All posts by Cooley

Round 2: California AG Revises Proposed CCPA Regulations

On February 7 and 10, 2020, the California Attorney General released modifications to the proposed regulations implementing the California Consumer Privacy Act. The modifications substantially revise the initial version of the proposed regulations released last October. Notable changes focus on the following topics:  Definitions of “personal information” and other key […]

Schrems 2.0 – The Advocate General’s Opinion

Background The Court of Justice of the European Union Advocate General issued his much‑anticipated opinion in the case commonly known as “Schrems 2.0.”   The AG’s opinion is not legally binding. However, it is likely to influence the CJEU’s decision in the case, which is expected to be handed down […]

Private and Public CCPA Enforcement Will Launch on January 1, 2020 Despite California AG Delay

As we approach the January 1, 2020 effective date of the California Consumer Privacy Act (CCPA), many companies are feeling in the dark about how and when the CCPA will be enforced. Will the California Attorney General call on January 2nd? Will plaintiffs’ lawyers serve complaints on January 3rd? Will […]

LinkedIn Data Scraping Case Shows 9th Circ. Shift On CFAA

When may a company legally scrape data from another company’s website? Does it matter whether the website is open to the public or only to logged-in users? This is a contested area of law under the Computer Fraud and Abuse Act, 18 U.S.C. Section 1030, the federal statute that imposes […]

IAB Issues Draft CCPA Framework

The Interactive Advertising Bureau (IAB) has released for public comment the IAB California Consumer Privacy Act Compliance (CCPA) Framework for Publishers and Technology Companies. According to the IAB, the draft framework is intended to help publishers, ad agencies and other companies involved in the digital advertising ecosystem comply with the CCPA, […]

Big Game Phishing

On October 2, 2019, the FBI issued a Public Service Announcement to alert US businesses and organizations to plan and prepare for what are being described as high-impact ransomware events. Certain bad actors seem to be no longer simply interested in a quick and easy financial gain from indiscriminately infecting […]

California Privacy Rights and Enforcement Act – CCPA 2.0?

On Sept. 25, 2019, Californians for Consumer Privacy, a nonprofit group led by the real estate magnate who spurred passage of the California Consumer Privacy Act (CCPA) of 2018, filed a new ballot measure called the California Privacy Rights and Enforcement Act (CPRE or now painfully dubbed by many as […]

UPDATE: Brazil’s Data Protection Law Moves Forward

The final version of Brazil’s data protection law, Lei Geral de Proteção de Dados (LGPD), was approved by the Brazilian Federal Senate in May 2019 and sanctioned by President Jair Bolsonaro in July. The LGPD is now scheduled to become effective in August 2020. When the LGPD was first approved […]

New York State Toughens Data Security Laws

On July 25, 2019, New York enacted a pair of data security laws. First, the Stop Hack and Improve Electronic Data Security Act (SHIELD Act) updates New York’s data security requirements. Second, the Identity Theft Prevention and Mitigating Services Act imposes obligations on credit reporting agencies that experience a breach […]

Fashion ID Case: CJEU Rules on Plug-ins and Joint Controllership

On 29 July 2019, the Court of Justice of the European Union handed down its decision in the Fashion ID case, dealing with alleged unlawful data collection through the Facebook Like button and the controllership of said data. In short, the CJEU held that websites containing embedded third-party content can […]