2018 was another busy year for lawyers in the privacy/cybersecurity world – GDPR, CCPA, Marriott, New York Department of Financial Service’s cybersecurity rule deadlines, increased SEC enforcement, more data breach lawsuits, more companies doing table top exercises and risk assessments, etc. But 2019 is looking to be even busier. Below
Continue Reading
Daniel F. Forester
Mr. Forester is an associate in Davis Polk's Corporate Department, practicing in the Intellectual Property and Technology Transactions Group. He advises clients on intellectual property and technology issues arising from corporate and commercial transactions, such as mergers and acquisitions, data or intellectual property licensing, development and commercialization arrangements, joint ventures and collaborations, financings, restructurings and capital market offerings. [Full Bio]
Federal Privacy Legislation Is Coming. Maybe. Here’s What It Might Include
Momentum is building for federal data privacy legislation, in large part due to the passage of the California Consumer Privacy Act (CCPA) (which goes into effect in 2020) and other states enacting or considering their own consumer privacy laws. These developments have businesses concerned that they will face a patchwork…
Continue Reading
Cybersecurity and Cloud Migration, Part 2 – Additional Concerns and Best Practices
In Part 1 of this blog post, we discussed some key contractual provisions that lawyers should consider when entering into agreements with cloud service providers (“CSPs”). In this Part 2, we discuss some additional contractual considerations to keep in mind, as well as some post-contract practices to consider in order…
Continue Reading
Cybersecurity and Cloud Migration, Part 1 – Contract Terms to Consider for Reducing Risk
There are many good reasons why companies are increasingly migrating parts of the information technology to cloud service providers (“CSPs”), including lower overhead costs, greater data accessibility and mobility, and more efficient disaster-recovery response. For cybersecurity, cloud solutions offer companies many benefits, such as full-time data security monitoring and data…
Continue Reading
FTC Reaches Proposed Settlement With Mobile Phone Manufacturer BLU, Highlighting the Importance of Effective Oversight of Third-Party Vendor Data Security and Privacy Practices
On April 30, 2018, BLU Products, Inc. (“BLU”) reached a settlement with the Federal Trade Commission (“FTC”) over allegations that BLU allowed ADUPS Technology Co. LTD (“ADUPS”) to collect detailed personal information about BLU’s consumers without their knowledge or consent, despite BLU’s assurances that…
Continue Reading
New Bipartisan Bill Shows Renewed Congressional Attention to Data Privacy and Security
On April 23, 2018, Senators Klobuchar (D-Minn.) and Kennedy (R-La.) introduced the Social Media Privacy Protection and Consumer Rights Act of 2018 (“the Act”), which was referred to the Senate Commerce Committee. Like the CONSENT Act introduced by Senators Markey (D-Mass.) and Blumenthal (D-Conn.)—discussed in detail in our…
Continue Reading