Photo of Kathleen Porter

Kathy Porter's practice straddles the areas of intellectual property, business transactions, trade regulation, and Internet law and includes import/export control issues, such as compliance and enforcement, competition, privacy, and data security. She counsels businesses on the development and implementation of data security and privacy practices to comply with the patchwork of laws and rules applicable to the collection, use, safeguarding, sharing, and transfer of protected or personal data. She regularly structures arrangements with promoters, marketers, website exchanges, and other third parties for the purchase, sale, sharing, and safeguarding of personal data. Kathy prepares and negotiates representations, warranties, and indemnities regarding personal or protected data and privacy and data practices. She also assists clients with privacy audits and works with third-party certification organizations to obtain certification of companies' privacy practices. She guides clients through internal investigations to assess and address notice and other obligations regarding privacy breaches. Kathy often works closely with our litigation attorneys to manage external investigations such as those by federal or state regulators. Read her rc.com bio here.

Last week, the High Court of Ireland submitted eleven questions to the Court of Justice for the European Union (CJEU) to consider about the personal data transfer regime between the European Union (EU) and the United States. This referral stems from a new claim by Max Schrems, an Austrian lawyer and privacy activist. Schrems previously

Facebook reports that the personal data of 87 million Facebook users, mostly located in the United States, “may have been improperly shared” with British data analytics firm Cambridge Analytica. Previous estimates put the possible scope of improper sharing at about 50 million users. The increased number was calculated by Facebook by totaling the friends of

On March 23, 2018, the President signed into law the Consolidated Appropriations Act of 2018 (H.R. 1625), an omnibus spending bill that includes the Clarifying Lawful Overseas Use of Data Act (the CLOUD Act). Among other provisions, the CLOUD Act amends the Stored Communications Act of 1986 (18 U.S.C. §§ 2701-2712, hereinafter the

Facebook and the English data analytics firm Cambridge Analytica (CA) are facing intense scrutiny in response to numerous reports about the possible misuse of data of 50 million Facebook accounts. The data was originally collected through a third party personality test app and later reportedly improperly transferred to CA and/or its parent company Strategic Communications

This week, the world learned of widespread and serious vulnerabilities in most central processing units (CPU). CPUs manage the instructions received from the hardware and software running on a computer.  The vulnerabilities, named Meltdown and Spectre, affect virtually every computer existing today, in particular those with Intel, Advanced Micro Devices, Inc. (AMD), Nvidia and Arm

As we approach calendar year end, traditionally the busiest period of the year for mergers and acquisitions, it is worth revisiting whether our existing competition law framework can and does properly assess the market power of big data.

This spring, The Economist magazine joined the ranks of some antitrust regulators, particularly from the EU, in

In an order issued on October 16, 2017, the U.S. Supreme Court granted certiorari in United States v. Microsoft Corporation, a case with potentially far-reaching implications for the privacy of electronic data maintained by technology companies across the globe.

The case, which Robinson+Cole has previously discussed here, here, and here, arises from a warrant obtained by the Department of Justice (DOJ) under the Stored Communications Act (SCA).[1] The SCA was enacted in 1986 to protect the privacy of electronic communications, including by extending privacy protections to electronic records analogous to those afforded under the Fourth Amendment to the U.S. Constitution.[2] In relevant part, the SCA requires a governmental entity in most instances to secure a warrant in accordance with the Federal Rules of Criminal Procedure to compel disclosure of electronic communications stored by a service provider.[3]
Continue Reading Supreme Court to Hear Microsoft Emails Case

Japan and the European Union announced an agreement in principle on major components of a substantial free trade deal on the eve of the recent G20 summit in Hamburg. This free trade deal rivals NAFTA in scope and impact, as it will impact 40 percent of the world’s trade. Once finalized, this free trade pact