• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Facebook
  • LinkedIn
  • Twitter
Bast Amron

Bast Amron

Miami Business and Bankruptcy Litigation Law Firm

  • Home
  • Who We Are
  • Our Team
  • What We Do
    • Litigation
    • Insolvency
    • Business
  • Our Work
    • Representative Experience
    • Case Highlights
    • Client Insights
  • News
    • Client Alerts
    • BA Blog
    • Articles
    • Events
    • In The News
    • The Practice Podcast
    • Business Advantage Forum
    • Careers
  • Contact Us

Trending News in Data Privacy

Trending News in Data Privacy

February 12, 2020 by Maylynn

February 12th, 2020 - Posted in BA Blog

Among the flood of recent data breaches and cyber-attacks, privacy is the word on everyone’s mind.

The over-collection and sale of customer data runs rampant right now, as does the failure of companies in myriad industries to adequately protect sensitive data from theft, but new laws are putting an end to the uncontrolled market.

California’s New Privacy Act – Will Other States Follow Suit?

Historically, consumers had little say over the data that was collected about them, sold, or lost in attacks and breaches. However, California is looking to change that with the “California Consumer Privacy Act.” This new law gives consumers the right to request that their personal data be deleted or demand it never be sold. 

Rumors abound that Florida is working on a similar law to help protect data privacy and give back control to consumers. 

Logistically, compliance may be difficult for some, if not all, affected. Fines for non-compliance range from $2,500-$7,500 per incident and many companies are not ready or even aware of the change. 

The law potentially applies to any for-profit company that does business in the state of California (even if not physically located in California). However, the company must also meet one of the following three criteria to fall within the scope of this new statute: 

  • Gross review of $25 million or more;
  • Collect, store, sell, or share personal data for 50,000 or more California consumers; and/or,
  • At least half of their revenue comes from selling personal information. 

The United States Department of Justice expects about 15,000-400,000 businesses to be affected throughout the country. 

Microsoft Under Fire Updates Cloud Contracts

Late in 2019, the European Data Protection Supervisor (EDPS) deemed Microsoft in breach of European data privacy laws. The report cited Office 365 as the culprit due to storing “functional and diagnostics data” by collecting email subject lines and other text during a spell check. The Dutch Ministry of Justice and Security published a series of articles exposing the data breach and its opinion that Microsoft was violating Europe’s General Data Protection Regulation (GDPR).

According to a piece published in Forbes, “Microsoft has now acknowledged its position as a data controller.” This declaration raises the accountability bar for Microsoft. Julie Brill, Microsoft’s Chief Privacy Officer, explained that “In the Online Services Terms OST update, we will clarify that Microsoft assumes the role of data controller when we process data for specified administrative and operational purposes incident to providing the cloud services covered by this contractual framework, such as Azure, Office 365, Dynamics and Intune.”

The new terms of service will apply to all commercial customers and then roll out to consumers and enterprise customers early this year. The changes do not, however, address all of the concerns raised by the Dutch Ministry of Justice and Security, but it’s a start. 

Privacy International (PI) Exposes Data Privacy Violators

The London-based non-profit company, Privacy International (PI), has named Oracle, Acxiom, Criteo, Quantcast, Tapad, along with Equifax and Experian in complaints it filed regarding “systematic infringements” of the General Data Protection Regulation (GDPR) data privacy laws. If found guilty, these companies could be subject to steep fines. 

Bast Amron’s Peter Klock comments on the recent changes, “This is only the beginning. What privacy or data security related developments should businesses expect to see in the new year? With the California Consumer Privacy Act finally having taken effect on January 1, 2020, we expect plaintiffs’ consumer class action attorneys to capitalize on companies that have dragged their feet to adapt to the new normal; the enactment of a host of new data privacy laws at the state level, following in the footsteps of CCPA and the EU’s General Data Privacy Regulation that came before it; and the wider adoption of data and privacy best management practices by businesses nationwide. While many have failed to see the writing on the wall, experts agree that California’s much discussed legislation was just the leading edge of a new wave of data privacy legislation in the United States. Nevada quickly followed suit with the passage of its own new data privacy law (even beating California to the punch by pushing their new law into effect in October, 2019) and at least ten other states have comprehensive data privacy laws in the works. 

Is your business keeping up with the developments and requirements of privacy law?”

Among the flood of recent data breaches and cyber-attacks, privacy is the word on everyone’s mind.

The over-collection and sale of customer data runs rampant right now, as does the failure of companies in myriad industries to adequately protect sensitive data from theft, but new laws are putting an end to the uncontrolled market.

California’s New Privacy Act – Will Other States Follow Suit?

Historically, consumers had little say over the data that was collected about them, sold, or lost in attacks and breaches. However, California is looking to change that with the “California Consumer Privacy Act.” This new law gives consumers the right to request that their personal data be deleted or demand it never be sold. 

Rumors abound that Florida is working on a similar law to help protect data privacy and give back control to consumers. 

Logistically, compliance may be difficult for some, if not all, affected. Fines for non-compliance range from $2,500-$7,500 per incident and many companies are not ready or even aware of the change. 

The law potentially applies to any for-profit company that does business in the state of California (even if not physically located in California). However, the company must also meet one of the following three criteria to fall within the scope of this new statute: 

  • Gross review of $25 million or more;
  • Collect, store, sell, or share personal data for 50,000 or more California consumers; and/or,
  • At least half of their revenue comes from selling personal information. 

The United States Department of Justice expects about 15,000-400,000 businesses to be affected throughout the country. 

Microsoft Under Fire Updates Cloud Contracts

Late in 2019, the European Data Protection Supervisor (EDPS) deemed Microsoft in breach of European data privacy laws. The report cited Office 365 as the culprit due to storing “functional and diagnostics data” by collecting email subject lines and other text during a spell check. The Dutch Ministry of Justice and Security published a series of articles exposing the data breach and its opinion that Microsoft was violating Europe’s General Data Protection Regulation (GDPR).

According to a piece published in Forbes, “Microsoft has now acknowledged its position as a data controller.” This declaration raises the accountability bar for Microsoft. Julie Brill, Microsoft’s Chief Privacy Officer, explained that “In the Online Services Terms OST update, we will clarify that Microsoft assumes the role of data controller when we process data for specified administrative and operational purposes incident to providing the cloud services covered by this contractual framework, such as Azure, Office 365, Dynamics and Intune.”

The new terms of service will apply to all commercial customers and then roll out to consumers and enterprise customers early this year. The changes do not, however, address all of the concerns raised by the Dutch Ministry of Justice and Security, but it’s a start. 

Privacy International (PI) Exposes Data Privacy Violators

The London-based non-profit company, Privacy International (PI), has named Oracle, Acxiom, Criteo, Quantcast, Tapad, along with Equifax and Experian in complaints it filed regarding “systematic infringements” of the General Data Protection Regulation (GDPR) data privacy laws. If found guilty, these companies could be subject to steep fines. 

Bast Amron’s Peter Klock comments on the recent changes, “This is only the beginning. What privacy or data security related developments should businesses expect to see in the new year? With the California Consumer Privacy Act finally having taken effect on January 1, 2020, we expect plaintiffs’ consumer class action attorneys to capitalize on companies that have dragged their feet to adapt to the new normal; the enactment of a host of new data privacy laws at the state level, following in the footsteps of CCPA and the EU’s General Data Privacy Regulation that came before it; and the wider adoption of data and privacy best management practices by businesses nationwide. While many have failed to see the writing on the wall, experts agree that California’s much discussed legislation was just the leading edge of a new wave of data privacy legislation in the United States. Nevada quickly followed suit with the passage of its own new data privacy law (even beating California to the punch by pushing their new law into effect in October, 2019) and at least ten other states have comprehensive data privacy laws in the works. 

Is your business keeping up with the developments and requirements of privacy law?”

Primary Sidebar

  • Client Alerts
  • BA Blog
  • Articles
  • Events
  • In The News
  • The Practice Podcast
  • Business Advantage Forum
  • Careers

Bastamron Youtube Podcast

Bastamron Google Play Podcast

Bastamron Spotify Podcast

Bastamron Apple Podcast

Maylynn Menoud  | Marketing Director
T: (305) 379-7904 | D: (305) 357-4794
mmenoud@bastamron.com

BAST AMRON is a boutique law firm focused on business insolvency and litigation. Our insolvency practice emphasizes workouts, restructurings, liquidations, bankruptcy, and bankruptcy avoidance. We represent debtors, creditors, committees, trustees, and other fiduciaries in bankruptcies, receiverships, and assignments for the benefit of creditors. Our litigation practice is primarily plaintiff oriented. We know how to investigate, formulate and prosecute claims arising from business disputes. By combining our business insolvency knowledge with our extensive courtroom experience, we successfully guide our clients through all aspects and types of commercial litigation in state and federal courts across the country. Whether the issue is litigation or insolvency or both, we view our clients’ needs through a holistic lens to formulate and implement dynamic solutions to their most important challenges.

Footer

Copyright © 2023
Bast Amron LLP. All rights reserved.
Attorney Advertising. Prior results do not guarantee a similar result.

Careers | Sitemap | Disclaimer | Eco Friendly

One Southeast Third Avenue,
Suite 2410 | Miami, FL 33131
T: 305.379.7904 | F: 305.379.7905
Return to top
  • Facebook
  • LinkedIn
  • Twitter