Data Privacy & Security Blog

Algorithms are computer code that forms the heart of all computer software, including artificial intelligence (AI) software.  AI algorithms have the ability to continuously refine their analyses as additional data are introduced to the software. AI algorithms are embedded in a wide range of software now in widespread use for commercial applications such as financial services, computer network security, and processing of employment applications.  In this environment, many users now routinely apply AI algorithm analysis to data they provide, yet they do not have a complete understanding of how the embedded algorithms use the data. To the extent that some... READ MORE >

Jim Koons Automotive Company, a well-established network of car dealerships in this region, currently is working to resolve the impact of a reportedly major data breach. This incident provides important lessons for businesses and consumers alike regarding the challenges associated with effective management of consumer data and appropriate responses to data security breaches. Alliance Law Group can help businesses of all sizes to manage sensitive data effectively and to respond appropriately in the event of security breaches. Alliance Law Group also can help individual consumers who are affected by data security breaches to protect their rights and interests. According to... READ MORE >

For many years, certain industries, technology for example, have dealt with a work trend characterized as “overemployment.” This is the case where one employee works two full-time jobs simultaneously, and neither employer is aware of the situation. Overemployment raises important legal issues for both the employers and the employees involved, including issues associated with computer and data security. As the COVID-19 pandemic has increased the number of workers working remotely, a growing number of those workers are now experimenting with overemployment. As this trend is likely to remain in place even as the pandemic eases, it is important that employees... READ MORE >

The Virginia Consumer Data Protection Act (CDPA), which becomes effective on January 1, 2023, includes a requirement that all parties obtaining data processing services from third party vendors must enter into binding written agreements with those service providers. Data processing services include a wide range of services involving the collection, sharing, and analysis of consumer data. Although organizations that do not fall within the scope of the CDPA are not required to execute such written contracts, there are several reasons why those organizations may choose to enter into written contracts. Alliance Law Group LLC can work with your organization to... READ MORE >

The Virginia Consumer Data Protection Act (CDPA) establishes a tool known as “data protection assessments” to help safeguard consumer data privacy. Data protection assessments are mandatory for organizations subject to the CDPA when those organizations process consumer data for certain purposes. Data protection assessments are analyses of the relative impact of the proposed data use on the consumer, the organization processing the data, other stakeholders, and the general public. The assessments must include a comparison of the potential benefits of the data use to the consumer, the data collector, other stakeholders and the public with the potential harm that may... READ MORE >

In 2021, the Virginia Consumer Data Protection Act (CDPA) was enacted. It will become effective on January 1, 2023. Structured along the lines of consumer data protection laws previously implemented in the European Union and in California, the CDPA establishes a broad set of data privacy rules intended to help protect personal consumer information. All Virginia businesses, and those based elsewhere but operating in Virginia, that are subject to the Act should use 2022 to become familiar with the terms of the CDPA and to develop strategies and practices to comply with the Act by the beginning of 2023.  Alliance... READ MORE >

Today, businesses of all sizes engaged in a wide variety of ventures routinely maintain cyber-insurance, i.e., insurance coverage to protect against digital threats that challenge computers, data, and online presence. Recently, one form of digital threat, ransomware, has become the most popular type of malicious digital conduct threatening businesses around the world. A growing number of businesses are learning the hard way that basic cyber-insurance does not always provide adequate protection in the event of a ransomware attack. Businesses currently maintaining cyber-insurance should carefully review their coverage to make sure that it addresses ransomware attacks. Businesses that do not currently... READ MORE >