Archives

Better Late than Never: While Organizations Struggle to Comply with the California Consumer Privacy Act on Time, Ignorance of the Law Is Not an Option

By Michael A. Shapiro, Attorney at XPAN Law Group, LLC The California Consumer Privacy Act (CCPA) enacted last summer is the first comprehensive U.S. privacy law which creates broad rights for consumers in California and parallel duties on businesses regarding the use of private information.  Among the rights delineated by the CCPA, consumers can seek […]

Your Third-Party Relationships Are Insider Threats

By Antonia Dumas, Associate at XPAN Law Group LLC Last week, I had the pleasure of attending the inaugural Cyber Security Summit held in Philadelphia. One hot topic that came up during several presentations and panel discussions was the issue of insider threats. As I sat there listening to discussions of more obvious insider threats […]

Turning Lemon Data Into Lemonade-Cybersecurity and Data Privacy Counts in M&A Transactions

Mergers and Acquisitions (M&A).  M&A is a general term that refers to the consolidation of companies or assets through various types of financial transactions. It’s how a lot of business grow and expand. When one business (the acquirer) looks to purchase another (the target), there is always some sort of valuation of the target.  Different […]

Is it Time to Cash Out on Your Data? California Governor Proposes that Companies Pay a Dividend in Exchange for Access to Consumers’ Data.

By Michael A. Shapiro, Attorney at XPAN Law Group, LLC In his first State of the State Address on February 12, 2019,  California Governor Gavin Newsom proposed that tech companies pay a dividend to California residents in exchange for access to their data.  “California’s consumers should . . . be able to share in the […]

Big Tech: What They Say vs. What They Do

This post is authored by Matthew Bonner, a third-year student at Drexel University’s Thomas R. Kline School of Law. Mr. Bonner is a legal-intern with the XPAN Law Group. In the wake of the GDPR’s enactment,  various leaders within the tech industry responded to calls for data privacy regulation in the United States. In October […]

Take Another Look at New Jersey: Data Breach Notification Law is Expanded

Across this country, states are taking a hard look at data privacy and security, and making large scale revisions to their state regulations (California made headlines with the CCPA, but others closely followed suit, such as Washington, Massachusetts, Colorado . . . and the list goes on).   Like many states, New Jersey is getting […]

Takeaways From the FTC’s Annual Privacy and Data Security Update

By Antonia M. Dumas, an Associate at XPAN Law Group, LLC On March 15, 2019, the Federal Trade Commission (“FTC”) released its 2018 Privacy and Data Security Update (“Update”), an annual report summarizing its role and activity as the nation’s primary privacy and data security enforcer. For businesses, a key takeaway from the Update is […]

One Ring to Rule Them All

With large cyber breaches like Instagram, Target, and Equifax it isn’t a surprise that the National Association of Insurance Commissioners (NAIC) issued the Data Security Model Law (MDL-668) (the “Model Law”).  The Model Law heavily borrows from the New York Department of Financial Services (NYDFS) cybersecurity regulations that went into effect on March 1, 2017. […]

Congressional Report on Equifax Data Breach: A Lesson in Cybersecurity Complacency

By Michael A. Shapiro, Esq., an attorney with XPAN Law Group, LLC. In September of 2017, Equifax Inc., one of the largest consumer reporting agencies, announced that it suffered a data breach involving personally identifiable information (PII) of over 145 million Americans, almost half of the United States population. The stolen data included names, social […]

“Becoming reality: A Federal Data Privacy legislation in the United States”

By Carolin C. Brucker Cabe, LL.M., an Associate at XPAN Law Group, LLC. It has been a week full of hearings in Washington, D.C. and the subject matter of these couldn’t be of any more interest to anyone working in the Data Privacy Industry. Both the House and Senate held hearings this past week setting […]