Blog

Look Before You Leap.. Privacy and Security in M&A Transactions

For those of us in the privacy and security area, the European Union’s General Data Protection Regulation (“GDPR“) has dramatically changed the landscape and the platform privacy and security enjoy both domestically and abroad.  The GDPR is driving much of the conversation around privacy and security but we have also seen a renaissance in privacy […]

Google’s First GDPR Appeal: What’s at Stake?

This post is authored by Matt Avellino, a second-year law student at Villanova University’s Charles Widger School of Law. Mr. Avellino is a legal-intern with the XPAN Law Group. Google is gearing up to appeal a €50 million privacy violation resulting from the French data protection agency, CNIL. Although the fine is miniscule when compared […]

Weather Forecast: Cold with a side of data privacy storm

By Carolin Brucker Cabe, an Associate at XPAN Law Group, LLC. While the weather here on the East coast is getting colder, companies providing mobile applications to their users might still see themselves on the sunny side of the legal weather forecast when it comes to how they collect their users’ geolocation data and what […]

Has The Government Shutdown Resulted In A Cybersecurity Blackout?

By Antonia Dumas, an Associate at XPAN Law Group. Just like a blackout, a government shutdown occurs suddenly and creates a sense of chaos. This is especially true when we have faced the longest government shutdown in history. And, while the current political environment is a prominent national issue, businesses need to think about how […]

Where are we now? Six Months Into the GDPR

On May 25, 2018, the European Union’s General Data Protection Regulation (“GDPR”) went into effect, and largely took the corporate world by surprise. In the ensuing six-plus months, the negative speculation on the impact of the GDPR has run rampant: it will destroy innovation, companies will be put out of business with extraordinary fines — […]

Rebecca Rakoski Periodical on Privacy in 2018 for Policy & Medicine’s Compliance Update

Rebecca L. Rakoski, Esq.’s periodical, ‘A Modern Renaissance Privacy in 2018 and Its Continuing Domestic Evolution,’ has been published in Policy & Medicine‘s Compliance Update.  Below is an excerpt from the article… These days, it seems that nearly every evolved country in the world recently passed a piece of sweeping privacy regulation. In a global […]

‘Tis the Season…for Cyber Attacks

‘Twas the night before Christmas when all through the halls Hackers were vishing through numerous calls The President in panic, the CEO in distress Everyone knew this situation was a giant mess When from the CISO there arose such a clatter All employees were watching to see what was the matter And what to their […]

While everyone is waiting for California’s Data Protection law to come, another “C”-state has already enacted its law: Welcome to Colorado!

By Carolin Brucker Cabe, an Associate at XPAN Law Group, LLC. While everyone who is remotely familiar with data protection and privacy laws and regulations has probably come across the abbreviation “CCPA” (or “CaCPA”) by now and automatically thinks of California, the abbreviation very well could point to another state, which has enacted one of […]

Dittman v. UPMC and the Duty of Care to Secure Employee Data

The security and privacy legal landscape drastically shifted in the past month, with the Pennsylvania Supreme Court issuing its opinion in Dittman v. UPMC, __ A.3d __, No. 43 WAP 2017, 2018 WL 6072199 (Pa. 2018). The facts in this case that form the basis of the Court’s opinion will resonate with every business: plaintiffs […]

An Official Federal Cybersecurity Agency – Will This Provide The Protection That Small Businesses Need?

By Antonia Dumas, an Associate at XPAN Law Group. Regarding the newly signed Cybersecurity and Infrastructure Security Agency Act of 2018, I came across an article that proclaimed: “The US now has an official federal cybersecurity agency.” And yes, technically this is an accurate proclamation because this Act did create an official federal level cybersecurity […]