FAQs

Data privacy relates to the collection and use of an identifiable individual’s personal information.

Although a significant amount of personal information has been exposed through data breaches, privacy policies are important because they govern a consumer’s rights to know, correct, and remediate personal information collected by a business. These rights are embodied in laws such as the California Consumer Privacy Act and the EU’s General Data Protection Regulation.

Under the California Online Privacy Protection Act (CalOPPA), the California State Attorney General and other enforcement agencies may bring lawsuits against companies who violate the law.

The circumstances of every business are different. Although you may be tempted to use another business’ policies, it is important for experienced counsel to review whether such a policy is appropriate for your business. For example, not every business needs a policy that deals with certain state or federal laws. An experienced lawyer can save time and money in drawing up a privacy policy that fits your business needs.

Businesses should consider website terms of use to protect the contents of the website and user terms of use for collection and use of personal information. Depending upon whether a business is subject to other laws, such as the CCPA, other notices and consents may be required. A business should consult with legal counsel regarding these documents.

If a business uses vendors for collection of information on a website or shares personal information with third parties, it should require such vendors to protect such personal information. Such agreements are sometimes referred to as a “data protection addendum” and should be drawn up in consultation with an attorney.

Yes. Numerous lawsuits have been brought against businesses through laws like CIPA involving third party technology, including tracking pixels, “chatbots”, and other technology.

Privacy and data security in today’s environment are an essential—not a luxury. TJ Toohey law believes it is important for a business to get things right from the start and that this will be more economical to a business in the long run. Because of our size and flexibility, we are able to represent clients of all sizes efficiently.

IT personnel are often overburdened by the day-to-day needs of a business. Although many IT personnel are knowledgeable about security issues, they may not be aware of the specific requirements of privacy laws. We work closely with IT personnel so that the business follows the law and best practices.

Some jurisdictions outside of the United States may have privacy laws that are different and stricter than those of this country. An experienced law firm, such as TJ Toohey Law, can advise you on any policies or procedures, if any, that you need to implement for such customers.

No. Hackers are opportunistic and employ bots and other technology to find weaknesses in businesses’ systems connected to the internet. Smaller businesses in fact may be more vulnerable to attack because they do not have the resources to protect security and may not have moved their data to the “cloud.” Smaller businesses may also not have the ability to survive such an attack, when an attack by hackers deprives them of access to employees, customers, and valuable proprietary information.

Cybersecurity policies are highly recommended, but vary considerably in their terms and coverage. You should consult with an experienced broker or lawyer to determine whether your policy is adequate for your needs. For example, some policies may not include coverage of payment of ransom to hackers or damages from misdirecting a wire transfer or payment.

It is important not to ignore such letters and to contact a lawyer if you receive such a claim. Experienced lawyers are frequently able to handle such claims efficiently.

Tim Toohey is a licensed California lawyer. Tim can assist clients in the US and other countries comply with the US and some international requirements. Tim serves not only California, but other states, including the Intermountain West and the states of Montana, Wyoming, Idaho and Utah.