Insights
Publications

Cybersecurity Regulation: Key Takeaways From an Unusual FTC Order That Will Follow CEO for a Decade

November 15, 2022 Blog
Privacy Blog

The FTC recently issued a proposed order that would settle an enforcement action against Drizly, LLC and its co-founder and CEO, James Rellas, arising from data breaches in 2018 and 2020 that affected over 2.5 million customers. The FTC’s proposed order is unusual in that applies to Rellas personally. The order requires Rellas to implement various data security practices at any company he owns or oversees in the next decade, even if Rellas moves to a company unrelated to Drizly.

Let’s take a look at the data security breaches that led to the FTC’s enforcement action and some of the key takeaways that result from the FTC’s unusual proposed order.

Read the Privacy blog post here.

Firm Highlights

Publication

Employee Data under the CCPA: Expiration of Employer Exemptions Requires Compliance as of January 1, 2023

Since the California Consumer Privacy Act (“CCPA”) was passed in 2018, employers have been watching carefully to see how the law will apply to data collected and maintained about their employees. Up until now, ...

Read More
Publication

Uber’s Former Chief Security Officer Found Guilty of Obstruction For Coverup of Data Breaches

On October 5, 2022, after a monthlong jury trial, former Uber Chief Information Security Officer Joseph Sullivan was found guilty of obstructing proceedings of the Federal Trade Commission (FTC) and misprision of a felony...

Read More
Publication

Nonprofit Websites and Terms of Use - Best Practices and Common Pitfalls

Welcome to EO Radio Show – Your Nonprofit Legal Resource . Happy New Year, everyone!  In episode 26, Cynthia Rowland and her guest Nate Garhart discuss websites and terms of use and the legal concepts...

Read More
Publication

California Attorney General Announces Enforcement Sweep of Mobile Applications

Shortly before Privacy Day, California Attorney General (Cal AG) Rob Bonta  announced  a California Consumer Privacy Act (CCPA) enforcement sweep that targeted mobile applications. The sweep focused on popular apps in the retail, travel...

Read More
Publication

Privacy Policy Best Practices for Nonprofits

Welcome to EO Radio Show – Your Nonprofit Legal Resource . I’m happy to have my colleague Nate Garhart back for a discussion on privacy laws and how they affect website content development and online...

Read More
Publication

California Passes Landmark Privacy Protections for Children With Big Implications for Online Providers

Governor Newsom recently signed into law AB 2273 , the California Age-Appropriate Design Code Act (CA AADCA), making California the first state to pass broad privacy protections for children. The CA AADCA is modeled...

Read More
Publication

I Always Feel Like AI Is Watching Me: Artificial Intelligence and Privacy

ChatGPT got the early press, and every day we learn of new generative artificial intelligence products that can create new and creative visual and text responses to human input. Following on ChatGPT’s fame, Google’s...

Read More
Publication

Top 5 Privacy Cases To Watch, From Chatbots to Geolocation

Litigation — and threats of litigation — related to privacy law violations have been on the rise recently. While some judges have pushed back on the theories set forth by plaintiffs, new privacy lawsuits...

Read More
Publication

Nonprofits’ Use of Artificial Intelligence Systems: Intellectual Property and Data Privacy Concerns

In today's rapidly changing technological landscape, artificial intelligence (AI) is making headlines and being discussed constantly. To be sure, AI provides a powerful tool to nonprofits in creating content and exploiting for countless cost-effective...

Read More
Publication

Enforcement of CPRA Regulations Delayed

Shortly before the California Privacy Right Act (CPRA) modifications to the California Consumer Privacy Act (CCPA) were set to become enforceable on July 1, 2023, a Sacramento Superior Court judge issued a ruling on...

Read More