Photo of Stuart Cobb

On March 8th, the Children’s Advertising Review Unit (“CARU”), a FTC-approved safe harbor organization that monitors compliance with the Children’s Online Privacy Protection Act (“COPPA”), announced it had found TickTalkTickTalk––a children’s smart watchmaker and one of CARU’s member organizations—in violation of COPPA and CARU’s privacy guidelines.
Continue Reading Kids’ Smart Watchmaker Updates Privacy Practices at Safe Harbor’s Direction

Maryland and California look to join the list of states that not only regulate biometric data but provide consumers with the opportunity to seek hefty statutory damages and attorney’s fees from offending businesses. Similar to Illinois’ oft-litigated Biometric Information Privacy Act (“BIPA”), both bills would also (i) require written consent prior to the collection of biometric information; (ii) impose BIPA-like security measures, and (iii) mandate specific retention criteria, as described below.
Continue Reading Maryland and California Propose Biometric Privacy Legislation that Would Include Illinois-Like Private Rights of Action

Two Chinese information security laws, the Data Security Law (“DSL”) and the Personal Information Protection Law (“PIPL”), are creating difficulties for parties involved in litigation in the United States seeking discovery materials stored in China.

Both the DSL and the PIPL require data processors to obtain approval from the Chinese government before transferring any data stored in China to a foreign court or law enforcement authority, or otherwise face significant penalties such as fines in the millions of dollars.

Litigants in the U.S. should be aware that the DSL and PIPL may impose significant costs and delays in the discovery process, and may be used to avoid turning over certain materials.Continue Reading Chinese data security laws increasingly create roadblocks for litigants seeking discovery in U.S. courts