Minding Everyone’s Data

Privacy and Data Security

Global Compliance

Crossborder Data Transfers

Data Protection by Design

Digital Marketing

We are experts in the areas of privacy and data security compliance, data governance, and risk management. We regularly assist clients in understanding and handling their data security, privacy, and information management obligations and managing their risk, for example.

  • Perform data processing audits
  • Draft policies, and procedures
  • Frame disclosures and compliance program to meet the requirements of the newest laws, such as the California Consumer Protection Act (CCPA), or the European General Data Protection Regulation (GDPR)
  • Establish structures to meet cross-border data transfer restrictions, through the development of Privacy Shield certification, Standard Contractual Clause contracts, or Binding Corporate Rules
  • Develop Written Information Security Program, to meet the cybersecurity rules, regulations issued by the US and foreign regulatory organizations.

We are pioneers and love to invent and deal new problems. We have long and recognized experience in identifying the new, unique issues raised by new technologies and designing innovative programs and structures to navigate these unchartered territories. Areas of exploration include:

  • Artificial Intelligence
  • Internet of Things
  • Driverless Cars
  • Big data analytics
  • Robotics.

Keeping up with Privacy, Security and Data Protection Laws

Privacy and data security laws, whether federal, state or foreign evolve at a fast pace and affect an ever larger number of organizations.

In 2020 almost no business entity will be able to ignore Privacy or Data Security Laws. We continually analyze and evaluate these changes so we can help you meet your compliance and disclosure obligations.

We are there

We are always there to help companies meet their data privacy and security obligations. We prefer to be called in at the early stages, so that we can help you design new products or services with privacy and data protection in mind.

We work with you

Compliance is team work. We are not interested in selling you compliance by the pound. We want to work with your company to help you shape and design the privacy and security compliance that makes sense to you, meets your objectives, and is adapted to your practices.

We help establish trust

There are still millions of people wondering how much data the companies with which they deal collect about them. Your customers and employees want to trust your brand, and for that, they need transparency. We will help you build disclosures that explain your practices clearly and  are adapted to your audience.

We fix broken policies

We see too many policies and disclosures that are written in a vacuum, obsolete, or clearly “inspired” from the website next door. It exposes the company to legal liability for fraud and unfair deceptive practices. We can help you correct that, so you are not bound to irrelevant promises about things you do not do or data you do not have.

We bring our creativity

Compliance does not have to be a straightjacket that suffocates a business. Compliance is not absolute; there is no need to rely on a generic approach.  It may seem less expensive to purchase a generic compliance “canned” product or service. It is likely to become expensive to implement, or to create obstacles that could have been avoided with a customized approach. We bring our imagination to develop programs that meet the regulatory framework while minimizing the burden.

We provide training

The most important and least expensive action you can take to meet your compliance obligations and reduce your risks of violation of applicable laws is to train your personnel on best practices and legal requirements. Training is the first line of defense. We will help you make sure that you and your employees understand the laws that apply to your company and how much is at risk.

We will help you design a culture of privacy to gain the trust of your customers

Compliance cannot be built in a vacuum.  A shiny collection of  policies is useless if they are not implemented or your teams does not understand them.  That is why you need to build a culture of privacy.  Your teams will follow the policies if they understand what these policies mean and why they are necessary for your company to gain the trust of its customers.

Compliance is both a destination and a journey. It is a long term effort, and it needs constant attention. The compliance program needs to be reviewed, updated and supplemented regularly, to continue to reflect the company’s goals and operations.

We will be available  to help you at each stage of your journey.

When things go wrong

$5 Billion Settlement Against Facebook

A record $5 billion privacy settlement is proposed by the Federal Trade Commission to conclude the investigation started in March 2018 after reports that Cambridge Analytica improperly accessed personal data of 270,000 Facebook users and some of their friends. This incident is said to have affected approximately 50 million Facebook users.

Google's Troubles with the French CNIL

CNIL imposed a financial penalty of 50 Million euros against Google indicating that the amount is justified by the severity of the infringements of the essential principles of the GDPR: transparency, information and consent, noting that the infringements observed deprive the users of essential guarantees regarding processing operations that can reveal important parts of their private life since they are based on a huge amount of data, a wide variety of services and almost unlimited possible combinations.

Facebook Antitrust Trouble in Germany

The FCO ordered Facebook to improve the disclosures made to German users to provide more specific information and more choices on the use of their personal data in Germany. It also required Facebook to obtain consent for all of the applicable data types and uses. This obligation affects all data collected through other sites and apps such as WhatsApp and Instagram owned by Facebook.