Data Security andPrivacy
“We’ve had a data breach.” Few phrases strike more confusion and concern into the hearts of business owners. From the possibility of losing critical information and trade secrets to the compromise of customer information and the need to spring into remedial action, the costs in terms of time, money and trust are high.
It’s becoming increasingly clear that the question isn’t whether any given business will experience a cybersecurity breach but when–and how to avoid catastrophic legal and PR implications and impact.
Our Data Security and Privacy team works with clients and their cybersecurity providers on best practices to keep our clients prepared, equipped for risk management and out of the headlines. With decades of industry, in-house and international experience, we bring a deep understanding of technology and evolving data and cybersecurity laws to our counsel, which includes:
- Compliance planning and policy development
- Government regulations and legislation
- Security and compliance audits and assessments
- Preparedness planning
- Supply chain contract review and counsel on cybersecurity commitments
- Employee education and training
- Crisis response
Regardless of size, sector or the role technology plays in your operations, a cybersecurity plan is an essential cost of doing business. This is especially important for small and mid-sized companies that can be more vulnerable to breaches and threats while operating with fewer resources. And although compliance need not drive business, it is critical to ensure that business operations are shored up against threat, policies are in place to govern internal and external privacy and security commitments, and contracts with your customers and providers are crafted to provide optimal assistance and assurances in the event of a security threat.
In addition, the greatest threat to the security and privacy of your data isn’t technological at all–it’s behavioral. From securing devices and ensuring regular system-wide software upgrades and hardware checks to recognizing spoofed messages and phishing attempts, the greatest threat to data security is the human errors that any individual team member can make. Clients rely on us to identify the right combination of policies, procedures and training to help them safeguard information and avoid costly legal and business fees tied to cybersecurity incidents.
The bottom line is this: No business can afford the luxury of hoping that an incident won’t occur. Every business must prepare itself as well as possible to respond to those incidents. And while the right technological protection matters, so does legal counsel designed to help you manage security events as swiftly and seamlessly as possible–with minimal impact on business operations, relationships and finances.
Insights
Insight
Spam Texts Under Fire at FCC
March 23rd, 2023
Having taken steps against robocalls in 2021, the FCC is now going after robotexts. (I can hear you saying “FINALLY!”) Ironically, the…
Read MoreInsight
International Privacy: Australia Moves to Update its Privacy Law
March 2nd, 2023
Australia has a long-standing national privacy law that is being reviewed for updates this spring. The updates proposed in mid-February…
Read MoreInsight
International Privacy: China to Regulate Transfer of Personal Data Across Borders
February 28th, 2023
Starting June 1st, US companies with business in China will have to comply with new data transfer rules that may limit or impair the…
Read MoreInsight
Every Scan of Biometric Information is a New BIPA Violation, per Illinois Supreme Court
February 23rd, 2023
The highest court in Illinois has been on a biometric privacy tear in 2023. After holding last month that claims can be brought up to…
Read MoreInsight
Potential Stumbling Blocks for EU-US Data Privacy Framework
February 21st, 2023
US companies with business in the EU have been frustrated for years by the lack of an easy-to-implement way to export personal data to…
Read MoreInsight
FTC Fines GoodRx for Advertising Practices that Violate HIPAA
February 16th, 2023
The FTC in early February ruled that GoodRx has violated patient privacy and HIPAA by sharing their data with third parties for…
Read MoreInsight
Ransomware Payments Down Sharply in 2022
February 14th, 2023
An analysis released in early 2023 shows that ransomware attacks resulted in 40% lower overall ransom payments in 2022 as compared to…
Read MoreInsight
First CPRA Regulations Near Final
February 9th, 2023
The new California privacy regulator (CPPA) has completed the first set of implementing rules to help businesses comply with the CPRA….
Read MoreInsight
Plaintiffs Now Have Five Years to Bring Illinois Biometric Privacy Claims
February 7th, 2023
In late January, the Illinois Supreme Court ruled that individuals bringing suit under the state’s biometric privacy law (BIPA) will have…
Read MoreInsight
Kids’ Privacy, “Dark Patterns” Produce $527M Fine Against Fortnite Game Publisher
January 26th, 2023
The FTC in December fined EPIC games, maker of the ubiquitous Fortnite, more than half a billion dollars for deceptive practices relating…
Read MoreInsight
Password Keeper LastPass Hit with Data Breach
January 24th, 2023
LastPass, the cloud storage system for passwords, suffered a breach in late 2022 that has caused ripples in the security world. Some…
Read MoreInsight
Madison Square Garden Uses Facial Recognition to Keep Out Certain People
January 19th, 2023
In one of the more bizarre tech stories from late 2022, the New York Times reported that the owner of Madison Square Garden has started…
Read MoreInsight
Software Not Covered Under Cyber Insurance After Ransomware Attack
January 17th, 2023
In late December, a state supreme court ruled that a cyber insurance policy covering physical loss to electronic equipment and “media”…
Read MoreInsight
Facebook Agrees to a $725M Cambridge Analytica Class Action Settlement
January 12th, 2023
The data harvesting scandal over Facebook’s sharing of user data with outside developers appears to be close to settlement. The social…
Read MoreInsight
Google/YouTube to Face Revived Class Action About Kids’ Data
January 10th, 2023
The Ninth Circuit has unanimously ruled that a proposed class action about the wrongful collection and use of children’s online data may…
Read MoreInsight
Happy New Year, Except to Facebook/Meta
January 5th, 2023
The EU is starting its privacy year with a bang: Facebook parent Meta will be fined hundreds of millions of dollars (again) in relation…
Read MoreInsight
Facebook Parent Co Fined $275M for EU Privacy Violations
December 20th, 2022
In late November, the Irish data regulator announced a $275M fine against Meta for privacy violations by Facebook. The company must also…
Read MoreInsight
EU Court Strengthens “Right to be Forgotten” in Google Case
December 15th, 2022
In a ruling in early December, the EU’s top court (CJEU) decided that search engines must remove “manifestly inaccurate” information from…
Read MoreInsight
Federal Cyber Agency Publishes Infographic about Phishing
December 13th, 2022
’tis the season…to watch out for malicious code and social engineering in enterprise emails. Actually, it is always the season to…
Read MoreInsight
Senators Ask FTC To Review Twitter Security
November 22nd, 2022
Alleging that the recent Twitter shake-up / melt-down may be diminishing security and allowing disinformation to flourish, a group of…
Read MoreInsight
$390M Settlement for Google’s Misleading Location Tracking Practices
November 17th, 2022
Google will pay nearly four hundred million dollars to settle outstanding claims with forty state Attorneys General, and must revise its…
Read MoreInsight
FTC Penalizes CEO for Company Data Breach
November 15th, 2022
After repeated data breaches that exposed consumer information, the CEO of Drizly is being held personally accountable for the latest…
Read MoreInsight
Proposed Implementing Regs for Colorado Privacy Law Would Impose Consent Requirement
November 10th, 2022
Colorado is set to be one of five states with a data protection law in place in 2023. Most have followed the lead set by California,…
Read MoreInsight
First Biometric Privacy Verdict in Illinois Exceeds $200M
November 8th, 2022
Employers who have personnel in Illinois have been hard hit with class actions in the last few years under the state’s biometric data…
Read MoreInsight
FTC Fine Leads to Class Action Lawsuit Against Twitter
October 27th, 2022
The Federal Trade Commission fined Twitter $150 million for privacy violations earlier this year in connection with its finding that…
Read MoreInsight
Biometric Data Privacy Claims Ramp Up
October 25th, 2022
Although it has not attracted as much attention as Illinois’ biometric privacy law (BIPA), Texas has a data privacy law covering…
Read MoreInsight
Alison Ballard Moderating Panel at The Corporate Intellectual Property Institute® — GIPA Georgia Intellectual Property Alliance® Annual Meeting
October 13th, 2022
Taylor English partner Alison Ballard will be moderating a panel at The Corporate Intellectual Property Institute® (CIPI) — GIPA Georgia…
Read MoreInsight
Data Transfer Pact Between EU and US Has a Framework
October 11th, 2022
In a long-awaited development, the US and EU have reached some accord on the “adequacy” of data protection that could allow EU data to…
Read MoreInsight
Denmark Rules Against Use of Google Analytics
October 6th, 2022
Following similar decisions in three other countries, the Danish data regulator in September ruled against the use of Google Analytics…
Read MoreInsight
California Passes Stringent Kids’ Privacy Rules
September 27th, 2022
Continuing its push as the nation’s first-mover on privacy, California has passed a bill that will require potentially significant new…
Read MoreAbout Taylor English
Taylor English Duma LLP was built from the ground up to provide highest-quality legal services for optimal value. The firm combines the best aspects of a traditional law firm with seasoned attorneys throughout the United States. Together, our attorneys work each day to provide timely, creative, and cost-effective counsel to help clients solve problems and achieve goals. Taylor English clients run the gamut from Fortune 500 companies to middle market businesses to start ups and entrepreneurs. The firm is the Georgia law firm member of GGI Global Alliance AG, the leading worldwide alliance of accounting and law firms, giving our clients access to a trusted stable of high-quality professional services organizations around the globe.