Protect Your Data

You’ve Got Mail! Emails May Be Subject to Stockholder Books and Records Requests

By Zachary Liebnick and Zane Polston

Delaware corporations have always been required to provide certain information to their stockholders under Section 220 of the Delaware General Corporation Law (DGCL), but the scope and form of that information  has naturally changed as technology advances.  A recent expansion of the type of documents that corporations may be required to provide occurred in a recent case in which the Delaware Supreme Court held in KT4 Partners LLC v. Palantir Technologies, Inc., that a corporation may be required to produce emails and other electronically stored records at the request of stockholders who bring books and records requests under Section 220.

The California Consumer Privacy Law is Here. Get Prepared. (Webinar)

By Cynthia Larose and Brian Lam

This webinar provides an overview of the act including who it applies to, the types of data covered, and the new rights granted by the act such as data access, deletion, and portability. Actionable, business-focused advice is provided regarding preparing data inventories and process flows to support these new rights, as well as business model considerations in light of the act’s guidance on data monetization and the sanctions and remedies that companies may face. 

Employers Beware: Judge Greenlights Employee’s Privacy Lawsuit Over Dropbox Access

By Katharine BeattieCynthia LaroseJennifer Budoff

Many employers maintain policies limiting their employees’ expectation of privacy in the workplace, including policies that eliminate any expectation of privacy when using company-issued electronic devices. While employers may think that having such a policy would protect them from invasion of privacy claims under the Fourth Amendment or state law, a recent federal court decision may cause employers to think otherwise. This post examines this decision and provides best practices for avoiding issues with employees’ privacy interests.

Musical.ly’s COPPA Failure Falls Flat at the FTC; Will Pay Note-Worthy Fine

By Cynthia LaroseElana Safner

The Federal Trade Commission (“FTC”) has handed down its largest civil penalty ever for violations of the Children’s Online Privacy Protection Act (“COPPA”). Musical.ly, now known as TikTok after a 2018 merger, agreed to a fine of $5.7 million for its violations. The settlement was significant not only because of its record amount, but also because it includes a specific agreement on how the website will operate going forward.

California’s Privacy Act—Watch for an Expanding Private Right of Action

By Joshua BrionesEsteban MoralesMatthew Novian

The California Consumer Privacy Act takes effect on January 1, 2020, but amendments are expected. In an article recently published by Bloomberg Law, Mintz attorneys Joshua Briones, Esteban Morales and Matthew Novian discuss the April 9 hearing on SB-561, a bill that would expand the private right of action and remove compliance opportunities for businesses, and explain why the bill should be closely watched.

What Startups Should Know About the California Consumer Privacy Act

By Brian Lam

Privacy and data security is a serious concern for many startups.  They understand that end users, consumers, partners, and investors are now concerned like never before about how data is collected, used, stored and transferred.  A bad data event quickly turns into a bad news story, can turn off users, discourage investors, and bring regulatory scrutiny and enforcement. 

How to Leverage Privacy as a Key Competitive Advantage

By Brian Lam and Cynthia Larose

“Privacy by design” – while not a new concept – is certainly enjoying a new spot in the sunshine thanks to the European Union’s General Data Protection Regulation (“GDPR”) (93 days and counting…) and its codification of “privacy by design and default” in Article 25.

Privacy can also be a key differentiator and a competitive advantage.  Read on for some points that can help drive your data privacy/data management program.

Key Considerations for Adopting Ephemeral Communications Tools

By Adam Lenain

The combination of emerging technologies, information security risks and electronic discovery obligations continues to give rise to questions regarding best practices for adoption of modern ephemeral communication tools in lieu of more traditional forms of communication, particularly in the context of probable or pending litigation. Many businesses now employ various instant messaging systems, and employees routinely send work-related text messages and interact over collaboration applications--some of which enable automatic, or time of life, expiration and deletion of information (referred to as “ephemeral” communication).

What App Users Care About When Sharing Personal Data: Permissions

By Jane Haviland and Cynthia Larose

A Pew Research Center Report relayed useful information regarding application users’ concerns with sharing personal data.  Ninety percent of app users indicated that how their personal data will be used is “very” or “somewhat” important to them, and influences their decision to download an app.  Sixty percent of users decided against downloading an app when they saw how much personal information they would need to share. 

The (Best) Method to the Madness Behind Choosing a Company Name or Mark

By Susan Neuberger Weller

The Wall Street Journal ran a print article on July 18, 2013 titled “What’s Behind Those Quirky Startup Names?” in which the author Lindsey Gellman discussed the derivation behind unique startup names such as Mibblio, Kaggle, Shodogg, and Zaarly. One of the reasons for these types of names and spellings, she says, is the need for short, recognizable .com web addresses in a space where more mainstream domain names are no longer available. 

Software Audits: Strategies for Licensees

By Julie Korostoff and Joseph DiCioccio

If you have received a software audit request from your software vendor or one of the industry trade groups representing software publishers, such as the Software & Information Industry Association (“SIIA”)1 or the Business Software Alliance (“BSA”)2 you are not alone. Over the past five years,3 software audits have become an increasingly common revenue-leakage recovery tool for software vendors.