Photo of Gretchen A. Ramos

Gretchen A. Ramos is Co-Chair of the Data, Privacy & Cybersecurity Practice and focuses her practice on privacy, cybersecurity, and information management. A creative problem-solver with a long track record of success in commercial disputes, she never loses sight of the simple fact that she works in a service industry. Clients appreciate not only her legal skills, but also her direct, no-nonsense approach to client service, including her bullet-pointed emails, snapshot executive summaries, and creativity in finding ways to streamline communications for in-house counsel with dozens of other projects—and little time—on their hands.

Gretchen’s clients come from diverse industries, including technology (SaaS), health care and life sciences, consumer products, manufacturing, academic institutions, and non-profits. She provides clients with practical business advice on compliance with state and federal U.S. laws, GDPR, APEC, and other global privacy laws in relation to their external and internal privacy and security procedures, product and app development, and advertising practices. Gretchen also regularly drafts and negotiates contracts concerning data-related vendors, assists clients in assessing privacy risks in corporate transactions, and provides guidance on and conducts privacy and security assessments. She has managed dozens of data breaches, and helps clients prepare for and immediately respond to security incidents and breaches.

On Oct. 10, 2019, the California Attorney General’s Office issued the California Consumer Privacy Act Proposed Regulations. The proposed regulations focus on the following CCPA provisions:

  1. notice to consumers;
  2. business practices for handling requests;
  3. verification of requests;
  4. special rules regarding minors; and
  5. nondiscrimination.

Organizations will have until December 8 to submit comments on the

As state legislatures across the country adjourn for summer recess, privacy legislation has stalled in many states. Nevertheless, organizations should be aware of several developments on the horizon, including:

  • Nevada’s new opt-out law is effective October 1, 2019, less than six weeks from today;
  • California’s legislature is set to finalize proposed amendments to the California

On July 29, 2019, the Court of Justice of the European Union (CJEUfound that a website operator using a social media plugin is a joint controller with the social media company providing the plugin and can be held jointly liable in relation to such processing activities. Although the case was decided under

While businesses prepare to comply with the California Consumer Privacy Act (CCPA), Nevada has followed California’s lead and has amended its law to provide consumers with the right to opt-out of the “sale” of their personal information by website operators.

The amendment, SB 220, will take effect October 1, 2019, three months before the

On April 23, 2019, the California Assembly Privacy and Consumer Protection Committee voted to advance several key amendments to the California Consumer Privacy Act (CCPA), which are outlined below. If these amendments pass into law, they would limit the scope of the CCPA. For guidance on CCPA compliance or more information about these bills and