In September 2021, Quebec’s Parliament updated its data privacy regime by passing the Act to Modernize Legislative Provisions as Regards the Protection of Personal Information, 2021 (“Law 25”). It is critical to determine whether an organization is subject to Law 25, as there are potential fines of up to 4% of an organization’s worldwide turnover.
Tyler J. Thompson advises clients on data privacy and protection, technology contracts and contract processes, websites and mobile apps, digital accessibility, social media, and direct to consumer marketing. Tyler offers clients practical and efficient legal counsel, striving to manage costs and risk with business-friendly strategies.
With deep experience in digital compliance, Tyler focuses on handling all aspects of a client’s website or mobile app to pursue compliance while maintaining the best user experience. His practice also focuses on creating enforceable digital agreements with platform users, whether that platform is a website, SaaS, mobile app, or video game.
Tyler has designed and implemented privacy programs for clients from Fortune 500s to start ups, ensuring those clients are compliant with U.S. and international privacy laws. Tyler also advises on data retention and minimization, privacy by design, data inventories, and privacy impact assessments. Tyler is certified as a Fellow of Information Privacy (FIP) by the International Association of Privacy Professionals. In addition, he is a Certified Information Privacy Professional for the United States (CIPP/US), Europe (CIPP/E), Asia, (CIPP/A) and Canada (CIPP/C) as well as a Certified Information Privacy Manager (CIPM) and Certified Information Privacy Technologist (CIPP/T). Tyler is also an ISACA Certified Data Privacy Solutions Engineer (CDPSE).
In the technology space, Tyler has provided guidance on open source software, digital marketing, software licensing, and SaaS agreements. He also works with clients to modernize commercial contracting processes and privacy practices, enabling in-house attorneys to function more efficiently and conserve resources.
Increased Global Regulatory Focus on Mobile Apps: What Companies Should Know
Data protection authorities worldwide, including France’s Commission Nationale de l’Informatique et des Libertés (CNIL), the California attorney general (CAG), and the U.S. Federal Trade Commission (FTC), recently have indicated their intention to increase privacy enforcement efforts against mobile apps. As the digital landscape continues to evolve, data protection and privacy concerns remain…
Unlocking the Power of Contract Negotiation Playbooks
How to Maximize Efficiency and Reduce Risk in Contract Negotiations
Contracts are the lifeblood of commercial relationships. Negotiating these contracts can be time-consuming, complex, and fraught with legal risks. A well-crafted “playbook” for contract negotiations can significantly streamline the process, mitigate potential risks, and ultimately save time and money for your organization and in-house counsel.
Quebec Has New Privacy Requirements Already in Place, With More on the Way in 2023
Bill 25 Requires Immediate Action and a Compliance Plan for This Year
In September 2021, Quebec’s Parliament enacted Law 25 (formerly Bill 64) (the “Law”), which updated Quebec’s data protection laws and added requirements for enterprises that do business within the province. Specifically, as of September 2022 companies should have 1) appointed a data protection…
Cookies and Other Tracking Technologies May Violate HIPAA
Given recent Health and Human Services’ Office for Civil Rights guidance, HIPAA-regulated entities should consider immediately taking the steps discussed in this GT blog post to reduce the risk associated with their use of tracking technologies.
Continue Reading Cookies and Other Tracking Technologies May Violate HIPAA
Don’t Have a Do-Not-Call Policy? Every SMS You Send Could Violate the TCPA and Come With A Private Right of Action
The Telephone Consumer Protection Act (TCPA) covers unsolicited calls and texts, aimed at protecting consumers from harassing and unwanted communications. With the April 2021 Facebook SCOTUS case (see GT Alert) reducing the prevalence of some TCPA claims with private rights of action, new claims are starting to emerge as plaintiffs’ favorites.
Brazil’s 2021-2022 LGPD Privacy Regulatory Process Nearing Completion
Recent developments from the ANPD provide insight into the path ahead.
On July 7, 2022, Brazil’s National Data Protection Authority (ANPD) published its semiannual Regulatory Agenda Monitoring Report. This report updated the public on the current status of the ANPD’s regulatory agenda. With the comment period for regulations on international data transfers officially closing June…