Search for:
Author

Thomas (Tom) Tysowsky

Browsing
Tom is a member of the North America Litigation & Government Enforcement Practice Group in Baker McKenzie's Los Angeles office, and supports the Firm’s privacy, cybersecurity and other international regulatory and advisory practices. He joined the Firm in 2019 upon graduating from Vanderbilt Law School. Previously, he spent time with the Firm’s offices in Houston and San Francisco. Before law school Tom was a Division I athlete, worked in client relations for a wealth management firm in Malaysia, and coached professional ice hockey in Norway.
In Data Privacy

United States: Colorado Privacy Act Enforcement Update

by and 2 Mins Read

The Colorado Privacy Act has been enforceable since 1 July 2023. Just as the California Attorney General has done through several sweeps, the Colorado Attorney General, Phil Weiser, has announced through letters sent to business that enforcement of the Colorado Privacy Act has begun.
The initial round of letters are meant to educate businesses on their new obligations, with particular emphasis on the collection and use of sensitive data and related prior consent requirement as well as the obligation to allow consumers to opt out of targeted advertising and profiling.

In Data Privacy

United States: Comparing the Colorado Privacy Act with the California Consumer Privacy Act

by , , and 1 Min Read

Businesses that have implemented measures to comply with the California Consumer Privacy Act of 2018, as amended by the California Consumer Rights Act of 2020 (CCPA) can leverage some of their existing vendor contract terms, website disclosures and data subject rights response processes to satisfy requirements under the Colorado Privacy Act (CPA). However, the CPA, and the recently published proposed CPA Rules, contain certain unique and prescriptive requirements that may warrant taking a CPA-specific approach to compliance. How the finalized CCPA regulations and CPA Rules look will largely dictate whether companies will need to expand or change the scope of their privacy compliance measures to meet the obligations set forth under both California’s and Colorado’s privacy regimes.

In Data Privacy

United States: How to comply with Nevada Privacy Law?

by , , , , and 8 Mins Read

Businesses that have implemented compliance measures to comply with the California Consumer Privacy Act of 2018, as amended by the California Consumer Rights Act of 2020 (CCPA) can leverage existing vendor contract terms, website disclosures and data subject right processes to satisfy requirements under Nevada’s Revised Statutes Chapter 603A. Most companies will not need to expand the scope of CCPA-focused privacy notices because the Nevada laws are much more narrowly framed. But, companies may find it operationally efficient to broaden the scope of opt-out rights if they engage in data sharing practices that qualify as “selling” of personal information, for example, in the context of digital advertising.