Privacy & Security
Arent Fox is on the cutting edge of cybersecurity and data protection laws and has experience assisting clients with all aspects of privacy, cybersecurity, and data protection. Our group serves clients in regulated spaces such as health care and telecommunications and sophisticated industries including retail, gaming and entertainment, and media.
Arent Fox’s interdisciplinary team of cybersecurity and data protection attorneys handle the full scope of data security and protection issues. We regularly advise clients on how to protect their data at every stage, from advice and counseling to investigations, incident planning and response, litigation, and even securing insurance policies to mitigate risks and liabilities. We work with companies to develop internal security and governance programs; advise businesses on the collection of data in retail locations as well as in online including via social media marketing and e-commerce platforms; and conduct internal investigations in response to critical data breaches. We also work with companies to implement privacy and data security protection by using IT agreements to control data access by their employees, reconfiguring data security when moving IT operations to the cloud, and protecting against cyber risks that can arise from third party IT vendors.
We routinely advise on the biggest trends in privacy and data security such as: handling ransomware incidents; cyber threat and new technology systems; NIST, ISO, PCI-DSS, and other security standards; payment security and mobile payment trends; aggregate and anonymized data collection in advertising; FTC guidance and enforcement; the Internet of Things; cross-border data transfer issues; the EU General Data Protection Regulation (GDPR); health information privacy, security, and breach notification; as well as federal- and state-level regulatory compliance.
Recent reports indicate that advertising fraud is not only increasing but is now being run by groups alongside otherwise legitimate advertising businesses.
Cybersecurity company Check Point recently released a report finding that HummingBad—a known malware that takes over Android devices, generates fraudulent advertising revenue, and installs apps on the infected phones—was developed and is controlled by a group of cybercriminals within Yingmob, an otherwise legitimate advertising analytics business based in Beijing.
Mobile advertising company InMobi, whose advertising network reaches more than one billion devices worldwide through thousands of apps, has settled with the Federal Trade Commission over charges that it “deceptively tracked” the locations of hundreds of millions of consumers without their knowledge or consent, in a deal announced June 22.
Consumer advocate groups--Public Knowledge, Consumer Watchdog, Center for Digital Democracy, Consumer Action, TURN-The Utility Reform Network and Consumer Federation of America—recently filed a complaint with the Federal Trade Commission and a petition with the Federal Communications Commission against AT&T, Cablevision, and Comcast, citing privacy-related offenses.
If you attended the Consumer Electronics Show in Las Vegas, you probably noticed many concepts applied to the one item that many Americans use every day: the automobile. Over the past few years technology developers and manufacturers have set their sights on the automotive industry, which is one of the largest industries in the United States. From automated cars, syncing software, to wearable devices that interact with a vehicle, it is clear that our time in the car is under an era of rapid change.
A German data protection regulator reportedly fined 3 companies—Adobe Systems, Punica, and Unilever—a total of 28,000 euros ($32,000) for continuing to rely on the Safe Harbor framework and failing to set up alternative legal channels for cross-border data transfers quickly enough, following Safe Harbor’s demise in October of last year. Adobe was fined 8,000 euros, Punica 9,000 euros, and Unilever 11,000 euros.
Last week, Sarah Bruno and Lourdes Turrecha joined International Association of Privacy Professionals (IAPP) Privacy Advisor editor Angelique Carson to discuss their experiences in the privacy field.
On May 25, 2016, the White House released its much anticipated Data Security Policy Principles and Framework (Security Framework) for President Obama’s Precision Medicine Initiative (PMI). The PMI is aimed at pioneering a new model of patient-powered research to improve health and treat disease, which takes into account individual differences in people’s genes, environments, and lifestyles.
Under a proposed EU regulation, online retail companies in Europe may no longer be able to use geo-tracking in online shopping. The European Commission released a draft regulation on May 25, 2016 that proposes the removal of geo-blocking for online shopping, stating that it wants to ensure that consumers seeking to buy products and services in an EU country, be it online or in person, are not discriminated against in terms of access to prices, sales, or payment conditions.
On Monday, the US Supreme Court sent a potential class action case back to the Ninth Circuit for reconsideration, marking an intermediary win for Spokeo Inc., which uses a “people search engine” to find, compile, and sell publicly available personal information. The company came under fire for publishing inaccurate personal information about plaintiff Thomas Robins in a case that was expected to have major implications on US privacy and consumer protection law.
ABOUT ARENT FOX LLP
Arent Fox LLP, founded in 1942, is internationally recognized in core practice areas where business and government intersect. With more than 350 lawyers, the firm provides strategic legal counsel and multidisciplinary solutions to clients that range from Fortune 500 corporations to trade associations. The firm has offices in Los Angeles, New York, San Francisco, and Washington, DC.