As Privacy Laws Proliferate, All-Inclusive Compliance Tools Are Small Targets
Consumers grappling with privacy laws want their compliance solutions to conform to every new regulation hitting the books, but for developers that may require forging a closer working relationship with attorneys.
November 25, 2019 at 09:30 AM
4 minute read
Developers of privacy compliance tools may not be getting much rest any time soon. The number of international privacy laws on the table is set to grow by one in January with the launch of the California Consumer Privacy Act (CCPA), and states like Washington and New York could soon follow.
For developers, the multitude of potential privacy laws is akin to something of a catch-22: Companies on a budget may be reluctant to spend money on individualized compliance tools targeting the specific nuances of each state law, but formulating a successful "all-in-one" solution requires successfully threading many small needles.
"The one-size-fits-all program, it really cannot work in that you need a specific solution and a different solution depending on what laws you want to comply with," said Kimball Parker, president of Wilson Sonsini Goodrich & Rosati's tech subsidiary SixFifty.
Parker and SixFifty will be taking a toolbox approach to the problem, where for a flat fee costumers can gain access to all of the company's various privacy solutions as needed.
So far, SixFifty's compliance products have focused primarily on the CCPA, but the lab is in the process of building out modules geared specifically towards the European Union's General Data Protection Regulation (GDPR).
Parker compared the commonalities between the GDPR and the CCPA to a Venn diagram where there is some overlap, but with wide circles full of differences on either side. For example, the GDPR requires entities that make any kind of a change to the way they handle data to undergo an analysis as to what the impact to people's data will be. The CCPA does not.
"So if you just took your CCPA tools and applied them to the GDPR, that would be a glaring gap," Parker said.
However, that doesn't necessarily mean developers have to start completely from scratch when devising new compliance solutions to meet emerging laws. Parsons Behle Lab, the tech subsidiary of Parsons Behle & Latimer, offers both a GDPR compliance tool and a CCPA compliance tool.
Tomu Johnson, the lab's co-founder and CEO, compared the development process to an umbrella, with the GDPR providing a fairly robust cover under which layers devoted to the particulars of any subsequent privacy laws that emerge can be built.
"In that sense, you now have a product that addresses and is flexible with all of the different privacy laws that could come out, and can adapt to the different guidance that you are going to get from the attorneys general from all the different states as well," Johnson said.
He indicated clients are already keen to make their compliance solutions a one-time expense. Still, tech companies seeking to create tools that can navigate the peculiarities of each law may have to make one fundamental change to their development process: Getting more lawyers involved.
Johnson said tech companies have traditionally been shy about delivering services that may verge on legal advice due to bar association rules prohibiting such activity from non-lawyers. However, he pointed to states such as Utah that are beginning to relax such rules in the hopes of making legal services or guidance more readily accessible to consumers.
The competition that this would present to law firm tech subsidiaries may not be such a bad thing.
"At the end of the day we need it. I think that we've had more than enough time to try and provide legal services to the community in a technologically evolved way, and I don't know if we've delivered on the promise of that," Johnson said.
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
NOT FOR REPRINT
© 2025 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
You Might Like
View AllLaw Firms Mentioned
Trending Stories
- 1Six Benefits of Taking an Opposing Medical Expert’s Deposition
- 2Ex-Prosecutor’s Trial Ends as Judge Throws Out Her Felony Indictment in Ahmaud Arbery Death Case
- 3Conversation Catalyst: Transforming Professional Advancement Through Strategic Dialogue
- 4Trump Taps McKinsey CLO Pierre Gentin for Commerce Department GC
- 5Critical Mass With Law.com's Amanda Bronstad: 700+ Residents Near Ohio Derailment File New Suit, Is the FAA to Blame For Last Month's Air Disasters?
Who Got The Work
J. Brugh Lower of Gibbons has entered an appearance for industrial equipment supplier Devco Corporation in a pending trademark infringement lawsuit. The suit, accusing the defendant of selling knock-off Graco products, was filed Dec. 18 in New Jersey District Court by Rivkin Radler on behalf of Graco Inc. and Graco Minnesota. The case, assigned to U.S. District Judge Zahid N. Quraishi, is 3:24-cv-11294, Graco Inc. et al v. Devco Corporation.
Who Got The Work
Rebecca Maller-Stein and Kent A. Yalowitz of Arnold & Porter Kaye Scholer have entered their appearances for Hanaco Venture Capital and its executives, Lior Prosor and David Frankel, in a pending securities lawsuit. The action, filed on Dec. 24 in New York Southern District Court by Zell, Aron & Co. on behalf of Goldeneye Advisors, accuses the defendants of negligently and fraudulently managing the plaintiff's $1 million investment. The case, assigned to U.S. District Judge Vernon S. Broderick, is 1:24-cv-09918, Goldeneye Advisors, LLC v. Hanaco Venture Capital, Ltd. et al.
Who Got The Work
Attorneys from A&O Shearman has stepped in as defense counsel for Toronto-Dominion Bank and other defendants in a pending securities class action. The suit, filed Dec. 11 in New York Southern District Court by Bleichmar Fonti & Auld, accuses the defendants of concealing the bank's 'pervasive' deficiencies in regards to its compliance with the Bank Secrecy Act and the quality of its anti-money laundering controls. The case, assigned to U.S. District Judge Arun Subramanian, is 1:24-cv-09445, Gonzalez v. The Toronto-Dominion Bank et al.
Who Got The Work
Crown Castle International, a Pennsylvania company providing shared communications infrastructure, has turned to Luke D. Wolf of Gordon Rees Scully Mansukhani to fend off a pending breach-of-contract lawsuit. The court action, filed Nov. 25 in Michigan Eastern District Court by Hooper Hathaway PC on behalf of The Town Residences LLC, accuses Crown Castle of failing to transfer approximately $30,000 in utility payments from T-Mobile in breach of a roof-top lease and assignment agreement. The case, assigned to U.S. District Judge Susan K. Declercq, is 2:24-cv-13131, The Town Residences LLC v. T-Mobile US, Inc. et al.
Who Got The Work
Wilfred P. Coronato and Daniel M. Schwartz of McCarter & English have stepped in as defense counsel to Electrolux Home Products Inc. in a pending product liability lawsuit. The court action, filed Nov. 26 in New York Eastern District Court by Poulos Lopiccolo PC and Nagel Rice LLP on behalf of David Stern, alleges that the defendant's refrigerators’ drawers and shelving repeatedly break and fall apart within months after purchase. The case, assigned to U.S. District Judge Joan M. Azrack, is 2:24-cv-08204, Stern v. Electrolux Home Products, Inc.
Featured Firms
Law Offices of Gary Martin Hays & Associates, P.C.
(470) 294-1674
Law Offices of Mark E. Salomone
(857) 444-6468
Smith & Hassler
(713) 739-1250
