Jeewon Serrato

Subscribe to all posts by Jeewon Serrato

CCPA/CPRA Rulemaking Update: What to Expect

Photo of Jamie KimPhoto of Shruti Bhutani AroraPhoto of Jeewon SerratoBy Jamie Kim, Shruti Bhutani Arora and Jeewon Serrato on Posted in CCPA, CPRA
The California Privacy Protection Agency (“CPPA” or the “Agency”) published on November 3, 2022, a Public Notice of Proposed Modifications and Additional Materials Relied Upon, which starts what we hope is the last round of rulemaking to finalize the regulations for the California Consumer Privacy Act (“CCPA”), as amended by the California Privacy Rights Act … Continue Reading

California’s AB 587: What You Need to Know About Social Media Content Moderation

Photo of Jeewon SerratoPhoto of Jamie KimBy Jeewon Serrato and Jamie Kim on Posted in Social Media
On Sept. 13, California Gov. Gavin Newsom signed into law AB 587, which requires social media companies to publicly post their content moderation policies and semiannually report data on their enforcement of the policies to the attorney general. The first part of this article will discuss the requirements imposed by AB 587 on social media … Continue Reading

White House Releases First-Ever Comprehensive Framework for Responsible Development of Digital Assets

Photo of Jeewon SerratoPhoto of Jamie KimBy Jeewon Serrato and Jamie Kim on Posted in Cybersecurity, Data Privacy
On Sept. 16, 2022, the White House released a comprehensive framework for responsible digital asset development and, in particular, cryptocurrency. Agencies across the federal government have been working for the past six months to develop frameworks and policy recommendations to advance the six key priorities identified in President Biden’s March 9 executive order on Ensuring … Continue Reading

California’s Landmark Age-Appropriate Design Code Act: What You Need to Know

Photo of Jeewon SerratoPhoto of Jennifer MitchellPhoto of Justin T. YedorPhoto of Christine MastromonacoBy Jeewon Serrato, Jennifer Mitchell, Justin T. Yedor and Christine Mastromonaco on Posted in CCPA, Children’s Privacy
On Aug. 29, California’s Senate unanimously passed Assembly Bill 2273, known as the Age-Appropriate Design Code Act (the CA AADC or the Bill). The Bill, which is anticipated to be signed into law by Gov. Gavin Newsom, is aimed at promoting online safety and privacy for children under 18. The Bill was inspired by the … Continue Reading

CCPA Employee and B2B Exemptions Set to Expire on Jan. 1, 2023

Photo of Jeewon SerratoPhoto of Jerel Pacis AgatepPhoto of Shruti Bhutani AroraBy Jeewon Serrato, Jerel Pacis Agatep and Shruti Bhutani Arora on Posted in CCPA
The California Consumer Privacy Act (CCPA) exemptions for employee and business-to-business Personal Information (PI) likely will not be extended. Aug. 31, 2022 was the last day for each house to pass bills, per the California Constitution (Art. IV, Sec 10(c) and the Joint Rules (J.R. 61(b)(18))), and no legislative proposals or amended bills made it … Continue Reading

CPPA Publishes Notice of Proposed Rulemaking

Photo of Jeewon SerratoPhoto of Shruti Bhutani AroraPhoto of Christine MastromonacoBy Jeewon Serrato, Shruti Bhutani Arora and Christine Mastromonaco on Posted in CPRA
On July 8, the California Privacy Protection Agency Board (CPPA, Agency or Board) announced the Notice of Proposed Rulemaking (NPRM), which begins the 45-day comment period for the draft regulations. As we previously reported, the California Privacy Rights Act (CPRA) draft regulations were released on May 27, and we had a heads-up about this rulemaking … Continue Reading

CPPA Begins CPRA Rulemaking

Photo of Jennifer MitchellPhoto of Jeewon SerratoPhoto of Justin T. YedorPhoto of Jenny HaBy Jennifer Mitchell, Jeewon Serrato, Justin T. Yedor and Jenny Ha on Posted in CCPA, CPRA
On May 26, 2022, the California Privacy Protection Agency (CPPA or the Agency) held a public board meeting to provide updates on the Agency’s rulemaking process. The next day, the CPPA released draft regulations for the California Privacy Rights Act (CPRA). This post includes initial impressions of the proposed regulations and how they square with … Continue Reading

CPRA Rulemaking Explained and CPRA Amendments Push Forward, Including Employee and Business-to-Business Exemptions

Photo of Jeewon SerratoPhoto of Marshall J. MatteraBy Jeewon Serrato and Marshall J. Mattera on Posted in CPRA
On Feb. 18, Chairperson Jennifer Urban of the California Privacy Protection Agency (CPPA) addressed the California state bar and clarified the announcements that were made during the CPPA board meeting on Feb. 17. Read on for an explanation of the California Privacy Rights Act (CPRA) rulemaking process and brief summaries of the privacy bills in … Continue Reading

CPRA Regulations Postponed

Photo of Jeewon SerratoPhoto of Justin T. YedorPhoto of Marshall J. MatteraBy Jeewon Serrato, Justin T. Yedor and Marshall J. Mattera on Posted in CPRA
On Feb. 17, 2022, the California Privacy Protection Agency (CPPA or the Agency) held a public board meeting to address several topics, including the rulemaking under the California Privacy Rights Act (CPRA). Although the CPRA includes a July 1 deadline for the Agency to promulgate final regulations, it is clear the CPPA will not meet … Continue Reading

California AG Focuses CCPA Enforcement on Loyalty Programs

Photo of Jeewon SerratoPhoto of Jerel Pacis AgatepPhoto of Shruti Bhutani AroraPhoto of Foram DmytrykBy Jeewon Serrato, Jerel Pacis Agatep, Shruti Bhutani Arora and Foram Dmytryk on Posted in CCPA
On Jan. 28, 2022, the California Attorney General Rob Bonta (AG) published a statement putting businesses that operate loyalty programs on notice that the California Consumer Privacy Act (CCPA) requirements for a Notice of Financial Incentive (NOFI) is likely going to be an area of focus for enforcement. This is the first time the AG … Continue Reading

US Facial Recognition Firm Ordered to Stop Processing UK and Australian Data and Pay Fine Over Privacy Law Violations

Photo of Jeewon SerratoPhoto of BakerHostetlerBy Jeewon Serrato and BakerHostetler on Posted in AI, Biometrics, Data Privacy, GDPR, Privacy, Privacy Litigation
ICO and OAIC Find ‘Serious Breaches’ of Privacy Law On Nov. 29, 2021, the U.K. Information Commissioner’s Office (ICO) announced a provisional intent to fine Clearview AI over £17 million, alleging several privacy violations related to the company’s use of “scraped” data and biometrics of individuals. More significantly, the provisional order would require the company … Continue Reading

Federal Banking Regulators Issue 36-Hour Computer-Security Incident Notification Requirement

Photo of Adam CohenPhoto of Andreas KaltsounisPhoto of Jeewon SerratoPhoto of Shruti Bhutani AroraBy Adam Cohen, Andreas Kaltsounis, Jeewon Serrato and Shruti Bhutani Arora on Posted in Breach Notification, Data Breach Notification Laws, Data Breaches
As the federal government continues its whole-of-government response to cyber incidents, federal banking regulators took action to impose a new notice requirement on federally regulated banks. In November, the Federal Deposit Insurance Corporation (FDIC), the Office of the Comptroller of the Currency (OCC) and the Federal Reserve Board of Governors (“Board”) jointly issued a final … Continue Reading

California Privacy Protection Agency Board Chair Discusses CPRA Rulemaking Process and Agency Authority

Photo of Justin T. YedorPhoto of Jeewon SerratoBy Justin T. Yedor and Jeewon Serrato on Posted in CCPA, Consumer Data, CPRA, Data Privacy, Data Protection, Uncategorized
Justin T. Yedor and Jeewon Serrato On October 5, 2021, Jennifer Urban, who serves as Chair of the Board the California Privacy Protection Agency (the CPPA) spoke with members of the California Lawyer’s Association about the Board’s work to get the new Agency off the ground, the challenges it faces in doing so and the … Continue Reading

8 Key Takeaways for Initial Defenses Under the CCPA and CPRA

Photo of Marshall J. MatteraPhoto of Jeewon SerratoPhoto of Casie CollignonPhoto of Stanton BurkeBy Marshall J. Mattera, Jeewon Serrato, Casie Collignon and Stanton Burke on Posted in CCPA, CPRA, Data Breach Notification Laws, Data Breaches, Privacy
Authors: Marshall Mattera, Jeewon Serrato, Casie Collignon and Stanton Burke Since the Jan. 1, 2020 kickoff for private enforcement under the California Consumer Privacy Act (CCPA), plaintiffs have filed scores of class actions invoking the CCPA. Such claims, when properly made, present substantial risk to companies including statutory damages up to $750 per consumer. Early … Continue Reading

CPRA Rulemaking Begins with an Invitation by the New California Privacy Protection Agency

Photo of Justin T. YedorPhoto of Stanton BurkePhoto of Jeewon SerratoBy Justin T. Yedor, Stanton Burke and Jeewon Serrato on Posted in CCPA, CPRA, Information Security, Online Privacy, Uncategorized
By Justin Yedor, Stanton Burke, and Jeewon K. Serrato For businesses awaiting guidance on how to comply with the California Privacy Rights Act (the “CPRA”), the new California Privacy Protection Agency (“CPPA”) began the rulemaking process on September 22, 2021 with an Invitation for Preliminary Comments on Proposed Rulemaking (the “Invitation for Comment”).  In the … Continue Reading

Welcome to the Digital Transformation and Data Economy Newsletter – March 2021 Issue

Photo of Jerel Pacis AgatepPhoto of Jeewon SerratoBy Jerel Pacis Agatep and Jeewon Serrato on Posted in Pivot. Accelerate. Transform.
Across the economy, businesses are using digital technology to pivot into innovative service lines, accelerate growth and transform their businesses altogether. These businesses’ digital strategies and data assets play important roles in their success. Since the advent of the COVID-19 pandemic in the United States in March 2020, companies that had the technology to enable … Continue Reading

New Taxes on the Digital Economy: A Closer Look at the New York Data Tax Proposal

Photo of Matt HunsakerPhoto of Jeewon SerratoPhoto of Foram DmytrykBy Matt Hunsaker, Jeewon Serrato and Foram Dmytryk on Posted in Tax
Over the last year, state and local governments have proposed a variety of novel taxes on the digital economy, including taxes on digital advertising and social media platforms. Two factors have motivated these proposals: (1) closing budget gaps by taxing out-of-state companies and (2) addressing perceived public policy concerns with out-of-state companies profiting on information … Continue Reading

Welcome to the Digital Transformation and Data Economy Newsletter – February 2021 Issue

Photo of Stanton BurkePhoto of Jeewon SerratoBy Stanton Burke and Jeewon Serrato on Posted in Pivot. Accelerate. Transform.
Across the economy, businesses are using digital technology to pivot into innovative service lines, accelerate growth and transform. A business’s digital strategies and data assets play an important role in its success. Digital transformation means, among other things, deploying the latest technologies – including artificial intelligence (AI) and automated decision-making. However, advances in AI raise … Continue Reading

Happy First Birthday to the NIST Privacy Framework!

Photo of Jeewon SerratoBy Jeewon Serrato on Posted in Privacy
BakerHostetler partner Jeewon Serrato has contributed a NIST Privacy Framework’s CCPA Crosswalk and is featured in an animated video by the NIST which shows how the NIST Privacy Framework can be used by organizations to build trust with their customers, communicate better about privacy, and help meet their compliance obligations. Jeewon is also featured in NIST’s … Continue Reading

California OAG Proposes New CCPA Regs Two Weeks Before Voters Decide on the Fate of CCPA 2.0

Photo of Jeewon SerratoPhoto of BakerHostetlerBy Alan L. Friel, Jeewon Serrato and BakerHostetler on Posted in CCPA
On Monday, Oct. 12, the California Office of the Attorney General (the Attorney General or OAG) released a third set of proposed modifications to the California Consumer Privacy Act (CCPA) regulations (the Regulations). The full text can be found on the Attorney General’s website here. The proposed modifications to the Regulations are limited to four … Continue Reading

Jeewon Kim Serrato Co-Authors Article about Pricing, Value of Consumer Data and CCPA’s Non-Discrimination Requirement

Photo of Jeewon SerratoBy Jeewon Serrato on Posted in CCPA
Partner Jeewon Kim Serrato co-authored an article published in the California Lawyer Association’s Fall 2020 issue of the “Competition Journal” of the Antitrust, UCL and Privacy Section.  The article, “Privacy, Pricing, and the Value of Consumer Data: Complex Nature of the CCPA’s Non-Discrimination Requirement,” discusses the intersection of privacy and competition law and provides an in-depth … Continue Reading

Return to Work: What Employers Should Know About AB 1281, CCPA Notice Requirements and Recent Labor Law Guidance

Photo of Jeewon SerratoBy Alan L. Friel, Jeewon Serrato and Catrina Wang on Posted in CCPA
While most privacy news and alerts have been focused on the collection and processing of customer data (see our earlier posts about interest-based advertising and the House Judiciary Committee’s Antitrust Hearing with Big Tech, for example), privacy issues related to data collected from employees and business-to-business (B2B) contacts increasingly are becoming a concern for businesses. … Continue Reading

CCPA Final Regulations, with a Few Unexpected Changes

Photo of Jeewon SerratoPhoto of Stanton BurkePhoto of Taylor A. BloomBy Alan L. Friel, Jeewon Serrato, Stanton Burke, Kyle R. Fath, Taylor A. Bloom and Catrina Wang on Posted in CCPA
On Friday, August 14, 2020, California Attorney General Xavier Becerra announced approval by the Office of Administrative Law (OAL) of final regulations (Final Regs) under the California Consumer Privacy Act (CCPA). Proposed final regulations were submitted to the OAL by the Office of the Attorney General (OAG) on June 1, 2020. During OAL’s review process, … Continue Reading
LexBlog