Author

Harry Valetk

Browsing

The Supreme Court of the United States has addressed a contentious split among federal circuit courts of appeals on the definition of “autodialer” under the Telephone Consumer Protection Act (TCPA) with a decision that should greatly reduce the amount of TCPA litigation in the US. The TCPA prohibits any person from placing phone calls (including text messages) to a wireless number using an “autodialer,” among other things, without the recipient’s prior express consent (or, for…

Our Labor and Employment, Global Immigration and Mobility, and Data Privacy lawyers discuss vaccine passports — what they are, how countries are already using them domestically and for international travelers, data privacy concerns related to the use of digital health documentation, and what employers should keep top-of-mind as vaccine passports become more common. Click here to watch Our Labor and Employment blog, The Employer Report, complements our video series, providing written legal updates on reopening and other hot topics.…

The roller coaster of comprehensive state data privacy laws continues in earnest.  California has now double dipped: first with the California Consumer Privacy Act (CCPA) and second with the California Privacy Rights Act (CPRA).  With all eyes on New York, Washington State, and other potential early movers for more state legislation, Virginia has surprised the nation by coming out very quickly with its own version of comprehensive privacy law, which Governor Ralph Northam signed into…

Florida’s governor, Ron DeSantis, and the speaker of the state’s house of representatives, Chris Sprowls, each recently highlighted proposed new privacy legislation in Florida that resembles the California Consumer Privacy Act (CCPA). This has landscape-changing potential, as House Bill 969 is the first CCPA-like proposal endorsed by a Republican governor. The bill the governor and speaker lauded was filed on February 15th, and if passed would become effective on January 1, 2022. Application/Exceptions House Bill…

The European Data Protection Board (EDPB) recently published the draft Guidelines on Examples Regarding Data Breach Notification, a document that encompasses eighteen examples of data security incidents, on a spectrum of risk and necessary mitigating measures.  Each example concludes with recommended actions based on the identified risks, mainly: recording the incident in the organization’s internal register, notifying the organization’s supervisory authority, and notifying affected individuals.  The Guidelines are currently open for public consultation. The Guidelines…

Happy Data Protection Day! The 28 January each year is celebrated as Data Protection Day (or Data Privacy Day outside of Europe), which marks the anniversary of the Council of Europe’s Convention 108. To mark Data Protection Day 2021, we have summarised some of the key trends and developments in the EU, UK and beyond from a data protection perspective and looking ahead to what to expect for 2021. You can jump to specific country…

Harry Valetk, a partner in our New York office, joins Brian Hengesbaugh to discuss the global privacy issues surrounding COVID-19 vaccinations. Tune in to hear: the immediate privacy issues to consider in regards to the vaccinewhether a privacy impact assessment is warrantedthe privacy perspective on employers mandating vaccination. https://open.spotify.com/episode/3WevOBKvsQ8pIb9aZMz0F2?si=nyOjalKeS7qLmn0MWdg3Aw

In the privacy world, there is no rest for the weary. In California, while most companies were just getting their programs running to address the California Consumer Privacy Act (“CCPA”), including some last minute changes to address the final version of the regulations issued in late fall 2020, the California Privacy Rights Act (“CPRA”) was officially certified on December 16, 2020 following voter approval in another privacy referendum in the November 2020 elections. CPRA sharpens…

The ICO has issued a statement confirming that organisations should immediately check to see whether they are potentially a victim of the cyber-attack carried out through the SolarWinds Orion IT management platform (see ICO statement). Initial technical research indicates that while the majority of potentially compromised users of Orion are based in the United States of America, there are significant numbers of users in the United Kingdom and EU. The versions of the software that…

Disruptive cyber-attacks aimed at supply chains are on the rise, as the recent SolarWinds security breach has so prominently brought to light. While your immediate IT infrastructure may not have been directly impacted by that breach, now may be a good time to check-in with you key service providers. If they host or in any way process digital assets on your behalf, there is reason for concern in light of the devastating SolarWinds security breach.…