Following recent changes to Department of Justice policy regarding individual accountability in government investigations of corporate wrongdoing, DOJ has recently further demonstrated its willingness to consider a flexible approach in applying the False Claims Act.

In a January 28, 2019 speech by Deputy Associate Attorney General Stephen Cox to the 2019 Advanced Forum on

Welcome back to our two-part series examining CNIL vs. Google: 10 lessons from the largest data protection fine ever issued.  In this post we continue our analysis of CNIL vs. Google by taking a closer look at the additional lessons we can learn from this important decision. 
6. …tell data subjects exactly what you’re doing with their data
CNIL found that it was hard for users to understand what Google was doing with their data. They commented: “Users are not able to fullly understand the extent of the processing operations… the purposes of processing are described in too generic and vague a manner and so are the categories of data processed for these various purposes.”

The lesson here is: tell data subjects clearly what data you are collecting and what you are using it for. Do not try to obfuscate it.

In January 2019, the French data protection authority, CNIL (Commission Nationale de l’informatique et des libertés), announced that it had fined Google 57 million euros (approximately £44 million or USD$65 million) for breaching the EU’s General Data Protection Regulation (GDPR) through its use of targeted advertising.

The fine arose out of complaints made against Google to CNIL by privacy activists immediately after the GDPR came into force in May 2018. At the time of writing, it is the largest data protection fine ever issued – but what can we learn from CNIL’s decision?

The California Attorney General is currently on a California tour soliciting public comment on the CCPA.[i] To date, the Attorney General has held public forums in San Francisco (January 8th), San Diego (January 14th) and Riverside (January 24th) and will continue on to Los Angeles (January 25th), Sacramento (February 5th), and Fresno (February 13th). These hearings are being held pursuant to a CCPA requirement that the Attorney General “solicit broad public participation and adopt regulations to further the purposes” of the CCPA. Specifically, the Attorney General is directed to seek public feedback on the following areas: expanding the definition of “personal information,” establishing additional exceptions to compliance, establishing rules and procedures for facilitating consumer opt-out requests, just to name a few.

With the SEC prioritizing protection of retail investors, investment advisers are facing increased scrutiny for misappropriation offenses. Adviser representatives are becoming more creative, making it harder for investment advisers to detect misappropriation. It may be easy for investment advisers to rely on software and automated-alerts to safeguard client assets, but the days of solely

Recent developments in privacy law and a rise in class action lawsuits related to data collection offer a cautionary tale about understanding legal and ethical boundaries of monitoring “on-the-clock” employee conduct. With a hodgepodge of federal, state, and local legislation governing employee privacy rights, employers are often left to navigate a complicated legal landscape while balancing the practical need to understand how employees are using company information and equipment.  Employers, for example, have a legitimate interest in protecting company trade secrets, detecting unlawful transmission of unlicensed material, and improving work productivity.  Employees, on the other hand, may have a reasonable expectation of privacy in certain contexts while at work.

This quandary begs the question, where do employers draw the line?

The Blackstone Group has announced the closing of its acquisition of Clarus. The business will now operate as Blackstone Life Sciences.

Blackstone indicated that its new private investment platform will invest across the lifecycle of companies and products within life sciences sectors.

Historical funds will retain the Clarus name.

Blackstone had previously announced its acquisition

This Post is a “Part II” to our recent blog post describing the CFPB’s current plans to consider new rules that may narrow lenders’ exposure to “disparate-impact” liability under the Equal Credit Opportunity Act (“ECOA”), as well as other federal developments along the same lines, particularly with respect to auto lending. Today, we report on

This post recently appeared in our sister publication, Consumer FinSights.

In its recently published Fall 2018 Rulemaking Agenda, the Bureau of Consumer Financial Protection announced that it is considering future rulemaking activity regarding the requirements of the Equal Credit Opportunity Act (“ECOA”) – specifically, “concerning the disparate impact doctrine in light of recent