One Month Till GDPR! Seven Insights and Predictions
Like most reading this article, we have been very busy over the last couple of years preparing our clients for the EU General Data Protection Regulation (“GDPR”). In advising companies that range from start-ups to multi-nationals and that cross a wide variety of industries, we have gleaned many insights about the GDPR compliance process. This post discusses some of the most significant insights we have gained and offers predictions for how we expect these issues will play out once the GDPR becomes effective on May 25, 2018.
Read our insights and predictions below, or for an easy to print PDF, click here.
About The Authors
Melissa Maalouf’s practice focuses on advising a broad range of clients, from start-ups to established companies, on both U.S. and international data privacy and security issues. Melissa assists clients in drafting appropriate website disclosures, implementing legally-compliant e-commerce flows, responding to FTC Section 5 and state AG enforcement actions, analyzing advertising claims, and children’s online privacy and safety issues. She also regularly helps clients obtain certification under the EU-US Safe Harbor and navigate compliance with divergent international privacy laws.
Mason helps clients navigate a constantly shifting web of domestic and international laws regulating data collection, marketing, data sharing, computer crime, data security, electronic surveillance, online content, children’s privacy, financial privacy, information management, and other areas of privacy and Internet law. A former web designer, he has extensive experience with issues relating to digital media, new technology and e-commerce.
Jon Frankel has been advising clients on privacy, data security, e-commerce, intellectual property and litigation matters for more than 15 years. Jon provides practical advice to mitigate privacy and data security risks and helps clients navigate a myriad of complex data collection, use and sharing cases. Jon advises on health and children’s privacy; email, SMS and telemarketing; mobile applications; user generated content; contests, promotions, and sweepstakes, online gaming; and requests from law enforcement. Prior to joining ZwillGen, Jon was a partner in the Washington, D.C. office of Bingham McCutchen, LLP, where he co-chaired the Privacy and Security Group.
Ken counsels clients on complex issues involving information privacy and data law, online liability, consumer regulatory and gaming law, including regulatory response, and adherence to self-regulatory guidelines for online advertising. Ken has had more than twenty years of experience in high-profile regulatory, in-house and private practice roles, including as Chief of the New York Attorney General’s Internet Bureau. He is one of the nation’s leading authorities on the relationship between emerging advertising technologies and online privacy.
Kandi counsels clients on privacy and data security issues, online and general advertising, and marketing practices, including COPPA compliance, student privacy, and the Internet of Things. Kandi advises companies on collecting, protecting, and using consumer data and helps them develop and implement comprehensive privacy and security programs. Drawing on her tenure at the FTC, Kandi assists clients in responding to FTC and state AG enforcement actions. Prior to joining ZwillGen, Kandi spent eight years in the FTC’s Division of Privacy and Identity Protection. While at the FTC, Kandi served on detail for six months to the United States Senate, Committee on Commerce, Science, and Transportation.
Anna Hsia maintains a diverse practice litigating complex business disputes and counseling clients on privacy issues. With broad litigation experience in unfair competition, false advertising, class actions, and other complex litigation, Anna guides clients through disputes in federal and state courts. As a Certified Information Privacy Professional, Anna has assisted clients with product development and compliance with privacy regulations such as the TCPA, HIPAA, COPPA, state-specific privacy regulations, the Gramm-Leach-Bliley Act, and the Fair Credit Reporting Act.
Alexei Klestoff’s practice focuses on representing clients in a variety of privacy, consumer protection, and e-commerce matters through counseling, litigation, responding to FTC and state Attorneys General investigations, and developing compliance programs. Alexei advises clients on methods to mitigate legal risks associated with new products and services, and also represents clients in complex litigation and regulatory investigations involving false advertising, unfair competition, and privacy claims.
Marci counsels companies on a wide variety of issues involving privacy, cybersecurity, and information law. She routinely helps companies evaluate and develop corporate privacy and information security programs, and provides advice on matters involving cross-border data transfers, insider threat prevention and detection, cloud computing, and electronic surveillance. Marci also assist clients in responding to data breaches, including issuing breach notifications required under state and federal breach notification laws, advising on remediation efforts, and handling litigation and enforcement actions arising from data security incidents.
Allison Bender counsels Fortune 50 companies and startups in a range of industries on cybersecurity and privacy matters in the U.S. and internationally. Drawing from her roots in government, national security, and R&D, she helps clients navigate legal issues associated with emerging technologies and aids clients in strategically managing legal, financial, and reputational cybersecurity risks.
Michelle Anderson counsels clients on a range of privacy, security, and consumer protection matters. She works closely with clients to understand their goals and risk profiles to help develop strategies for compliance with domestic and international privacy and security laws and regulations.
Austin assists ZwillGen attorneys and clients on a variety of Internet and technology law issues including FTC matters, civil litigation, responding to surveillance requests under the Electronic Communications Privacy Act (“ECPA”), and compliance with the EU General Data Protection Regulation (“GDPR”).