Category: Compliance, Risk & Strategy
Cybersecurity Governance for Maturing Companies
With cyber resilience top of mind for investors, shareholders, regulators and the plaintiffs’ bar, growing organizations can no longer afford to put their cybersecurity efforts on the back burner. Building a cybersecurity program has become an essential element in the growth strategy. But where do you begin? Cooley’s cyber/data/privacy lawyers […]
Workplace Testing and Data Protection: Guidance for Employers
As the UK begins to ease lockdown measures, employers in all sectors are considering how their employees can return to work in the safest possible way. For many, this will include testing to check whether employees have (or have already had) COVID-19. Any employer wishing to carry out such testing […]
Road Map For a Cautious Approach to Contact Tracing
Law360 “It has become increasingly clear that a combination of COVID-19 testing and use of geolocation technologies for contact tracing will be essential for the nation to get back to life and work. With this realization came outcry that contact tracing is a leap to the surveillance society that would […]
AI and Algorithms: FTC Issues Guidance for Companies Amid Heightened Scrutiny
Even before the COVID-19 crisis, artificial intelligence and algorithms, particularly in the context of pricing, were a focus of the Federal Trade Commission and the Department of Justice’s Antitrust Division. With the COVID-19 pandemic shining a spotlight on online platforms and sellers using algorithms to set prices, it is particularly […]
How the CLOUD Act is Likely to Trigger Legal Challenges
New York Law Journal “The CLOUD Act is about to stir up a legal storm. The act was originally passed in March 2018 to ensure US law enforcement officials could obtain information from US-based communications providers even if that information is stored overseas. But the act has another, more controversial provision: […]
Rigorous Privacy and InfoSec Requirements May Be in Store for Companies That Accept Government Equity Stakes
Federal government agencies, government-controlled corporations and some government contractors must comply with robust federal laws that govern federal agencies’ privacy and information security practices – the Privacy Act and FISMA, respectively. Now, these laws may apply to companies that accept federal government aid under the Coronavirus Aid, Relief, and Economic […]
Europe Issues Pragmatic Privacy Guidance for COVID-19 Data Processing
European data protection authorities have issued important guidance on the processing of personal data in connection with COVID-19. At a pan-European level, on March 19, 2020, the European Data Protection Board issued a statement on the processing of personal data in the context of the COVID-19 outbreak.
The GDPR and Coronavirus: What Organisations in the UK Need to Know
The UK’s Information Commissioner’s Office has, over the course of this week, published various notes of advice and blog posts to organisations and data subjects in respect of the coronavirus (COVID-19) pandemic.
US Guidance on Collection, Use and Disclosure of Personal Information to Combat COVID-19
Companies are working hard to balance the privacy of their employees and the need to keep employees informed and safe. Many have encouraged employees and visitors to report if they experience COVID-19 symptoms or have otherwise been exposed to the virus through travel or their communities. They have collected this […]
Ninth Circuit Restricts Immunity for Filtering Objectionable Content
Companies that make anti-virus and similar software that helps internet users guard against dangerous online content must now think twice about whether they can be sued for their decisions about what content to filter. This is the result of a significant ruling last month by the United States Court of […]