On February 29, 2019, the Federal Trade Commission announced that the video social networking app Musical.ly, now known as TikTok, agreed to pay $5.7 million to settle a claim that the company illegally collected personal information from children, the largest such civil penalty to date.

The Children’s Online Privacy Protection Act (COPPA) requires websites and

The California Consumer Privacy Act (CCPA), which passed in 2018 and goes into effect January 1, 2020, is intended to provide some of the most rigorous privacy protections to California residents but is not limited in application to California companies.

What entities fall under the CCPA?

The CCPA applies to ”businesses” that are for-profit entities

The image of the Internet as an unregulated Wild West, untouched by government action, is one that some find attractive. But it is not accurate, as illustrated by a number of important actions taken in recent weeks by the New York State Attorney General’s office, including one it took in conjunction with representatives of dozens

Waymo – the self-driving technology subsidiary of Google parent Alphabet Inc., – launched a self-driving taxi service in Phoenix at the end of 2018. As companies continue to speed into the autonomous vehicles space, the birth of this industry is raising unprecedented issues. Policy-makers, insurers, automobile manufacturers, employers, and others are encouraged to begin considering

The partial government shutdown, now the longest in U.S. history stretching into its fourth week, presents new risks to cybersecurity, both short term and long term. These effects will be felt not only within government operations, but also in the private sector, which relies upon and works with the government to protect against cyber threats.

January is the traditional time to take stock of the year that passed and plan for the year ahead. The same is true of data security and privacy practices.

In 2018, cyber regulation dominated the news. The trend is likely to continue in 2019 as existing and new cyber regulations will impact an ever-expanding array

The European Union’s General Data Protection Regulation (the GDPR) took effect just about a half-year ago, but many small and mid-sized companies in New York, and elsewhere across the country, still may not understand whether the GDPR applies to them and, therefore, whether they must comply with its requirements. Fortunately, it now may be somewhat

Nancy Del Pizzo published an article in The Computer & Internet Lawyer entitled “Are Your Clients’ Web Sites Accessible?” It discusses how businesses’ online presence may leave company owners open to litigation due to a lack of accessibility by the disabled.

It relates how the Americans with Disabilities Act prohibits discrimination at “places of public accommodation,” and

In September, the U.S. Department of Justice’s Cybersecurity Unit, Computer Crime & Intellectual Property Section updated its Best Practices for Victim Response and Reporting of Cyber Incidents. The updated guidance (which is not intended to have any regulatory effect) emphasizes the importance of planning a response before a data breach, ransomware threat or other cyber

It has been nearly 20 years since the federal Anticybersquatting Consumer Protection Act (the ACPA) was enacted in 1999 to battle what an alarmed Congress understood to be a rising wave of “cybersquatting.” As the Senate Judiciary Committee explained, the ACPA was designed to “protect consumers and American businesses, to promote the growth of online