On February 29, 2019, the Federal Trade Commission announced that the video social networking app Musical.ly, now known as TikTok, agreed to pay $5.7 million to settle a claim that the company illegally collected personal information from children, the largest such civil penalty to date. The Children’s Online Privacy Protection Act (COPPA) requires websites and …
Read More

The California Consumer Privacy Act (CCPA), which passed in 2018 and goes into effect January 1, 2020, is intended to provide some of the most rigorous privacy protections to California residents but is not limited in application to California companies. What entities fall under the CCPA? The CCPA applies to ”businesses” that are for-profit entities …
Read More

The image of the Internet as an unregulated Wild West, untouched by government action, is one that some find attractive. But it is not accurate, as illustrated by a number of important actions taken in recent weeks by the New York State Attorney General’s office, including one it took in conjunction with representatives of dozens …
Read More

Waymo – the self-driving technology subsidiary of Google parent Alphabet Inc., – launched a self-driving taxi service in Phoenix at the end of 2018. As companies continue to speed into the autonomous vehicles space, the birth of this industry is raising unprecedented issues. Policy-makers, insurers, automobile manufacturers, employers, and others are encouraged to begin considering …
Read More

The partial government shutdown, now the longest in U.S. history stretching into its fourth week, presents new risks to cybersecurity, both short term and long term. These effects will be felt not only within government operations, but also in the private sector, which relies upon and works with the government to protect against cyber threats. …
Read More

January is the traditional time to take stock of the year that passed and plan for the year ahead. The same is true of data security and privacy practices. In 2018, cyber regulation dominated the news. The trend is likely to continue in 2019 as existing and new cyber regulations will impact an ever-expanding array …
Read More

The European Union’s General Data Protection Regulation (the GDPR) took effect just about a half-year ago, but many small and mid-sized companies in New York, and elsewhere across the country, still may not understand whether the GDPR applies to them and, therefore, whether they must comply with its requirements. Fortunately, it now may be somewhat …
Read More

Nancy Del Pizzo published an article in The Computer & Internet Lawyer entitled “Are Your Clients’ Web Sites Accessible?” It discusses how businesses’ online presence may leave company owners open to litigation due to a lack of accessibility by the disabled. It relates how the Americans with Disabilities Act prohibits discrimination at “places of public accommodation,” and …
Read More

In September, the U.S. Department of Justice’s Cybersecurity Unit, Computer Crime & Intellectual Property Section updated its Best Practices for Victim Response and Reporting of Cyber Incidents. The updated guidance (which is not intended to have any regulatory effect) emphasizes the importance of planning a response before a data breach, ransomware threat or other cyber …
Read More

It has been nearly 20 years since the federal Anticybersquatting Consumer Protection Act (the ACPA) was enacted in 1999 to battle what an alarmed Congress understood to be a rising wave of “cybersquatting.” As the Senate Judiciary Committee explained, the ACPA was designed to “protect consumers and American businesses, to promote the growth of online …
Read More