Aside from the privacy issues flagged in private litigation, Zoom is also facing security concerns over hackers breaking into virtual meetings, a practice known as “Zoom bombing.”

“At this point, there is no evidence that personally identifiable information has been stolen or compromised,” said Phillips Nizer LLP technology practice chair Thomas Jackson. “But that is certainly a concern going forward.”

The article addresses some of the key questions raised by California’s new privacy law, the California Consumer Privacy Act (CCPA), which took effect on January 1, 2020, including what is covered by and who must comply with the new law and how it compare with Europe’s General Data Protection Regulation (GDPR) implemented in May 2018.

The board, consisting of twenty renowned litigators, is responsible for providing input and consulting on new products, offering feedback on enhancements to current offerings, and giving its advice on the direction of future litigation and analytics solutions to Bloomberg Law, a leading provider of subscription-based services for online legal research.

To read the full Hospitality Report, click here.

Thomas Jackson, partner at Phillips Nizer LLP, explains that the industry’s extraordinarily rich data market brings with it a much higher risk of identity theft. This is particularly the case, he says, “when the breach involves dates of birth, passport numbers, travel itineraries, and other kinds of discrete data that one would not expect to see in a typical payment system.” 

At the time of the announcement of the breach, it was reported that over 300 million customers were potentially affected.  Starwood was acquired by Marriott International in 2016.

Excerpt:

"Central to the concerns Judge Koh is raising is why it took 143 attorneys from 32 firms to file a complaint, oppose a stay, oppose a demurrer and file a motion for class action certification, and how that work could conceivably justify an award, on average, of over a million dollars for each of the firms...the court in its decision painted a picture of Yahoo as the poster child for bad behavior...It took particular pains to point out that Yahoo's estimate for settlement purposes of the number of accounts affected was not accurate, as well as other misdeeds, including Yahoo's denial in public filings that it knew anything about unauthorized access to personal data, its withholding of information and its delay, in some cases for a period of years, in notifying users of something it had contemporaneous knowledge of, leaving them in the dark as far as any actions they needed to take to protect themselves against the potential misuse of the compromised data."

Excerpt:

"I don’t regard a teenager — or for that matter an adult — being incentivized to download a 'survey' app based on a statement that trusting the app 'may give' Facebook’s developers 'access to your data' and tapping a 'Trust' button as having given his or her consent."

Excerpt:

"...Numerous high profile businesses have been criticised for misusing information. Only this month, Google was forced to admit that a bug in the Google+ API had allowed third party app developers to access not only the data of consenting Google+ users, but also of their friends. Google failed to conduct good data practice, which is damning enough. On top of that, the company found out about the bug in March and kept it under wraps until the Wall Street Journal called them out. According to Thomas Jackson, partner at Phillips Nizer LLP and technology law expert, Google hid the discovery to avoid being compared with the Facebook Cambridge Analytica scandal.
 

"There are differences, of course...Much of the outrage following the Cambridge Analytica episode resulted from the fact that a personality test was used to collect personal data which, unbeknownst to Facebook users, gave a third party access to their personal information, and was collected for use in a political campaign. In Google’s case, what actual use was made of the data by outside developers, at least at this point, apparently is unknown. Undoubtedly it will prove to be far worse for Google that it chose to cover up what it had learned rather than disclose it in timely fashion and announce what steps it had taken to prevent the problem from occurring in the future.”"

Tom addresses the breach of the Quora question-and-answer website that exposed the names, e-mail addresses, hashed passwords and non-public content of over 100,000 users, including messages and answer sent privately to other users.

"Since this is a knowledge-sharing platform, one of the risks of an incident like this is it could deter people from engaging in that kind of activity, which is productive and useful...In the Quora case, the main issue is going to be the willingness of inviduals to contribute going forward. Will it have a negative effect on postings and new signups?"

The article concerns the effect of the incentive-based approach taken in the Ohio Data Protection Act on businesses in regulating data privacy and the likelihood that it will succeed in reducing the risk of  data breaches exposing personal information. Tom's quote:

While the Ohio Data Protection Act does not alleviate the difficulties in businesses complying with a patchwork of laws that, in some cases, are inconsistent with one another, it does point the way to a more sensible regulatory approach.

The article addresses the effect of the Democratic takeover of the majority in the House of Representatives on privacy and cybersecurity initiatives in Congress.  Tom's quote:

For the most part, cybersecurity initiatives have been a bipartisan effort...That said, we are likely to see renewed efforts geared towards the passage of legislation to increase federal and state defenses against election meddling. The Secure Elections Act had bipartisan support but didn't get very far.

The board is charged with assessing best practices and market needs in the technology field and offering guidance for the college’s academic programs in aligning curricula with the needs of the private sector. Mercy College is designated as a National Center of Academic Excellence in Information Assurance Education by the National Security Agency and the Department of Homeland Security.

Excerpt:

"What attracted so much ire in response to the Cambridge Analytica episode was not only that collected personal data of as many as 87m Facebook users in the US but also the nature of the data that was collected and how it was used.

The data was harvested using a personality test that, unbeknown to the Facebook users who took the test, not only gave a third-party access to their personal information but also the personal information of their friends for use in a political campaign."

Tom's quote:

"The questions that need to be addressed are the degree of voluntariness that is associated with entering into an employment relationship and whether consent for data processing given at that time is both sufficient in that context and whether it's sufficient to carry out future processing..."

eWeek highlights the recently reported misappropriated Facebook data by Cambridge Analytica, the Federal Trade Commission’s investigation of the social media network, and ongoing discussion surrounding consumer privacy and data protection.

Two years ago, the Court of Justice of the European Union found that the agreement between the U.S. and EU known as the Safe Harbor framework, under which personal data could be transmitted outside the EU, did not offer adequate protection, and was therefore invalid. The EU-U.S. Privacy Shield framework, which was accepted by the EU last year, is intended to provide greater protection for the personal data of EU citizens exported to the U.S. Today, Google, Facebook, Microsoft and over 2,400 other major companies rely upon the protection that certification under the Privacy Shield affords them in processing the personal information of EU citizens in the U.S. Last week, the European Commission published the first annual report on how well the Privacy Shield is working.

Tom's quote:

"The [European Commission's] recommendations will do little or nothing to assuage the concerns of privacy advocates that the [Shield's] privacy safeguards are inadequate..."

It was announced on September 20, 2017, that sixteen Phillips Nizer attorneys were selected for inclusion on the 2017 Super Lawyers list. Alternative Dispute Resolution, Banking, Business Litigation, Entertainment, Intellectual Property, and Trusts & Estates practices were represented.  

On September 21, 2016 it was announced by Super Lawyers® that twenty-three Phillips Nizer attorney were selected for inclusion on the 2016 Super Lawyers and 'Rising Stars' lists.  This is the second consecutive year the firm has had twenty-three lawyers recognized.

Phillips Nizer was honored to announce that twenty-three of its attorneys were recognized as 2015 Super Lawyers® and Rising Stars. Attorneys who were recognized represented over a dozen practice areas. The annual Super Lawyers® lists are a result of confidential peer review and independent research.