Johanna Skrzypczyk – Debevoise Data Blog

Privacy

The Arrival of 2023 U.S. State Privacy Laws – Part 2: Colorado Update

By: Avi Gesser, Johanna Skrzypczyk, Michael R. Roberts, Alessandra G. Masciandaro and Ned Terrace February 6, 2023

On February 1, 2023, the Colorado Attorney General (“COAG”) held a public hearing as part of its rulemaking process for the Colorado Privacy Act (“ColoPA”). Ahead of the hearing, the…

Announcement

Debevoise Authors 2023 Edition of the PLI Privacy Law Answer Book

By: Luke Dembosky, Avi Gesser, Jyotin Hamid, Satish Kini, Henry Lebowitz, Erez Liebermann, Maura Kathleen Monaghan, David A. O'Neil, Jim Pastore, David Sarratt, Jeffrey P. Cunard, Kim Le, Tricia Bozyk Sherno, Johanna Skrzypczyk, Michael R. Roberts, Michael Bloom, Fanny Gauthier, Corey Goldstein, Kyle Kysela, Hannah R. Levine, Linda Lin, Melissa Muse, Kate Saba, Noah L. Schwartz and Mengyi Xu January 23, 2023

The Data Strategy and Security team at Debevoise & Plimpton LLP has authored the Practising Law Institute’s 2023 edition of the Privacy Law Answer Book, a user-friendly guide to the laws and…

CCPA

The Arrival of 2023 U.S. State Privacy Laws – Part 1: California Update

By: Avi Gesser, Johanna Skrzypczyk, Michael R. Roberts and Alessandra G. Masciandaro January 17, 2023

2023 has arrived, and with it comes a novel patchwork of privacy requirements arising out of comprehensive state privacy laws that have been adopted (or amended) by legislatures in California,…

Artificial Intelligence

Legal Risks of Using AI Voice Analytics for Customer Service

By: Avi Gesser, Johanna Skrzypczyk, Robert Maddox, Anna Gressel, Martha Hirst and Kyle Kysela January 10, 2023

There is a growing trend among customer-facing businesses towards using artificial intelligence (“AI”) to analyze voice data on customer calls. Companies are using these tools for various purposes including identity…

NYDFS

NYDFS Publishes Official Amendments to Its Cybersecurity Regulation (Part 2) – Answers to the Top Questions from Our Webcast

By: Avi Gesser, Erez Liebermann, Johanna Skrzypczyk, Caroline Novogrod Swett, Mengyi Xu and Jonathan Steinberg November 30, 2022

On November 9, 2022, the New York Department of Financial Services (the “NYDFS”) announced the publication of the official proposed amendments to its 2017 Cybersecurity Regulation 23 NYCRR 500 (the “Proposed Amendments”). The 60-day…

Consent

What the GDPR Can Tell Us About State Privacy Laws

By: Johanna Skrzypczyk, Robert Maddox and Martha Hirst November 22, 2022

The EU’s General Data Protection Regulation 2016 (the “GDPR”) changed the global privacy landscape, and has been called the “gold standard” for data protection regulation. Recently, a number of U.S.…

Announcement

Webcast: NYDFS New Draft Amendments to Part 500 Cybersecurity Rules

By: Eric Dinallo, Avi Gesser, Erez Liebermann, Caroline Novogrod Swett and Johanna Skrzypczyk November 15, 2022

On Friday, November 18, 2022 at 10:30AM ET, Eric Dinallo, Avi Gesser, Erez Liebermann, Caroline Novogrod Swett, and Johanna Skrzypczyk participated in a webcast examining the new draft amendments to…

Cybersecurity

NYDFS Publishes Official Amendments to Its Cybersecurity Regulation

By: Luke Dembosky, Avi Gesser, Erez Liebermann, Caroline Novogrod Swett, Johanna Skrzypczyk and Mengyi Xu November 10, 2022

On November 9, 2022, the New York Department of Financial Services (“NYDFS”) announced the publication of the official proposed amendments to its 2017 Cybersecurity Regulation 23 NYCRR 500 (“Proposed Amendments”).…

Privacy

Dark Patterns: What Are They and How Can Companies Avoid Regulatory Scrutiny?

By: Avi Gesser, Johanna Skrzypczyk, Michael R. Roberts and Melissa Muse October 12, 2022

There has been significant regulatory attention recently to “dark patterns,” including FTC guidance, state privacy laws, and state and federal enforcement actions. Some of this activity involves new regulations, and…

Enforcement

Lessons from the SEC’s Most Recent Reg S-P Action

By: Avi Gesser, Kristin Snyder, Erez Liebermann, Charu Chandrasekhar, Johanna Skrzypczyk and Scott M. Caravello October 6, 2022

On September 20, 2022, the SEC announced settled charges and the imposition of a $35 million penalty against a dually registered investment adviser and broker-dealer (the “Firm”) for violations of Regulation…