… Read More

Data Privacy Legislation and the “Brunhilde Effect”

One day before the midterm elections, and we’re fully into the silly season of data-related legislation in the United States, with prospective members of Congress setting forth their approach to managing privacy and security with a variety of proposals that are….let’s call them “interesting.”  I say “interesting” because it’s intriguing to see that candidates treat… Read More

Small-Medium Sized Business Data Myths – Part One

We were fortunate to present at the B2SMBi Conference last week, which gathers small and medium sized businesses (“SMB”) and the service providers that allow them to grow and function at scale.  It was a great event, with everyone from micro-startups to Google in attendance, and it provided great insights into the concerns SMBs and… Read More

Data Security for Dummi…I Mean, for Lawyers

Today we’ll talk about something near and dear to my heart: data security for lawyers. I recognize that this is not a topic that many lawyers want to discuss, or one that they feel comfortable discussing.  But the reality is that data security is an important part of being a lawyer, even if it’s not… Read More

There Definitely Won’t be a Federal Data Privacy Law. (Maybe. We’ll See.)

“There’s no way the federal government is going to create a federal privacy law.”  “It’s just not going to happen.”  “Not a chance, no way, forget it.”  “There isn’t a political will in Washington to get it done, and so we can all just assume that it’ll all be only the states issuing regulations for… Read More

GDPR Three Month Checkup (And Three Issues to Watch)

It’s been just about three months since the GPDR went into effect, it’s what makes sense for many people right now to be wondering just how the whole process is going. After all, it was all anyone in the media wanted to talk about for months leading up to May 25. Now? There doesn’t seem… Read More

Own Goals and Cups of Coffee

We’ve spent a good deal of time here talking about the risks of data breaches and how to create structures that help prevent them. We’ve even talked about common kinds of breaches and what they mean for your business. But, of course, no matter how much we talk about this stuff, there’s a never-ending supply of… Read More

The Carpenter Decision

The Supreme Court has issued this year’s most important ruling on privacy in Carpenter v. United States. It is a major development in privacy law, laying the foundation for an interpretation of the Fourth Amendment that protects against generalized government surveillance by electronic means. Together with United States v. Jones, it brings Fourth Amendment jurisprudence into the… Read More

Two (Really Bad) Approaches to Privacy

We’ve reached that time of year when everyone is basically in summer mode – non-work plans being made, last day of school or first day of camp lunches being packed, the inevitable first sunburn (for me, not the kids). It’s the time of year when there’s also a downshift in activity, and (even in the… Read More

Why the LabMD Case is So Important

Yesterday, the Eleventh Circuit Court of Appeals issued a long-awaited ruling in a case called LabMD v. FTC.  Followers of the case will tell you that it has been, to put it mildly, an interesting saga, and it hits on the biggest data related issues of the past fifteen years.  The ruling has serious implications for… Read More

Lessons from Facebook and Fortnite

The news just has not been kind to Facebook the last three months. First the Cambridge Analytica scandal breaks, then the company runs those wrong-footed commercials (“Sorry for selling access to your data and, you know, for stuff like Brexit“), and now comes the revelation that the apologies needed to go much deeper. Despite an… Read More

The Three Pillars of GDPR – Consistency (No. 3)

And so, at long last, the GDPR is the law, and we leave behind the relatively lower standards under the Data Protection Directive.  The Directive, which has been on the books for more than two decades, now passes into obsolescence, like beepers or, in Miami, traffic laws.  Now, we’ll all start to learn what the… Read More

The Three Pillars of GDPR – Security (No. 2)

There are 72 hours to go until GDPR Day (#privmas), and you can almost feel CISOs hoping that, if there’s going to be a breach, it happens today and not on Monday.  We noted once before that Andrea Jelinek, chair of the (very important) Article 29 Working Party deadpanned that “there will be a two… Read More

GDPR Countdown – Two Weeks to Go

As we roll into the final two weeks of our countdown, we’re going to take something of a step back and look at issues more broadly. Yesterday, we discussed Google’s AI, and how we’re all going to be living in the Duplex, as it were. I am (clearly) pretty hung up on this, and have… Read More