Nowhere to Run, Nowhere to Hide

This week we saw yet another rash of cyberattacks. The Philadelphia court system website was shut down Tuesday (May 21st) all afternoon because of a virus intrusion. The court website is where attorneys file all of their pleading (complaints, answers, motions) for court cases taking place in Philadelphia. And while it is bad enough to deprive […]

Insider Threats Continued – Your Own Employees Are Your Weakest Link

By Antonia Dumas, Associate at XPAN Law Group LLC In a previous blog post, we discussed  insider threats with a focus on a non-obvious threat, your third-party relationships, describing how an insider threat can be defined and the types of actors that can be a threat to the protection and privacy of your systems and […]

Better Late than Never: While Organizations Struggle to Comply with the California Consumer Privacy Act on Time, Ignorance of the Law Is Not an Option

By Michael A. Shapiro, Attorney at XPAN Law Group, LLC The California Consumer Privacy Act (CCPA) enacted last summer is the first comprehensive U.S. privacy law which creates broad rights for consumers in California and parallel duties on businesses regarding the use of private information.  Among the rights delineated by the CCPA, consumers can seek […]

One Year Later: How are the Regulators Enforcing the GDPR?

We are coming up on the first anniversary of the European Union’s General Data Protection Regulation (“GDPR”), one of the most anticipated data protection regulations in recent memory. Love it, hate it, indifferent — regardless of your personal feelings, the GDPR made waves. It was the catalyst that caused companies across all industries to start […]

Your Third-Party Relationships Are Insider Threats

By Antonia Dumas, Associate at XPAN Law Group LLC Last week, I had the pleasure of attending the inaugural Cyber Security Summit held in Philadelphia. One hot topic that came up during several presentations and panel discussions was the issue of insider threats. As I sat there listening to discussions of more obvious insider threats […]

Turning Lemon Data Into Lemonade-Cybersecurity and Data Privacy Counts in M&A Transactions

Mergers and Acquisitions (M&A).  M&A is a general term that refers to the consolidation of companies or assets through various types of financial transactions. It’s how a lot of business grow and expand. When one business (the acquirer) looks to purchase another (the target), there is always some sort of valuation of the target.  Different […]

Is it Time to Cash Out on Your Data? California Governor Proposes that Companies Pay a Dividend in Exchange for Access to Consumers’ Data.

By Michael A. Shapiro, Attorney at XPAN Law Group, LLC In his first State of the State Address on February 12, 2019,  California Governor Gavin Newsom proposed that tech companies pay a dividend to California residents in exchange for access to their data.  “California’s consumers should . . . be able to share in the […]

Big Tech: What They Say vs. What They Do

This post is authored by Matthew Bonner, a third-year student at Drexel University’s Thomas R. Kline School of Law. Mr. Bonner is a legal-intern with the XPAN Law Group. In the wake of the GDPR’s enactment,  various leaders within the tech industry responded to calls for data privacy regulation in the United States. In October […]

Take Another Look at New Jersey: Data Breach Notification Law is Expanded

Across this country, states are taking a hard look at data privacy and security, and making large scale revisions to their state regulations (California made headlines with the CCPA, but others closely followed suit, such as Washington, Massachusetts, Colorado . . . and the list goes on).   Like many states, New Jersey is getting […]

Takeaways From the FTC’s Annual Privacy and Data Security Update

By Antonia M. Dumas, an Associate at XPAN Law Group, LLC On March 15, 2019, the Federal Trade Commission (“FTC”) released its 2018 Privacy and Data Security Update (“Update”), an annual report summarizing its role and activity as the nation’s primary privacy and data security enforcer. For businesses, a key takeaway from the Update is […]