Thomas & LoCicero lawyers have experience advising clients on liability and/or compliance issues relating to the growing body of privacy and security laws, such as those addressed by the Children’s Online Privacy Protection Act (COPPA), the Health Insurance Portability Accountability Act (HIPAA), the Health Information Technology for Economic and Clinical Health Act (HITECH), the Genetic Information Nondiscrimination Act (GINA), Gramm-Leach Bliley (GLB), the Fair Credit Reporting Act (FCRA), the Telephone Consumer Protection Act (TCPA), Do Not Call regulations and the Telemarketing Sales Rule (TSR), CAN-SPAM, the Electronic Communications Act (ECPA) and their various state counterparts.
We also advise clients on State privacy legislation such as the California Shine the Light Law, the California Online Privacy Protection Act (CalOPPA), and a variety of state data breach notification acts, and other potentially relevant laws, including the Canadian Anti-Spam Legislation (CASL), the recently implemented European Union General Data Protection Regulation (EU GDPR) and others, as well as industry best practices and self-regulation, whether in the form of mobile marketing carrier requirements, Payment Card Industry Security (PCI) Council Standards or others.
Thomas & LoCicero professionals routinely counsel clients on the use of digital and electronic signatures, e-billing, and the applicability of state and federal laws relating to same. We frequently analyze and advise clients on the legal implications of data handling practices including aggregation, combination, de-identification, re-identification, online tracking via cookies, web beacons, locally-stored objects, and other technologies, as well as the legal and third-party liability consequences of the provision of free wi-fi services to customers, make recommendations regarding accompanying security protocols and draft suitable disclosures, user terms and vendor agreements.
In addition, Thomas & LoCicero attorneys assist clients in responding to actual or threatened “phishing” and “spoofing” activities, often directed at a client’s customers by would-be identity thieves impersonating the client in order to capitalize on (and thereby damage) its trusted status.