Uncategorized

IP & Cybersecurity: Critical Points on Data Misuse

What strategies should businesses employ to circumvent “insider” cyber threats? Attorneys Howard Susser and Brooke Penrose will discuss the best practices to manage and prevent data misuse and the claims to consider when threats arise. Learn about the Computer Fraud and Abuse Act, trade secrets and other intellectual property claims, and breaches of agreements.

Click here to view the full webinar.… Keep reading

Don’t Crumble Under Cookie Restrictions

Nearly half of all websites use cookies – small text files stored on internet users’ computers and mobile devices so web servers can track that user. Cookies come in a variety of flavors in terms of their purpose, the party placing the cookie, and the duration they last on a user’s device. For example, a cookie may have a functional (ex. cookies that remember visitors’ preferred language), analytical (ex. cookies that report site usage statistics), or advertising/marketing purpose (ex. cookies used to retarget advertising to visitors). “First-party cookies” are placed directly by the website being visited while “third-party cookies” are set by another party other than the website’s owner. “Session cookies” are deleted after the user’s session on the website ends while “persistent cookies” can last from days to years after the end of the user’s session.

Proceed with Caution – Cookies May Create Legal Exposure for Site Operators

Cookies can be incredibly useful to website operators as they can enable the operator to gather helpful information about how visitors use its website and thereby target its advertising efforts without disrupting the user experience.  However, as web visitor privacy control continues to be … Keep reading

COVID Stimulus Act Impacts U.S. Intellectual Property Laws

With the President’s signing of the Consolidated Appropriations Act for 2021 on December 27, 2020, several important updates to U.S. intellectual property law have been adopted.

Trademark Act Amended

The Trademark Modernization Act (“TMA”) makes significant amendments to the Lanham Act, which will become effective December 27, 2021. The TMA generally aims to reduce deadwood on the register of trademarks by providing for summary expungement. But the Act also made some noteworthy amendments to trademark prosecution and enforcement procedures.  A summary of some of the highlights include:

  • New Ex Parte Expungement Proceeding. A third party, or the Trademark Office, may petition to expunge a registration on the basis that the mark has never been used in commerce on or in connection with some or all of the goods or services recited in the registration. The proceeding is only available for registrations that have been registered for more than three years but less than 10 years.
  • Response Deadlines for Trademark Office Actions May be Shortened. The current response time for all Office Actions is six months. The TMA allows the response period to be shortened to a period that is at least sixty days, provided extensions of
Keep reading
Brazil Adopts Comprehensive Privacy Law

Highlights of Brazil’s LGPD

Brazil became the latest country to draw inspiration from Europe’s General Data Protection Regulation (“GDPR”) and adopt its own national comprehensive legal framework for personal data regulation, called the Lei Geral de Proteção de Dados (“LGPD”). A comparison of some of the key topics covered by the GDPR and LGPD are summarized below:

  GDPR LGPD
Effective Date May 25, 2018 August 15, 2020 (but enforcement will not begin until August 1, 2021)
Fines Up to the higher of €10 M or 2% of  global annual revenue from preceding financial year Up to the lesser of 50 M reals or 2% of Brazilian sourced revenue from preceding financial year
Territorial Scope Personal data processing activities when:

1.     Controller or processor is established in the EU, regardless of whether the processing takes place in the EU or not;

2.     the data refers to individuals located in the EU when offering goods or services to such data subjects or monitoring their behavior;

3.     carried out by a controller not established in the EU, but in a place where Member State law applies by virtue of public international law.

Personal data processing activities when:

1.     carried out

Keep reading
Consumer Rights and an Organization’s Responsibilities Under the CCPA

As we’ve previously blogged about, the California Consumer Privacy Act (“CCPA”) is an exhaustive piece of legislation requiring organizations to heed and defend consumer rights relating to access to, sharing of, and deletion of personal information that is collected by businesses. In particular, the CCPA requires organizations to notify California consumers of the rights newly afforded to them under the CCPA. These rights are summarized in the graphic below.

Summary of Consumer Rights and Organization’s Related Responsibilities:

In addition to notifying California residents of their consumer rights, organizations need to provide at least two methods– including a toll-free phone number—for consumers to submit requests to exercise their rights.  If the organization maintains a website, one of those methods needs to be a website address.  If an organization operates exclusively online and has a direct relationship with the consumer, it does not need to provide a toll-free number and only needs to provide an email address as a designated method for submitting requests.

Response Requirements When Consumer Exercises a CCPA Right

Once an organization obligated to comply with the CCPA receives a California consumer request to exercise a CCPA right, it must disclose and deliver the information free of charge … Keep reading

CCPA Enforcement Begins July 1, 2020: Do You Need to Comply?

Prior to the unique data security and privacy challenges unexpectedly presented as a result of a mass movement to remote working earlier this year, the California Consumer Privacy Act (“CCPA”) was one of the most highly anticipated regulation organizations were (or, should have been) preparing to comply with.  Despite industry pressure to delay enforcement of the CCPA so organizations could continue to focus on mitigating further disruptions and damage to their operations caused by the COVID-19 pandemic, the California Attorney General has maintained his commitment to begin enforcement of the CCPA on July 1, 2020.

In preparation for the enforcement date, Burns & Levinson will be doing a series detailing some of the highlights of the CCPA, which technically went into effect on January 1, 2020.  If the CCPA applies to your organization and you had not previously taken steps to bring your organization into compliance with Europe’s General Data Protection Regulation (“GDPR”), you may have significant work to do in order to bring your organization into compliance with the CCPA.  If your organization has previously engaged in GDPR compliance, you may still have work to do.  While there is some overlap between the regulatory and statutory requirements of … Keep reading

The "Lowdown" on DMCA Regulations and Take-Downs

Chances are, if you have ever posted or published content on the web, or your company operates a website, you have heard the term “take-down notice.” Perhaps you have even been on the receiving end of such a notice, claiming that content on your website is owned by a third party, and that if you do not remove the content, your website will be taken down or a lawsuit will be filed claiming copyright infringement.

These notices are part of a mechanism available to copyright owners—including those who have not registered their copyrights— under a U.S. law called the Digital Millennium Copyright Act.  This statute was enacted in the late 1990s as an attempt to bring the U.S. Copyright Act up to speed with society’s increased engagement via the Internet. The take-down procedure was introduced to provide a “safe harbor” for internet service providers that provide platforms for others to post content. Essentially, by following the procedures detailed in the DMCA, a website owner (or ISP) may be able to shelter him/herself from liability for infringement if a user posts infringing content, provided the website owner is not actively participating in or encouraging infringement and otherwise … Keep reading