All posts by Cooley

What the American Bar Association’s Formal Opinion 483 Means for Lawyers

Last week, the American Bar Association’s (“ABA”) Standing Committee on Ethics and Professional Responsibility (the “Committee”) issued Formal Opinion 483 (the “Opinion”) that sets forth the ABA’s opinion concerning the need for lawyers to notify clients of data breaches affecting client confidential data. The opinion outlines certain “reasonable” steps the ABA […]

CCPA FAQs Part 2b: CCPA Rights and Other Material Provisions

In our third FAQs installment on the California Consumer Privacy Act of 2018 (the “CCPA” or the “Act”), we focus on the following: the additional two individual rights the CCPA provides— the right to delete personal information [1] and the right to equal service and price when a consumer exercises a […]

Brazil’s New Data Protection Law: The LGPD

The global data protection landscape continues to evolve, and Brazil is the latest country to enact an omnibus law governing how organizations collect, use, disclose and otherwise process personal data. Beginning on February 15, 2020, Brazil’s data protection law, Lei Geral de Proteção de Dados (LGPD) (unofficial English translation available […]

The Evolution of Mirai Botnet Source Code Presents Increased Risk of Large-Scale DDoS Attacks

Over the past few years, several major distributed denial-of-service (“DDoS”) attacks took place, including a major event affecting the domain name service provider Dyn, which caused outages and slowness for a number of popular sites, including Amazon, Netflix, Reddit, SoundCloud, Spotify, and Twitter. However, since several of these large, highly-publicized attacks occurred in 2016, […]

Ohio Enacts Liability “Safe Harbor” for Entities That Maintain Specified Cybersecurity Programs

On August 3, 2018, Ohio Governor John R. Kasich announced that he signed Substitute Senate Bill 220 (“SB 220” or “Bill”) that, in part, affords a litigation “safe harbor” to covered entities that implement, maintain, and comply with specified cybersecurity programs. Covered entities, e.g., businesses, sued after a data breach […]