Search for:
Author

Lothar Determann

Browsing
Lothar Determann has been helping companies in Silicon Valley and around the world take products, business models, intellectual property and contracts global for nearly 20 years. He advises on data privacy law compliance, information technology commercialization, interactive entertainment, media, copyrights, open source licensing, electronic commerce, technology transactions, sourcing and international distribution at Baker McKenzie in San Francisco & Palo Alto. He is a member of the Firm's International/Commercial Practice Group and the TMT and Healthcare industry groups.

Companies in the European Economic Area (EEA), Switzerland, and the UK are considering the pros and cons of the third attempt of the EU Commission and US government to establish interoperability between their data protection and privacy law systems after the demise of the US Safe Harbor Program and the EU–US Privacy Shield. Should US companies register? Are the efforts worth the potential benefits, given that the new programme has already been challenged and may be invalidated like previous programmes for reasons that businesses cannot control? Should companies that were already enrolled in the previous programmes accept automatic enrolment or leave the programme?

On Tuesday, 23 January 2024 we are hosting an in-person client event in our New York office on Generative AI: Harnessing the Power and Mitigating Risk. The program includes an exciting in-house counsel panel featuring key speakers from Calix, Wolters Kluwer and Tiffany & Co. We’ll also hear from a cross-discipline Baker team who will discuss legal and regulatory considerations and mitigating risk when using Gen. AI,

During a LinkedIn Live session on 27 September 2023, IAPP Research and Insights Director Joe Jones discussed the latest regulatory law, policy and enforcement developments, and compliance considerations for children’s privacy in the EU, UK, and US with Baker McKenzie’s Elizabeth Denham, Lothar Determann and Jonathan Tam.

In the ongoing debate concerning data broker regulation, trade-offs between competition and privacy are not always holistically appreciated. This article — originally published in Competition Policy International’s TechReg Chronicle — examines the importance of data protection for individual privacy and access to data for competition, discusses the role of data brokers in data privacy and sharing, and reviews existing, new, and proposed regulations of data brokers who now face additional and varying restrictions in state and federal privacy and consumer protection laws that will increase their compliance costs.

In first-of-its-kind legislation, under SB 54, California will require venture capital companies to collect and report diversity data from portfolio company founders as soon as 1 March 2025. The new Fair Investment Practices by Investment Advisers law intends to increase transparency regarding the diversity of founding teams receiving venture funds from covered entities in California.

On 8 October 2023, California Governor Gavin Newsom signed two bills into law amending the California Consumer Privacy Act. AB 947 classifies citizenship and immigration status as “sensitive personal information” subject to special protections under the CCPA, while AB 1194 strengthens reproductive privacy rights. Both bills carried the unanimous endorsement of the California Privacy Protection Agency. Details for each bill are described below followed by actionable guidance businesses can take to prepare now before these laws go into effect on 1 January 2024.

If you are a data broker or a business that relies on data brokers for targeted advertising, you should be aware that the California Data Broker Law will be significantly changed under the California Delete Act, which was signed into law by California Governor Newsom on 10 October 2023. Under the act, the California Privacy Protection Agency (CPPA) is required to set up, by 1 January 2026, an accessible deletion mechanism where consumers can request deletion via the CPPA that all data brokers then have to honor.

Following a five-year legislative process, India’s Digital Personal Data Protection Act (DPDP) received presidential assent on 11 August 2023. Practically speaking, the DPDP is not yet enforceable as the government still needs to establish the Data Protection Board of India (Board), which will serve as the enforcement authority for the law. The Board, in turn, must implement certain legally binding rules before the DPDP becomes fully operational.

Over the past few years, regulators around the world have stepped up enforcement of privacy laws that protect minors online. All companies that offer online services may find themselves in possession of minors’ personal data. And so, companies that take part online should consider some general recommendations, especially in light of the growing body of youth online privacy and safety laws.