Mr. Forester is an associate in Davis Polk's Corporate Department, practicing in the Intellectual Property and Technology Transactions Group. He advises clients on intellectual property and technology issues arising from corporate and commercial transactions, such as mergers and acquisitions, data or intellectual property licensing, development and commercialization arrangements, joint ventures and collaborations, financings, restructurings and capital market offerings. [Full Bio]

One way for companies to decrease their cybersecurity risks, as well as their risks from new privacy regulations, is through data minimization—significantly reducing the amount of their data.  By deleting old data and collecting less new data, companies will have less sensitive information to protect and process in accordance with
Continue Reading

A recent bill to amend California’s landmark data privacy law seeks to expand potential liability for violations—bringing little comfort to those already concerned about the risks and challenges associated with achieving compliance in advance of the law’s upcoming effective date.

The proposal—Senate Bill 561, introduced on February 25, 2019, by
Continue Reading

2018 was another busy year for lawyers in the privacy/cybersecurity world – GDPR, CCPA, Marriott, New York Department of Financial Service’s cybersecurity rule deadlines, increased SEC enforcement, more data breach lawsuits, more companies doing table top exercises and risk assessments, etc. But 2019 is looking to be even busier. Below
Continue Reading

Momentum is building for federal data privacy legislation, in large part due to the passage of the California Consumer Privacy Act (CCPA) (which goes into effect in 2020) and other states enacting or considering their own consumer privacy laws.  These developments have businesses concerned that they will face a patchwork
Continue Reading

In Part 1 of this blog post, we discussed some key contractual provisions that lawyers should consider when entering into agreements with cloud service providers (“CSPs”).  In this Part 2, we discuss some additional contractual considerations to keep in mind, as well as some post-contract practices to consider in order
Continue Reading

There are many good reasons why companies are increasingly migrating parts of the information technology to cloud service providers (“CSPs”), including lower overhead costs, greater data accessibility and mobility, and more efficient disaster-recovery response.  For cybersecurity, cloud solutions offer companies many benefits, such as full-time data security monitoring and data
Continue Reading

On April 30, 2018, BLU Products, Inc. (“BLU”) reached a settlement with the Federal Trade Commission (“FTC”) over allegations that BLU allowed ADUPS Technology Co. LTD (“ADUPS”) to collect detailed personal information about BLU’s consumers without their knowledge or consent, despite BLU’s assurances that
Continue Reading

On April 23, 2018, Senators Klobuchar (D-Minn.) and Kennedy (R-La.) introduced the Social Media Privacy Protection and Consumer Rights Act of 2018 (“the Act”), which was referred to the Senate Commerce Committee. Like the CONSENT Act introduced by Senators Markey (D-Mass.) and Blumenthal (D-Conn.)—discussed in detail in our
Continue Reading