Children’s Privacy, COPPA, Data Privacy, Regulation, E-Commerce, In The News, Information Security
2018 leaves us with the largest COPPA settlement to date, so what may be in store for 2019?
By Mindy Abern on December 31, 2018
California, CCPA, Children’s Privacy, consumer, De-Identified Information, personal information, privacy, Regulation
The New CA Consumer Privacy Act: Don’t Panic (Yet)
By Justine Young Gottshall on July 02, 2018
Boris, byod, California, EEOC, employee, employment, Illinois, Law, Maryland, Media, Michigan, Nihar, NLRA, NLRB, privacy, privacy law, Segalis, Shah, Social
Illinois Second State to Enact Law Barring Employers from Obtaining Current or Prospective Employees' Social Media Account Credentials
By InfoLawGroup LLP on August 06, 2012
concerted activity, employee privacy, enforcement, group, Heather Nolan, InfoLawGroup, information, Law, NLRA, NLRB, privacy, privacy enforcement, Section 7, social media, social network
NLRB Issues Report on Employer Social Media Policies
By Heather Nolan on June 25, 2012
concerted activity, employee privacy, group, InfoLawGroup, information, information law group, Law, NLRA, NLRB, privacy, privacy enforcement, Section 7, Shannon Harell, social media, social network
NLRB Issues Second Report Reviewing Social Media Enforcement Actions
By InfoLawGroup LLP on January 29, 2012
AB22, Boris Segalis, consumer credit report, credit report, EEOC, employee privacy, group, InfoLawGroup, information, Law, privacy law, Tanya Forsheit, workplace privacy
Restrictions on Use of Consumer Reports in Hiring Process Enacted in California
By InfoLawGroup LLP on October 10, 2011
On October 10, 2011, Governor Brown signed into law a bill, AB22, that restricts the use of consumer credit reports in the hiring and promotion process.
access, Boris Segalis, Health Care, health information, HHS, HITECH, InfoLawGroup, information law group, InformationLawGroup, Nicole Friess, NPRM, privacy, privacy rule, protected health information, Regulation, Security, security rule
Changes to HIPAA Privacy Rule Proposed by HHS - Find Out Who Has Accessed Your Health Records
By InfoLawGroup LLP on June 01, 2011
and, bills-, by, capital, capitalists, data, data privacy laws and regulations, David, David Navetta, design, do, Do Not Track, Friess, FTC, group, InfoLawGroup, information, information law group, Law, laws, Navetta, Nicole, Nicole Friess, not, privacy, privacy bills, privacy by design, start-ups, track, tracking, VCs, venture, venture capital, venture capitalists
"Privacy by Design": A Key Concern for VCs and Start-Ups
By InfoLawGroup LLP on May 23, 2011
Apple, Apps, Commission, data, Data Privacy Law or Regulation, Department, Department of Justice, Devices, DOJ, Federal, Federal Trade Commission, Franken, FTC, Google, group, Hearing, InfoLawGroup, information, information law group, InformationLawGroup, Justice, Law, Leahy, Legislation, location, location data, location tracking, Mobile, Mobile Devices, of, or, privacy, privacy legislation, Regulation, Senate, smartphones, tracking, Trade, wifi
Senate Subcommittee Holds Hearing on Mobile Privacy
By InfoLawGroup LLP on May 09, 2011
Daily Journal, InfoLawGroup, information law group, information security, Law, law firm, Los Angeles, privacy, profile, social network
InfoLawGroup Profiled in Los Angeles Daily Journal: "The Social (Law Firm) Network"
By InfoLawGroup LLP on April 08, 2011
InfoLawGroup was recently profiled in the Los Angeles Daily Journal. "The Social (Law Firm) Network" is reprinted here with permission from the Daily Journal. We wish all of our clients, friends, and readers a great weekend.
2011, Act, advertising, Behavioral, behavioral advertising, bill, Commercial, Commercial Privacy Bill of Rights Act of 2011, data, Data Privacy Law or Regulation, FTC, group, identifiable, InfoLawGroup, information, information law group, InformationLawGroup, Kerry, Law, Legislation, McCain, of, or, personally, personally identifiable information, pii, privacy, privacy bill of rights, privacy enforcement, privacy legislation, Regulation, rights, Senate
Kerry Releases Draft of "Privacy Bill of Rights"
By InfoLawGroup LLP on March 25, 2011
best practices, bill, Colorado, Gross Negligence, HB 11-1225, negligence, Pabon, Regulation, Security
A Novel Data Security Law Proposed in Colorado
By InfoLawGroup LLP on February 24, 2011
Over the past couple years, many predicted that new state laws would follow the lead of states like Nevada and Massachusetts, and some anticipated we could see a situation where 50 different privacy/security laws across the country. Now it looks like we are beginning to see some renewed activity on the state level. In Hawaii we have a proposed bill that would require breached entities to provide credit monitoring and call center services to impacted individuals. In my home state, Colorado, a legislator (Dan Pabon) has proposed a novel bill that takes a new approach to incentivizing companies to implement good security. In this post, we take a look at the highlights of the Colorado bill.
ABA, American Bar Association, Information Security Committee, ISC, Law, pii2010, privacy, Science and Technology Law, Security
Upcoming Events
By InfoLawGroup LLP on August 04, 2010
The attorneys of InfoLawGroup have been very busy this summer, and August is no exception. In addition to our regular day-to-day work, we will (somehow) find the time to attend some great events in August. If you will be in San Francisco and/or Seattle later this month, please join us, we would love to see you.
bill, consent, data accuracy, data integrity, data security, notice, privacy, privacy notice, Regulation, Security, security measures
FAQ on the "BEST PRACTICES Act" - Part One
By InfoLawGroup LLP on July 22, 2010
Congressman Bobby Rush has introduced a new data privacy bill to Congress known as the "Building Effective Strategies to Promote Responsibility Accountability Choice Transparency Innovation Consumer Expectations and Safeguards" Act (a.k.a. "BEST PRACTICES Act" or "Act").We have put together a summary of the Act in "FAQ" format. In Part One we look at some of the key definitions, requirements concerning transparency, notice and individual choice, mandates around accuracy, access and dispute resolution, and finally data security and data minimization requirements under the Act. Part Two will focus on the "Safe Harbor" outlined in the Act, various exemptions for deidentified information, and provisions concerning the application and enforcement of the Act.
health information, HHS, HIPAA, HITECH, privacy, Regulation, Security
InfoLaw Alert: HHS Issues Proposed Mofications to HIPAA Security and Privacy Rules
By InfoLawGroup LLP on July 08, 2010
banking, fraud, HIPAA, Mexico, privacy, reasonable, reasonable security, Regulation, Security
Quickhits: Dog Days of Summer Edition
By InfoLawGroup LLP on July 08, 2010
assessment, audit, Breach, breach notice, Cloud, cloud computing, Computing, contracting, contracts, Contracts Breach, forensics, incident, incident response, liability, notice, privacy, provider, Regulation, response, schedule, Security, security assessment, security breach, security schedule, service, service provider, service provider liability
What's in Google's SaaS Contract with the City of Los Angeles? Part Three.
By InfoLawGroup LLP on June 23, 2010
This blogpost is the third (and final) in our series analyzing the terms of Google's and Computer Science Corporation's ("CSC") cloud contracts with the City of Los Angeles. In Part One, we looked at the information security, privacy and confidentiality obligations Google and CSC agreed to. In Part Two, the focus was on terms related to compliance with privacy and security laws, audit and enforcement of security obligations, incident response, and geographic processing limitations, and termination rights under the contracts. In Part Three, we analyze what might be the most important data security/privacy-related terms of a Cloud contract (or any contract for that matter), the risk of loss terms. This is a very long post looking at very complex and interrelated contract terms. If you have any questions feel free to email me at dnavetta@infolawgroup.com
Breach, breach notice, California, fines and penalties, legal defensibility, medical data, notification, Regulation
California Department of Public Health Breach Fines and Legally Defensible Security
By InfoLawGroup LLP on June 17, 2010
audit, Breach, breach notice, Cloud, contracting, contracts, forensics, incident response, privacy, Regulation, Security, security assessment, security breach, security schedule, service provider, service provider liability
What's in Google's SaaS Contract with the City of Los Angeles? Part Two.
By InfoLawGroup LLP on June 03, 2010
Cloud, Department of Commerce, jurisdiction, PET, privacy, privacy enhancing technologies, Regulation, self-regulatory, standards, transborder data flows
Observations on the Dept. of Commerce's Privacy Inquiry
By InfoLawGroup LLP on April 29, 2010
