Legislative Developments

On the latest episode of the Ad Law Access Podcast, partner Kristi Wolff discusses FDA’s recent CBD warning letters, Commissioner nominee Dr. Stephen Hahn’s confirmation hearings, and a preview of this week’s Cannabis Law Update webinar.

On Thursday, December 5, from Noon – 1:00 Eastern we will be holding a webinar on the emerging

The week after Thanksgiving is always a busy one and this year does not disappoint. We are pleased to be holding the following educational opportunities this week:

California Consumer Privacy Act Workshop Los Angeles Edition
In Los Angeles, on Wednesday, December 4, we will be holding the latest in our series of California Consumer Privacy

Please join us on May 1 in Charlotte for a half-day workshop covering the latest advertising and privacy law developments. This interactive event will provide an update on crucial consumer protection issues, deliver practical guidance and benchmarking, and offer an opportunity to connect with peers across a variety of industries.

This workshop will be open

Businesses often include mandatory arbitration clauses in their pre-dispute dealings with customers to prevent costly consumer class actions in favor of streamlined (often individual) arbitration.  The Federal Arbitration Act (“FAA”) makes such arbitration agreements “valid, irrevocable, and enforceable, save upon such grounds as exist at law or in equity for the revocation of any contract.”  

The draft National E-Commerce Policy (“Draft Policy”) released by the Government of India on February 23, 2019 for stakeholder comments, has left the e-commerce sector in jitters. For global market players, the protectionist construct of the Draft Policy seems to suggest a shift of India’s focus from ‘Ease of Doing Business in India’ to ‘Make in India’. If the Draft Policy is implemented in its present form, it may have a serious impact demanding drastic change in internal strategies, policies and cost allocations for foreign companies having e-commercial presence in India. The Draft Policy is open for stakeholder comments up to March 9, 2019.

The Draft Policy focuses on: (i) restriction on cross-border flow of data; (ii) local presence and taxability of foreign entities having significant economic presence in India; (iii) creating a robust digital infrastructure for e-commerce, from online custom clearance to online resolution of consumer complaints; (iv) promoting exports from India with a boost to start-ups and small firms; and (v) regulatory changes to augment economic growth in e-commerce.

The key highlights of the Draft Policy are as follows: 
Continue Reading

With the Illinois Supreme Court’s recent decision in Rosenbach v. Six Flags Entertainment Corp., the floodgates have opened for class actions in Illinois against businesses that collect biometric information from employees or customers.  In Rosenbach, the Illinois Supreme Court decided that alleged procedural violations of Illinois’s Biometric Information Privacy Act (“BIPA”) are enough,

Just when you think you’ve tackled the Wild, Wild West of GDPR and privacy compliance, California decides to mix it all up again.

This November 6th, California voters will decide on the California Consumer Privacy Act (“Act”), a statewide ballot proposition intended to give California consumers more “rights” with respect to personal information (“PII”) collected from or about them.  Much like CalOPPA, California’s Do-Not-Track and Shine the Light laws, the Act will have broader consequences for companies operating nationwide.

The Act provides certain consumer “rights” and requires companies to disclose the categories of PII collected, and identify with whom the PII is shared or sold. It also includes a right to prevent the sale of PII to third parties, and imposes requirements on businesses to safeguard PII.  If passed, the Act would take effect on November 7, 2018, but would apply to PII collected or sold by a business on or after nine (9) months from the effective date – i.e., on August 7, 2019.

Who is Covered?

The Act is intended to cover businesses that earn $50 million a year in revenue, or businesses that “sell” PII either by (1) selling 100,000 consumer’s records each year, or (2) deriving 50% of their annual revenue by selling PII. These categories of businesses must comply if they collect or sell Californians’ PII, regardless of whether they are located in California, a different state, or even a different country.
Continue Reading

The Senate yesterday confirmed all five nominees to the Federal Trade Commission by voice vote, which means the five-person body will soon be restored to full capacity after over a year with only two Commissioners.  Current Chair Ohlhausen released a statement congratulating incoming Chair Joseph Simons and soon-to-be new Commissioners Noah Phillips, Becca Slaughter, Rohit

Just when you think you have it all under control, the data breach notification law landscape changes – again. Over the past few weeks, several data breach notification statutes were updated, including an effective date for Canada’s mandatory breach notification obligations, as well as the adoption of legislation in the two holdout states (Alabama and