Photo of Gretchen A. Ramos

Gretchen A. Ramos is Co-Chair of the Data, Privacy & Cybersecurity Practice and focuses her practice on privacy, cybersecurity, and information management. A creative problem-solver with a long track record of success in commercial disputes, she never loses sight of the simple fact that she works in a service industry. Clients appreciate not only her legal skills, but also her direct, no-nonsense approach to client service, including her bullet-pointed emails, snapshot executive summaries, and creativity in finding ways to streamline communications for in-house counsel with dozens of other projects—and little time—on their hands.

Gretchen’s clients come from diverse industries, including technology (SaaS), health care and life sciences, consumer products, manufacturing, academic institutions, and non-profits. She provides clients with practical business advice on compliance with state and federal U.S. laws, GDPR, APEC, and other global privacy laws in relation to their external and internal privacy and security procedures, product and app development, and advertising practices. Gretchen also regularly drafts and negotiates contracts concerning data-related vendors, assists clients in assessing privacy risks in corporate transactions, and provides guidance on and conducts privacy and security assessments. She has managed dozens of data breaches, and helps clients prepare for and immediately respond to security incidents and breaches.

On June 24, the California Secretary of State announced that the California Privacy Rights Act (CPRA) has qualified as a statewide ballot initiative to be listed on this November’s General Election ballot.

The announcement follows official confirmation that the nonprofit group behind the ballot initiative, Californians for Consumer Privacy, obtained in excess of the 623,212

Following much anticipation, the Office of the California Attorney General (OAG) moved one step closer to the California Consumer Privacy Act (CCPA)’s wide-ranging implementing regulations becoming enforceable by law by filing the final CCPA Regulations with the California Office of Administrative Law (OAL) on June 1.

The CCPA grants the OAG the authority to begin

EDPB says that cookie walls require a tracking-free alternative (not necessarily free of charge) and the German Federal Supreme Court rules against opt-out consent for tracking cookies under German law

Introduction

In 2019, various EU member states issued guidance as to whether opt-in consent is necessary for non-essential cookies, with some guidance suggesting opt-in

With the California Attorney General’s enforcement of the California Consumer Privacy Act (CCPA) beginning on July 1, 2020, businesses are eagerly awaiting the forthcoming final version of the CCPA Regulations to ensure that their compliance is in line with the law and its Regulations. Due to the upcoming CCPA enforcement deadline, and California’s shelter-in-place status,

In August 2018, Brazil took a significant step by passing comprehensive data protection legislation: the General Data Protection Law (Lei Geral de Proteção de Dados Pessoais – Law No. 13,709/2018, as amended) (LGPD). The substantive part of the legislation takes effect August 16, 2020, leaving fewer than six short months for companies to prepare.

On February 7, 2020, the California Attorney General’s Office (OAG) issued proposed changes to the California Consumer Privacy Act Regulations (Modified Regulations), which were originally issued on October 11, 2019. Organizations have until February 24 to submit written comments on the proposed changes to the regulations implementing the CCPA.

Key Changes

Some of the major

Today, the California Office of the Attorney General (OAG) released much-anticipated revisions to its proposed implementing regulations to the California Consumer Privacy Act (CCPA).

The following were issued by the OAG on its website:

  • A notice of modifications to the text of the proposed regulations;
  • A redlined version of the revised regulations, showing the

Although the California Consumer Privacy Act (CCPA) has only been in effect for a matter of weeks – and its proposed regulations are not yet finalized – it could be overhauled by a new privacy law later this year. Last fall, the group that first formulated the CCPA as a ballot initiative in 2018, Californians

In the wake of the California Consumer Privacy Act of 2018 (CCPA) and an updated Nevada privacy law that took effect in October 2019, states are wasting no time in 2020 introducing new privacy laws of their own.

Joining the chorus of Virginia and Florida, this month state lawmakers in New Hampshire,

On January 8, 2020, the “Virginia Privacy Act” (HB 473), was introduced for consideration to the General Assembly of Virginia. The proposed legislation includes notice requirements similar to the California Consumer Privacy Act’s (CCPA), provides consumers with rights similar to those under the EU’s General Data Protection Regulation (GDPR), and unlike either