Lex Indicium

  • Data Mining and GDPR Compliance: Dealing with Obtaining EU Personal Information from Third Parties Under the GDPR (Including a Notification Checklist!)March 19, 2018

    As the effective date of the General Data Protection Regulation (GDPR) draws near, companies that collect, process, and use data relating to EU citizens need to be thinking proactively about issues they will face under the new directive. This post summarizes the discrete issue of how companies should start to manage data mining and data usage activities. Stay tuned as we continue to keep you updated in this space.

    As most are probably by now aware, the GDPR seeks to regulate the use and disclosure of the personal data of all individuals within the 28 EU member states. Though passed into law in May 2016, it does not become enforceable until May 25, 2018. Unlike most privacy regulations in the U.S., the EU defines the term “personal data” broadly—it includes “any information relating to an identified or identifiable natural person (the ‘data subject’).” This means that even the most basic contact information, such as business card details or simply a name and email address, falls under the GDPR’s protections. Public sources of information, such as a residential phone listing, are not exempted from the GDPR’s restrictions.

    To legally handle EU personal information harvested from third-party sources after May 25, … Keep reading

  • Test Your GDPR Preparedness: 7 Questions to Ask Your TeamFebruary 19, 2018

    With only 100 days to go until the General Data Protection Regulation becomes enforceable on May 25, it is increasingly imperative for organizations that process information relating to an identified/identifiable European person to have a firm grasp on what the regulation entails, as well as any associated impacts on business that can be reasonably expected. Here are seven key questions to ask yourself, your team, or your project manager, to gauge how prepared your organization is to meet the requirements under the GDPR.

    1. Has our data been inventoried and mapped, such that we have a complete understanding of our data flow?

    An essential prerequisite to developing a GDPR compliance plan is to have a detailed understanding of the lifecycle of the personal data processed by the organization. It is impractical to implement a reasonable GDPR compliance plan if the organization does not thoroughly understand the personal information it processes, how it was collected, where it is stored, and where and to whom it is transferred. The GDPR identifies specific categories of information that it expects organizations to keep records on, with respect to data processing.

    1. When personal information about people is collected indirectly from third-party sources (e.g., public databases,

    Keep reading

  • What’s In a Name?February 12, 2018

    Question: What do Sean Combs, J.K. Rowling, LeBron James, Lionel Messi, and Mark Wahlberg have in common? Two things, actually. First, they are all listed on the Forbes 2017 Celebrity 100 List; second, they all have gone to the trouble of registering their personal names as trademarks with the U.S Trademark Office. Indeed, of the first 20 celebrities on this “A” list, 19 have sought registration of their names as trademarks.

    Trademark Protections For Personal Names

    Under Federal law, everyone is entitled to seek protection of his or her name as a brand. The Lanham Act expressly provides that:

    No trademark by which the goods of the applicant may be distinguished from the goods of others shall be refused registration on the principal register on account of its nature unless it … consists of or comprises a name, portrait, or signature identifying a particular living individual except by his written consent.

    As indicated by the language of the statute, in addition to names, likenesses (portraits) and signatures of individuals are entitled to trademark registration. Several well-known entertainers have taken advantage of this right, including Meryl Streep, Robert De Niro, and Anthony Hopkins Keep reading

  • Alert to Privacy Shield Participants: You Could Lose Your Privacy Certification If You Ignore This WarningJanuary 29, 2018

    Does this look familiar?

    Recently, Privacy Shield participants started receiving these troubling alerts, purportedly from the International Trade Administration, warning that the recipient organization owes a new fee, and threatening to cancel that participant’s Privacy Shield certification if payment is not remitted by February 16, 2018. These alerts have all the classic markings of a phishing scam—appearing very official but containing a generic salutation, demanding payment for some otherwise unheard of fee, threatening dire consequences for failure to remit payment—so some of these alerts have undoubtedly gone ignored.

    Unfortunately, this is not another blog post about a new fraud alert. Rather, this post is an alert that, if you participate in the Privacy Shield program, you may need to take action before February 16, 2018, to maintain your certification.

    Alternative Dispute Resolution Under Privacy Shield Prior to September 13, 2017

    The EU-U.S. Privacy Shield is a self-certification program run through the Department of Commerce that provides a safe harbor for U.S. companies that process or transfer heavily regulated personal data of EU citizens in the U.S. Because the U.S. has comparatively lax laws on privacy and data security, to comply with EU regulations, its businesses must voluntarily agree to … Keep reading

  • That Sound Reminds Me of…January 22, 2018

    Part of the fun of trademark practice is its unique overlap with literature, art, science, culture, and psychology. Words and symbols are used as trademarks to identify sources of commercial goods; convey messages to consumers that go beyond their pure literal meaning; and, through a curious alchemy of psychology, repetition, aesthetic attraction, and cultural filtering, somehow evoke brand loyalty, leading consumers to open their wallets. Subtle, but powerful messaging animates buyer behavior.

    However, if psychology and/or science were the sole driver of branding campaigns, a lot more marketers would stop trying to find the next catchy phrase or word—”Covfefe,” “Google,” “Yelp“—and instead focus on what subliminal force is most likely to create the strongest bond between the consumer and the manufacturer. Despite smell and sound being the more profound links to human feelings and motivations, marketers rarely do more than play at the edges of these forces—by using a jingle occasionally, for example.

    Psychoacoustics and the Associations Created by Sound

    We’ve all experienced the sensation of hearing a piece of music, or even a familiar sound, and having it transport us back in time to some experience from our youth. When it happens, … Keep reading

Email Confirmation

Thank you for your interest in Burns & Levinson LLP. Please be aware that unsolicited e-mails and information sent to Burns & Levinson though our web site will not be considered confidential, may not receive a response, and do not create an attorney-client relationship with Burns & Levinson. If you are not already a client of Burns & Levinson, do not include anything confidential or secret in this e-mail. Also, please note that our attorneys do not seek to practice law in any jurisdiction in which they are not authorized to do so.

By clicking "OK" you acknowledge that, unless you are a current client, Burns & Levinson does not have any obligation to maintain the confidentiality of any information you send us.