Tyler Thompson

Tyler J. Thompson advises clients on data privacy and protection, technology contracts and contract processes, websites and mobile apps, digital accessibility, social media, and direct to consumer marketing. Tyler offers clients practical and efficient legal counsel, striving to manage costs and risk with business-friendly strategies.

With deep experience in digital compliance, Tyler focuses on handling all aspects of a client’s website or mobile app to pursue compliance while maintaining the best user experience. His practice also focuses on creating enforceable digital agreements with platform users, whether that platform is a website, SaaS, mobile app, or video game.

Tyler has designed and implemented privacy programs for clients from Fortune 500s to start ups, ensuring those clients are compliant with U.S. and international privacy laws. Tyler also advises on data retention and minimization, privacy by design, data inventories, and privacy impact assessments. Tyler is certified as a Fellow of Information Privacy (FIP) by the International Association of Privacy Professionals. In addition, he is a Certified Information Privacy Professional for the United States (CIPP/US), Europe (CIPP/E), Asia, (CIPP/A) and Canada (CIPP/C) as well as a Certified Information Privacy Manager (CIPM) and Certified Information Privacy Technologist (CIPP/T). Tyler is also an ISACA Certified Data Privacy Solutions Engineer (CDPSE).

In the technology space, Tyler has provided guidance on open source software, digital marketing, software licensing, and SaaS agreements. He also works with clients to modernize commercial contracting processes and privacy practices, enabling in-house attorneys to function more efficiently and conserve resources.

Follow:

Quebec’s New Privacy Law 25: Is There a Nonprofit Exception?

By Tyler Thompson & Mike Summers ˘ on April 17, 2023

Posted in Data, Data Privacy & Cybersecurity, Data Privacy Law, Featured, Privacy

In September 2021, Quebec’s Parliament updated its data privacy regime by passing the Act to Modernize Legislative Provisions as Regards the Protection of Personal Information, 2021 (“Law 25”). It is critical to determine whether an organization is subject to Law 25, as there are potential fines of up to 4% of an organization’s worldwide turnover.…

Increased Global Regulatory Focus on Mobile Apps: What Companies Should Know

By Tyler Thompson on April 11, 2023

Posted in California, Cybersecurity, Data Privacy & Cybersecurity, Data Privacy Law, Featured, Global Privacy Control

Data protection authorities worldwide, including France’s Commission Nationale de l’Informatique et des Libertés (CNIL), the California attorney general (CAG), and the U.S. Federal Trade Commission (FTC), recently have indicated their intention to increase privacy enforcement efforts against mobile apps. As the digital landscape continues to evolve, data protection and privacy concerns remain…

Unlocking the Power of Contract Negotiation Playbooks

By Tyler Thompson, Sarah C. Schenker, Talia Boiangin & Joe Shapiro on March 29, 2023

Posted in Featured

How to Maximize Efficiency and Reduce Risk in Contract Negotiations

Contracts are the lifeblood of commercial relationships. Negotiating these contracts can be time-consuming, complex, and fraught with legal risks. A well-crafted “playbook” for contract negotiations can significantly streamline the process, mitigate potential risks, and ultimately save time and money for your organization and in-house counsel.

Quebec Has New Privacy Requirements Already in Place, With More on the Way in 2023

By Tyler Thompson & Mike Summers ˘ on February 24, 2023

Posted in Data, Data Privacy & Cybersecurity, Featured, Personal information, Privacy Legislation

Bill 25 Requires Immediate Action and a Compliance Plan for This Year

In September 2021, Quebec’s Parliament enacted Law 25 (formerly Bill 64) (the “Law”), which updated Quebec’s data protection laws and added requirements for enterprises that do business within the province. Specifically, as of September 2022 companies should have 1) appointed a data protection…

Cookies and Other Tracking Technologies May Violate HIPAA

By Karin E. Ross & Tyler Thompson on January 9, 2023

Posted in Data collection, Data Privacy Law, Featured, HIPAA, Online tracking, Personal information, Privacy, Technology

Given recent Health and Human Services’ Office for Civil Rights guidance, HIPAA-regulated entities should consider immediately taking the steps discussed in this GT blog post to reduce the risk associated with their use of tracking technologies.
Continue Reading Cookies and Other Tracking Technologies May Violate HIPAA

Don’t Have a Do-Not-Call Policy? Every SMS You Send Could Violate the TCPA and Come With A Private Right of Action

By Tyler Thompson on December 22, 2022

Posted in Cybersecurity, Data collection, Data Privacy & Cybersecurity, Data Privacy Law, Featured, Privacy, Privacy Legislation

The Telephone Consumer Protection Act (TCPA) covers unsolicited calls and texts, aimed at protecting consumers from harassing and unwanted communications. With the April 2021 Facebook SCOTUS case[1] (see GT Alert) reducing the prevalence of some TCPA claims with private rights of action, new claims are starting to emerge as plaintiffs’ favorites.

One…

Brazil’s 2021-2022 LGPD Privacy Regulatory Process Nearing Completion

By Tyler Thompson & Mike Summers ˘ on August 31, 2022

Posted in Data Privacy Law, Featured, Latin America, Privacy, privacy framework, Privacy Legislation

Recent developments from the ANPD provide insight into the path ahead.

On July 7, 2022, Brazil’s National Data Protection Authority (ANPD) published its semiannual Regulatory Agenda Monitoring Report. This report updated the public on the current status of the ANPD’s regulatory agenda. With the comment period for regulations on international data transfers officially closing June…

Data Privacy Dish