We are excited to announce that Alex Schlight has joined the Hintze Law team. Alex joins as a lateral associate from a boutique technology counseling firm where she served as privacy lead.
Read MoreVirginia Passes Comprehensive Data Privacy Law
On March 2, 2021, Virginia Governor Ralph Northam signed the Virginia Consumer Data Protection Act (VCDPA) into law. The VCDPA, which takes effect January 1, 2023, will look familiar to those who work with the GDPR and California’s Consumer Privacy Act and Privacy Rights Act (CCPA and CPRA, respectively). Companies that have already invested in GDPR and CCPA/CPRA compliance will find that most VCDPA obligations are similar to what they have already addressed in some form for Europe and California. But the new Virginia law also contains some novel provisions, such as excluding a broad range of “publicly available information” from the definition of personal data, contractual requirements for sharing de-identified data, and establishing an appeals process for data rights requests.
Read MoreProposed Changes to HIPAA Privacy Rule: Enhanced Access & Info Sharing
in HIPAA
On December 10, 2020, the Department of Health and Human Services (the Department) issued a Notice of Propose Rulemaking (NPRM) to modify the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule.
Read MoreHintze Law Promotes Ro Friend to Partner
Zoom Settles with FTC over Alleged Deceptive and Unfair Security Practices
in FTC
On November 9, 2020, the Federal Trade Commission (FTC) announced a proposed settlement with Zoom Video Communications, Inc. (Zoom). The FTC alleged in its complaint that Zoom engaged in both deceptive and unfair trade practices under the Federal Trade Commission Act relating to the security of its services and claims it made about that security.
Read MoreCalifornia Privacy Rights Act (CPRA) Passed by California Voters
By Mike Hintze
On November 3, California voters passed Proposition 24, the California Privacy Rights Act (CPRA). This new privacy law, which substantially amends the California Consumer Privacy Act (CCPA), will come into effect on January 1, 2023, and enforcement will begin July 1, 2023. CPRA is, at best, a mixed bag. The fact that it was opposed by a wide range of critics, from privacy advocates, to academics, to industry coalitions is telling. It is long, complex, and poorly drafted. While it clarifies some aspects of CCPA, it adds new ambiguous provisions that will cause more confusion and uncertainty. It changes (mostly expanding) the consumer rights in CCPA, and it imposes a wide range of new compliance obligations on companies.
Read MoreEmeka Egwuatu to Join Hintze Law Class of 2021
We proudly announce that Emeka Egwuatu has accepted a position to join Hintze Law as an incoming 2021 associate. Emeka formerly interned at Expedia gaining valuable privacy experience on GDPR and EU privacy matters. As a summer associate at Hintze Law he worked on a variety of matters including COPPA, CCPA, BIPA, FERPA, facial recognition technology, data security breach law, and data protection agreements providing valuable contributions to our clients.
Read MoreSheila Sokolowski Joins Hintze Law as Partner and Chair of Health and Biotech Privacy Group
We are excited to announce that Sheila Sokolowski has joined the Hintze Law team. Sheila joins as Partner and Chair of the firm’s new Health and Biotech Privacy Group. Sheila is ranked by Chambers USA, which described her as “incredibly quick to understand complex, innovative technologies and develop practical, risk-indexed advice that clients understand and use.”
Read MoreHintze Law PLLC grows team
We are pleased to announce the three most recent additions to the Hintze Law team: Julia Allen-Pi’ilani as Privacy Analyst, Charlotte Lunday as Associate, and Chehalis Dorman as Associate*.
Read MoreEarly Thoughts on the Schrems II Decision on EU Data Transfers
As you may be aware, last Thursday the Court of Justice of the European Union (CJEU) issued a dramatic opinion in the Schrems II case that invalidated the EU-U.S. Privacy Shield Agreement and called into question the extent to which U.S. companies can rely on the EU Standard Contractual Clauses (SCCs) as the basis for data transfers.
Read MoreChambers Ranks Hintze Law and Its Partners in 2020 USA Privacy & Data Security Reviews
We are honored to announce that Chambers & Partners has once again recognized Hintze Law PLLC and partners, Mike Hintze and Susan Hintze, in its 2020 Privacy & Data Security USA – Nationwide rankings.
Read MoreChambers Recognizes Hintze Law and Its Partners in 2019 USA Privacy & Data Security Rankings
Chambers & Partners has presented Hintze Law PLLC with the honor of Recognized Practitioner, and has recognized Hintze Law partners, Mike Hintze and Susan Hintze, as Ranked Lawyers in its 2019 Privacy & Data Security USA – Nationwide rankings released April 25, 2019.
Read MoreIs our U.S. company subject to GDPR? New guidance on territorial scope from EDPB
By Jennifer Ruehr and Susan Lyon-Hintze
Non-EU organizations that process personal data as data controllers or processors frequently ask whether they are subject to the General Data Protection Regulation (“GDPR”). The answer depends in part on the “territorial scope” provisions in Article 3 of the GDPR. Organizations fall under the territorial scope of the GDPR when they meet one of two main criteria: the “establishment” criterion under Article 3(1) or the “targeting” criterion under Article 3(2). On November 16, 2018, the European Data Protection Board (“EDPB”) released “Guidelines 3/2018 on the territorial scope of the GDPR (Article 3)-Version for public consultation.” These guidelines provide interpretation and clarification of the Article 3 criteria that can help organizations understand and evaluate how the GDPR applies to their data processing.
Read MoreJennifer Ruehr joins Hintze Law PLLC
We are pleased to announce Jennifer Ruehr has joined the Hintze Law team! In her role as Senior Associate, Jennifer will be advising technology clients on global privacy, security, and related data technology and transactional matters.
Read MoreJared Friend named Associate to Watch in Chambers 2018 rankings
We are thrilled to report that Jared Friend, Senior Associate at Hintze Law, has been recognized in the Chambers USA 2018 lawyer ranking. Notably, Jared is included as one of only two “Associates to Watch” in the Privacy & Data Security category nationwide.
Read MoreJ.D. Fugate joins Hintze Law PLLC
We are pleased to announce that we have a new member of the Hintze Law team. J.D. Fugate joined the firm on March 1, 2018, as Of Counsel.
Read MoreFTC Issues Enforcement Policy Statement on COPPA and Voice Recordings
By Smriti Chandrashekar
On October 23, 2017, the U.S. Federal Trade Commission (“FTC”) issued guidance on the online collection of certain audio voice recordings from children under the age of 13. The guidance, in the form of an “enforcement policy statement” discusses the application of the Children’s Online Privacy Protection Act (“COPPA”) to such recordings.
Read MoreFTC updates COPPA Compliance Plan for Businesses
By Carolyn Krol
On June 21, 2017, the U.S. Federal Trade Commission (“FTC”) published an update to the Children’s Online Privacy Protection Rule (“COPPA”) compliance plan for businesses. The FTC Business Blog describes the update as a reflection of the developments in the marketplace, such as internet-connected toys. The compliance plan provides businesses with a step-by-step guide to determine if a business activity is covered by COPPA, and if so, how to comply with COPPA.
Read MoreHow to Draft a Privacy Statement
A chapter by Hintze Law partner Mike Hintze, entitled "Privacy Statements: Purposes, Requirements, and Best Practices" will be included in the forthcoming Cambridge Handbook of Consumer Privacy, edited by Jules Polonetsky, Evan Selinger & Omer Tene, Cambridge University Press (2017).
Read MoreThe FTC’s Smart TV Workshop
in FTC
By Mike Hintze
On Wednesday, December 7, 2016, the Federal Trade Commission held a Smart TV workshop, as part of its Fall Technology Series.
Read More