Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Privacy Issues in Licensing:
Business to Business Data Sharing
Susan Lyon-Hintze
Hintze Law
Amanda L. Gratchner
NAVEX Glob...
Is Data the New IP Asset?
Intersection Between Personal Data and IP
Restrictions, rights, and obligations
Compliance
Laws &
Regs
Contracts
Industry
Standards
Company
Policies
Data privacy basics
• OECD Guidelines
• Privacy is not security
• Cultural views on data privacy
Data privacy basics
Level set…what is…
•Personal Data
•Data Subject
•Data Controller
•Data Processor
•Cross-border transfer
Who owns personal data?
Data Subject?
- Privacy Laws
Data Controller?
- Trade secrets
- Copyright
Data Processor?
- Aggreg...
Terms of service – data ownership
Terms of service
– data ownership
Terms of service – data ownership
“You own all of the content and information you post on
Facebook…”
“You retain your righ...
Terms of service
– other privacy
considerations
What rights do others have/want to use data?
Data subjects
• Access rights
• Portability
• Right to be forgotten
• Unambig...
Copyrights in personal information
Restrictions on asset transfers and sales
Federal
• FTC Act –
• Toysmart- Privacy policy sharing restrictions
• Borders – ...
M&A due diligence
Information requests
• Description of complaints, inquiries,
investigations, claims, litigation
• Disclo...
Cross-border data transfer restrictions
EU
• Model Clauses/SCCs
• Binding Corporate Rules
• Codes of Conduct
• Certificati...
Data security
• Contractual allocation of risks and
burdens related to securing data and
resultant breach
• SEC cyber-secu...
Antipiracy investigations and enforcement
• EU laws
• Privacy > IP
• Computer Fraud and Abuse Act
(offensive and defensive...
Questions?
Hintze Law
Privacy+Data Law
Susan Lyon-Hintze
susan@hintzelaw.com
@slhintze
2016 WSBA Privacy Issues in Licensing
Upcoming SlideShare
Loading in …5
×

2016 WSBA Privacy Issues in Licensing

251 views

Published on

  • Be the first to comment

  • Be the first to like this

2016 WSBA Privacy Issues in Licensing

  1. 1. Privacy Issues in Licensing: Business to Business Data Sharing Susan Lyon-Hintze Hintze Law Amanda L. Gratchner NAVEX Global, Inc. These materials and content have been prepared by Hintze Law for informational purposes only and are not legal advice.
  2. 2. Is Data the New IP Asset?
  3. 3. Intersection Between Personal Data and IP
  4. 4. Restrictions, rights, and obligations Compliance Laws & Regs Contracts Industry Standards Company Policies
  5. 5. Data privacy basics • OECD Guidelines • Privacy is not security • Cultural views on data privacy
  6. 6. Data privacy basics Level set…what is… •Personal Data •Data Subject •Data Controller •Data Processor •Cross-border transfer
  7. 7. Who owns personal data? Data Subject? - Privacy Laws Data Controller? - Trade secrets - Copyright Data Processor? - Aggregate Data - Analytics
  8. 8. Terms of service – data ownership
  9. 9. Terms of service – data ownership
  10. 10. Terms of service – data ownership “You own all of the content and information you post on Facebook…” “You retain your rights to any Content you submit, post or display on or through the Services.” “You retain all ownership rights in your User Content. ”
  11. 11. Terms of service – other privacy considerations
  12. 12. What rights do others have/want to use data? Data subjects • Access rights • Portability • Right to be forgotten • Unambiguous consent Vendors/Partners • Licenses • Use of PII v. Non-PII • Sharing • Use for own purposes v. • on behalf of data controller • Use for purposes of others
  13. 13. Copyrights in personal information
  14. 14. Restrictions on asset transfers and sales Federal • FTC Act – • Toysmart- Privacy policy sharing restrictions • Borders – Bankruptcy - privacy ombudsman • Internet of Things Report • Family Education Rights and Privacy Act (FERPA) • Childrens Online Privacy Protection Act (COPPA) • Video Privacy Protection Act (VPPA) • Gramm-Leach-Bliley Act (GLBA) • Health Information Portability & Accountability Act (HIPAA) New York AG • Datran Media case EU and Member State Laws • Notice and Consent Principles California • Shine the Light • CalOPPA
  15. 15. M&A due diligence Information requests • Description of complaints, inquiries, investigations, claims, litigation • Disclosure of breach incidents • List of third parties with whom data has been shared • Network/data flow diagrams Doc requests • Copies of policies – past and present • Audit reports • Marketing collateral Reps and warranties • Target has rights to transfer data and transfer won’t violate laws • Acquiring companies intended use of data won’t violate privacy laws • Notices provided and/or consents obtained from data subjects if needed
  16. 16. Cross-border data transfer restrictions EU • Model Clauses/SCCs • Binding Corporate Rules • Codes of Conduct • Certification/Seal • Adequacy finding • Privacy Shield (US only) Argentina China Costa Rica Colombia Russia Switzerland
  17. 17. Data security • Contractual allocation of risks and burdens related to securing data and resultant breach • SEC cyber-security risk disclosures • FTC - In the Matter of GMR Transcription Services – duty to conduct due diligence regarding service provider and contract for security
  18. 18. Antipiracy investigations and enforcement • EU laws • Privacy > IP • Computer Fraud and Abuse Act (offensive and defensive) • Robots.txt • Wiretap laws • Interception of communications • Discovery • EU data transfer restrictions • CAN-SPAM • Cease and desist letters
  19. 19. Questions? Hintze Law Privacy+Data Law Susan Lyon-Hintze susan@hintzelaw.com @slhintze

×