FRENEMIES Podcast logoThere’s tension in this relationship. Marketing and the legal department know they need each other, but that doesn’t mean they always understand each other.

Marketers are out-of-the-box thinkers whose ideas engage customers and drive company revenue. Lawyers help the business stay in business by avoiding unnecessary risk, which sometimes requires them to say “no” to the marketing team’s ideas. It’s no wonder the departments are often frenemies, supporting the same organizational goals, but sometimes pushing back on each other.

In the interests of peace, love and understanding, McGuireWoods’ IP and privacy teams present “Frenemies,” a series of short videos covering legal considerations in advertising. We hope these episodes help marketing and legal departments understand each other, work together, issue-spot, and maybe go from being frenemies to friends. Registration is not required and after release, each season will be available for binge watching from your office or your couch.


Continue Reading Frenemies Video Series – Season 1: Marketers and Lawyers Learn to Speak the Same Language

On October 13. 2020, White Castle System, Inc. petitioned the United States Court of Appeals for the Seventh Circuit for permission to seek an interlocutory appeal pursuant to 28 U.S.C. § 1292(b).  This petition arises out of the United States District Court for the Northern District of Illinois’ opinion on White Castle’s motion for judgment on the pleadings issued on August 7, 2020.  The matter hinged on whether repeated collection of the same biometric information from an employee without prior consent constituted separate violations of the Illinois Biometric Information Privacy Act (BIPA).

Summary of District Court’s Cothron v. White Castle Opinion

In the district court’s opinion, Judge Tharp held that “[a] party violates Section 15(b) [of the BIPA] when it collects, captures, or otherwise obtains a person’s biometric information without prior informed consent.”  Judge Tharp continued, “[t]his is true the first time an entity scans a fingerprint or otherwise collects biometric information, but it is no less true with each subsequent scan or collection.”  Similarly, Judge Tharp held that BIPA requires that dissemination of information without consent, even if to the same third party as previously disseminated, is an additional violation of the BIPA.


Continue Reading Does Continued Collection of The Same Biometric Information Increase BIPA Violations? The Seventh Circuit (or Illinois Supreme Court) Has An Opportunity to Clear the Air

On October 12, 2020, the California Attorney General provided public notice of a new Proposed Third Set of Modifications to the Regulations under the California Consumer Privacy Act (the “CCPA”).  You will be forgiven if you assumed that “final approval” of the existing Regulations back in August meant the Regulations were final—or at least we hope so because we made the same assumption.

Since August, however, it appears the AG was working behind the scenes to resurrect previously withdrawn Sections 999.306(b)(2) (covering offline notice of opt-out if a business substantially interacts with consumers offline); 999.315(c) (minimum standards for opt-out requests); and 999.326(c) (specific requirements for authorized agents).  The AG describes the newly proposed rules as follows:


Continue Reading Spooky: Presumed-Dead CCPA Regulations Come Back to Life

Monetary penalties are the attention-grabbing headline when the FTC or any regulator brings an enforcement action against a company.  They are the looming threat to incentivize and influence compliance.  Over the summer, FTC Chairman Joseph J. Simons (“Chairman Simons”) issued a statement in connection with a settlement that Chairman Simons believes “the goal of a civil penalty should be to make compliance more attractive than violation.  Said another way, violation should not be more profitable than compliance.”

Continue Reading FTC Fines: FTC Chairman Reminds Companies That Fines Are the FTC’s Strategic Tool To Deter Noncompliance

On September 17, 2020, four Republican Senators (Roger Wicker – Mississippi, Chairman, John Thune – South Dakota, Deb Fischer – Nebraska, and Marsha Blackburn – Tennessee) introduced sweeping federal privacy legislation entitled: Setting an American Framework to Ensure Data Access, Transparency, and Accountability (“SAFE DATA”) Act. This proposed comprehensive national privacy law has three main components:

  1. Provides consumers with more choice and control over their data
  2. Directs business to be more transparent and accountable
  3. Strengthens the FTC’s enforcement power


Continue Reading Federal Data Privacy Legislation: Will it Help the US Remain Competitive in the Global Marketplace?

On August 14, 2020, the California Attorney General announced final approval of the California Consumer Privacy Act Regulations by the Office of Administrative Law.  The Regulations take effect immediately.

While the revisions made to the Final Regulations mostly consist of “non-substantive changes” to correct grammatical errors or clarify the wording of various provisions, business should be aware of the “global modifications” made in a few key areas.  These are summarized below along with our take on what they may mean for businesses:


Continue Reading Finally Final: CCPA Regulations Take Effect

Earlier this year, U.S. Senator Sherrod Brown of Ohio released a draft discussion bill that if implemented would drastically alter corporations’ ability to collect and use personal information from consumers.

According to Sen. Brown, “We need legislation now more than ever that empowers Americans to control their personal information. No person should have to worry about being spied on, just as no one should worry about their information being bought and sold or stolen.” Brown believes that his bill would “change the fundamental framework of privacy in this country” by shifting the burden of privacy protection from consumers to corporations. Brown’s new bill is critical of the current consent-based framework that requires customers to agree to privacy policies in order to use specific online service.


Continue Reading Senator Brown Proposes New Privacy Bill

Earlier this year, several pieces of privacy related legislation pending in the 2020 General Assembly session were referred by a standing committee of the Virginia House of Delegates to the Joint Commission on Technology and Science (JCOTS) for study outside of the regular legislative session.  JCOTS has taken its first steps toward establishing study committees to look at several issues prior to the 2021 regular legislative session.

Specifically, JCOTS established the following study committees:

  • Data Protection & Privacy Advisory Committee
  • Children’s Online Protection Advisory Committee
  • Facial Recognition within Law Enforcement Advisory Committee


Continue Reading Virginia Legislative Commission Set to Begin Look at Data Protection, Privacy and Children’s Online Privacy Protection Issues

In its long awaited judgment in the Schrems II case, the ECJ has this morning invalidated the EU-US Privacy Shield citing the “limitations on the protection of personal data arising from the domestic law of the United States on the access and use by US public authorities” in respect of personal data transferred from the European Union to the United States on the basis that such limitations do not provide the protections ensured under EU law. The ECJ’s concerns centered around certain US surveillance programs which are not limited to what is strictly necessary and EU data subjects not having effective rights of enforcement against US authorities under US laws.

Continue Reading ECJ Invalidates the EU-US Privacy Shield! How Safe is it to Use SCCs for Data Transfers from the EU to the US?