ARTICLES
February 26, 2024
On January 16, 2024, New Jersey became the fourteenth state to enact comprehensive privacy legislation after the passage of the New Jersey Data Privacy Act (“NJDPA”), adding to the growing national focus on consumer personal data protections, albeit at the state level.
September 20, 2023
On September 11, 2023, Delaware became the latest state to enact comprehensive privacy legislation, following the recent enactments of data privacy laws in Iowa, Indiana, Florida, Montana, Tennessee, Texas, and Oregon.
August 23, 2023
Under final regulations updated on March 1, 2023 and effective as of September 1, 2023, the National Credit Union Administration (“NCUA”) imposed stringent new cyber incident reporting requirements on federally chartered corporate credit unions and federally insured, state-chartered corporate credit unions (“FICUs”). FICUs that experience a cyber incident that rises to the level of a “reportable cyber incident” must now notify the NCUA (a) as soon as possible; and (b) no later than 72 hours after the FICU reasonably believes that it has experienced a reportable cyber incident or received a notification from a third party regarding a reportable cyber incident.
August 21, 2023
The U.S. data privacy regulatory framework is complex and is becoming more so with each passing day. On July 18, 2023, Oregon became the eleventh state to enact comprehensive privacy legislation, joining five other states (Iowa, Indiana, Montana, Tennessee, and Texas) that have passed “comprehensive” privacy legislation this year.
July 14, 2023
The Federal Trade Commission (“FTC”) is poised to issue updated Guides Concerning the Use of Endorsements and Testimonials in Advertising (the “Guides”) following a comment period on the proposed changes. This alert provides an overview of the proposed updates, which will impact all businesses that engage in any form of advertising and especially those advertising through social media and other online advertising channels.
June 27, 2023
On June 18, 2023, Texas became the eleventh state to enact comprehensive privacy legislation after the recent passage of the Texas Data Privacy and Security Act (“TDPSA”). Texas now joins Tennessee as the latest entry into an increasingly complex web of state privacy laws. On May 11, Gov. Bill Lee signed into law the Tennessee Information Protection Act (“TIPA”), which itself follows recent enactments of data privacy laws in Iowa, Indiana, Florida, and Montana.
June 6, 2023
The Federal Trade Commission (“FTC”) recently brought its first enforcement action under the Health Breach Notification Rule (“HBNR”). The associated record contains important lessons for app developers, privacy professionals, and other organizations in the health technology industry.
February 2, 2023
Parties to a bargain typically make representations and warranties (“RWs”) to one another. RWs expressly record the parties’ understanding as to the conditions and facts under which they enter into a deal. In an asset purchase or an M&A deal, they form a material part of the transaction and account for a significant portion of the negotiations.
July 25, 2022
With the passage of the Virginia Consumer Data Protection Act (Va. Code Ann. §§ 59.1-575 to 59.1-585) (“VCDPA”) on March 2, 2021, Virginia residents now have certain rights regarding their personal information, while business entities conducting business in Virginia may have new and additional data collection and protection obligations, if they meet certain jurisdictional thresholds.
VCDPA will become effective on January 1, 2023. As a result, organizations conducting business in Virginia may need to review their data collection and processing obligations for applicability of the VCDPA, and in preparation for the VCDPA taking effect.
This brief article is intended to highlight certain key requirements of the VCDPA.
July 11, 2022
If you operate a mobile app or any other online platform that features consumer reviews, there are important rules you need to know when it comes to procuring, organizing, or editing consumer reviews of your products or services.
The risks are real. Any actions you take that have the effect of distorting or misrepresenting consumer reviews may give rise to allegations of potentially deceptive conduct and enforcement actions by the Federal Trade Commission (“FTC”) under Section 5 of the FTC Act.
As a matter of general guidelines, a few key principles emerge from Section 5 of the FTC Act. Namely, companies (1) should be transparent about their review-related practices and (2) should treat consumer reviews in a way that truly reflects the feedback received from legitimate customers, presenting a true and holistic picture of the consumers’ experiences and interactions with the companies’ goods or services.
While these guiding principles may seem straightforward enough, many companies have engaged in practices that are, in fact, illegal. It’s important to know that, if adopted, these practices can give rise to significant liabilities. This brief article is intended to highlight, and help you avoid, some common pitfalls.
February 17, 2022
In celebration of International Mother Language Day, attorneys and staff from across the firm share their greetings in Cape Verdean Creole, Chinese (Mandarin & Cantonese), Dutch, Farsi, French, German, Korean, Mongolian, Russian, Serbo Croatian, Tagalog, Urdu and Romanian.
