Business Archives - Page 3 of 8 - Gavin Law Offices, PLC

U.S. Data Privacy Law – 2020 Update

Posted on November 10, 2020August 23, 2021 by Gavin Law Offices

By now, many of you have likely heard of the California Consumer Privacy Act (the “CCPA”). The law, passed by California’s State Legislature in 2018, became effective on January 1, 2020. The CCPA gives California residents more control over the personal information that businesses collect about them, granting residents the right to know how businesses use/share their personal information, the right to request that a business delete their collected personal information, and the right to opt-out of the sale of their personal information. The CCPA borrows many of its provisions from the European Union’s General Data Protection Regulation (“GDPR”). While many believed that the GDPR (adopted by the EU in 2016) would serve as a catalyst for the United States to enact a similar data privacy law, the U.S. has yet to pass, or even seriously consider, any comparably comprehensive data privacy legislation at the national level.

While several other states have passed data privacy and protection laws since 2018, arguably none have enacted laws as extensive as the CCPA. However, due to revisions California’s legislature made to the original text of the CCPA, as well as certain language included in the Final CCPA Regulations published by California’s Office of the Attorney General (OAG) earlier this year, many Californians and consumer advocacy groups do not believe the CCPA goes far enough to protect consumers’ personal information. Thus, on election day this year, California voters approved ballot initiative “Proposition 24” – the California Privacy Rights Act of 2020 (the “CPRA”). The CPRA gives additional rights to California residents and further limits businesses ability to use/sell/share personal information, amending and expanding upon the CCPA.

Most of the CPRA’s substantive provisions will not become effective until January 1, 2023. However, businesses may begin preparing for compliance with the CPRA by familiarizing themselves with the following highlights of the new law:

Applicability – Just because the CCPA was or was not applicable to your business does not mean the same for the CPRA. For example, the CPRA will cover businesses that buy, sell, or share over 100,000 consumers’ personal information (up from 50,000 under the CCPA), reducing the applicability of the law to small and midsize businesses.

Enforcement – The CCPA is currently enforced by California’s Office of the Attorney General (OAG). However, the CPRA establishes the California Privacy Protection Agency, which will have investigative, enforcement, and rulemaking powers instead of the OAG. The CPRA also removes the 30-day cure period businesses have under the CCPA and increases maximum penalties for violations concerning minors.

New category of “sensitive personal information” – The CPRA will keep the existing categories of personal information defined in the CCPA, but will add a new category for “sensitive personal information.” Californians will have increased rights when their sensitive personal information is involved.

Expanded contractual requirements – The CPRA limits the use of personal information by service providers and contractors and adds contractual requirements regarding relationships between businesses and such third parties.

Modifying/adding new consumer rights – New rights include the CPRA’s expansion of an individuals’ private right of action for certain types of data breaches and requires that covered businesses provide consumers with two or more methods for submitting requests to correct inaccurate personal information.

Regulates “sharing” in addition to “selling” personal information, to include cross-context behavioral advertising – The CPRA expands upon the CCPA’s limitations on businesses’ “sale” of consumers’ personal information to cover the “sharing” of consumers’ personal information even if such information is not being sold for monetary value. Specifically, this will regulate “cross-context behavioral advertising,” defined by the CPRA as “the targeting of advertising to a consumer based on the consumer’s personal information obtained from the consumer’s activity across businesses, distinctly branded websites, applications, or services, other than the business, distinctly-branded website, application, or service with which the consumer intentionally interacts.” Businesses that share personal information, including in the cross-context behavioral advertising context, will need to provide an opt-out choice for consumers, such as “Do Not Sell/Do Not Share My Personal Information for Cross-Context Behavioral Advertising.”

The above highlights, as well as the other provisions of the CPRA, bring California’s data privacy laws closer to resembling the GDPR. It will be interesting to see whether other states follow suit in 2021. While Virginia established a task force to study data privacy issues last General Assembly session, it has not yet passed any data privacy law as comprehensive as the CCPA/CPRA. The Commonwealth, as well as numerous other states, will likely consider data privacy legislation next year.

In the meantime, while the effective date of the CPRA may seem far away, California’s OAG continues to publish updates to the CCPA Regulations and to enforce existing law. For example, while the Final Text of the CCPA Regulations was published in August, the OAG released a fourth set of modifications to the Regulations on December 10, 2020. The latest modifications include further clarifications on the CCPA, including much-awaited guidance on the “Do Not Sell My Personal Information ‘Button.’” Thus, businesses still need to regularly review their CCPA compliance while they prepare for the CPRA. You can find more information on the CCPA, including updates, here: https://www.oag.ca.gov/privacy/ccpa. Gavin Law Offices will continue to track data privacy-related issues in California, Virginia, and across the U.S. and abroad, and are here to help you navigate this complex field of law.

– Courtney Reigel, Esq.

For more information on our data privacy experience and services, click here.

Navigating the Legal Landscape in Changing Times

Posted on May 21, 2020November 10, 2020 by Gavin Law Offices

Rina Van Orden sat down with Taylor Quinn from Filmspire to chat about how Gavin Law Offices assists clients in protecting their intellectual property and navigate the legal landscape during these changing times.

Trademark Maintenance During Business Interruptions

Posted on March 30, 2020November 10, 2020 by Gavin Law Offices

During this unpredictable time, we have a few practical trademark maintenance tips that could save “future you” time and money. Foundationally, trademark rights are maintained via use of the mark in commerce. For federally registered marks, this use is evidenced in maintenance filings during the lifecycle of the trademark. However, use in commerce may be difficult, if not impossible, during pandemic-related shutdowns. Typically, periods of non-use of a mark can leave a trademark owner without evidence to support a registration’s maintenance filings and may also leave a trademark vulnerable to claims of cancellation or abandonment.

The good news is that the Lanham Act, the law governing federal trademark rights, has a built in safeguard that allows owners to avoid unnecessary and unwanted results in light of unforeseen events, like, for example, global pandemics…

In the event that you have a U.S. Trademark Office maintenance filing due in the coming months, our team is ready to assist you. Just as important, trademark owners that may not have maintenance filings due, but who experience interruptions in operations, should note the following for their records:

The date that use of the mark stopped (or your “non-essential” business had to cease operations);
The approximate date when you hope to resume use (or resume operations); and
Documentation of the facts that lead to non-use (for example, an order from local or state government) and affirmation that you intend to use your trademark when those special circumstances are relieved. (37 C.F.R.§2.161)

We recognize that the health and safety of your family and community is your top priority during this difficult time. We will do our part to help you focus on what matters most by providing our expertise on the path forward for your business.

For further information regarding your trademarks, please feel free to contact us.

-Elizabeth Sewell, Esq.

2020 Update: Data Privacy Laws in the United States

Posted on January 28, 2020November 10, 2020 by Gavin Law Offices

After the European Union passed the General Data Protection Regulation (“GDPR”) in 2016, the world watched to see whether the United States would adopt a similar data privacy law at the federal level. While U.S. lawmakers, the tech industry, and consumer advocates have been working towards a federal data privacy bill, Congress has yet to pass, or even seriously consider, such legislation. However, a federal law may finally be on the horizon – two data privacy bills have been introduced in the Senate, and a bi-partisan bill is currently being developed by a House committee. In honor of Data Privacy Day, celebrated internationally on January 28, we explore the current status of data privacy laws in the United States.

In the absence of a comprehensive federal law, numerous states across the U.S. have passed their own data privacy legislation, including, perhaps most notably, California. The California Consumer Privacy Act of 2018 (“CCPA”) became effective on January 1, 2020, creating new obligations for covered businesses regarding privacy notices and the handling of California consumers’ personal information. The CCPA only protects Californians’ personal information but may apply to companies that do business in California even if they are not physically located in the state. Businesses continue to scramble to understand and comply with the CCPA, which is only one of many state and industry-specific laws forming the current patchwork of data privacy laws in the U.S.

However, a federal solution may be on the horizon. In November 2019, two data privacy bills were introduced in the Senate – the Consumer Online Privacy Rights Act (COPRA) and the United States Consumer Data Privacy Act (CDPA). The bills share many similarities, including enforcement by the Federal Trade Commission, and would provide individuals with new rights regarding their personal information. However, COPRA (introduced by Sen. Maria Cantwell, D-Wash.) and the CDPA (introduced by Sen. Roger Wicker, R-Miss.) vary on some important points, leading many to wonder whether either bill could make it through Congress. For example, COPRA would preempt only state laws that expressly conflict with the Act, leaving state laws that provide additional protection to consumers intact, whereas the CDPA would preempt all state laws regarding data privacy (except for data breach notification provisions), including the CCPA. COPRA would also allow for an individual private right of action, similar to the CCPA, while the CDPA would not.

Additionally, the House Energy & Commerce Committee recently released an initial draft of a bi-partisan data privacy bill. Bi-partisan support will be critical for Congress to enact a federal data privacy law, but the initial House bill does little to reconcile the differences between the two introduced Senate bills. Further, while this federal legislation is pending, numerous states are actively considering data privacy bills themselves. Specifically, multiple states are in the process of considering data privacy legislation mirroring the CCPA. In other states, such as Virginia (where the Virginia Privacy Act was introduced earlier this month), representatives have pulled provisions from the CCPA as well as the GDPR to create a more tailored bill for their state legislature to consider. With many states in their legislative sessions and various federal bills pending, 2020 is already shaping up to be an exciting year for data privacy in the United States.

-Courtney Reigel, Esq.

Recording Trademark Registrations with U.S. Customs

Posted on September 19, 2019October 17, 2019 by Gavin Law Offices

Every year, U.S. Customs and Border Protection (CBP) processes millions of cargo containers passing through the over 300 ports of entry into the United States. CBP examines the imports, searching for – among other criminalities – violations of intellectual property rights. The agency’s inspection process results in the annual seizure of thousands of imported counterfeit and infringing goods.

Trademark owners may not be aware of the major role CBP has in policing the infringement of intellectual property rights by foreign-sourced products. In order to reap the benefits of the agency’s enforcement actions, trademark owners should consider recording their U.S. trademark registrations with CBP. The process of recording a trademark is inexpensive and relatively quick, especially in comparison with civil litigation. Moreover, recording trademarks with CBP may be an effective method of deterring, and discovering, potential infringements.

In order to record a mark with CBP, a trademark owner must have a federal registration for the mark on the U.S. Trademark Office’s (USPTO) principal register. Trademarks on the USPTO’s supplemental register, common-law marks, or state-registered trademarks may not be recorded with CBP. In addition to submitting an application and a filing fee ($190 per mark, per class), applicants may provide supplementary information and/or documents to assist CBP with enforcement. For example, trademark owners have submitted “product guides” with information about identifying legitimate marks or infringing goods.

Trademarks approved for recordation will be added to CBP’s national database of protected marks (and copyrights, which may be recorded with CBP as well). Having a trademark included in this database is a significant benefit of recordation. CBP agents refer to the database to enforce intellectual property rights, and inclusion in the database ensures that CBP is aware of a mark. The public has access the CBP database as well, which may deter potential infringers who can easily check to see which marks are being actively protected.

CBP may seize and detain goods which potentially infringe a trademark owner’s rights and which have been recorded with the agency and included in the database. If CBP seizes/detains goods which may infringe a recorded trademark, the agency will contact the trademark owner and can send the owner photographs or samples to assist with identifying infringement. Therefore, while recording a mark with CBP ensures that the agency is aware of a trademark owner’s mark and that the agency will alert the owner of potential infringements, trademark owners themselves are also responsible for assisting CBP with enforcing their rights.

Owners of international trademark registrations may record their marks with foreign countries as well. For example, owners of Chinese trademark registrations may record their mark with the General Administration of Customs in China, which examines imports and exports for potentially infringing goods.

In summary, recording a trademark with CBP establishes a partnership between trademark owners and the agency that may help owners discover and reduce foreign infringements. Please contact us with any questions regarding the recordation of your registered trademarks and/or copyrights with CBP.