Data protection and privacy issues frequently intersect with other areas of the law. In addition to the Data Protection Report, Norton Rose Fulbright publishes other blogs covering important legal developments across the globe. These blogs sometimes touch on issues that may be of interest to our readers. As a service to our readers, we highlight some recent posts from our sister blogs:

  • Better Business Bureau’s New “Native Advertising” Guidance (The Brand Protection Blog, November 3): The Better Business Bureau updated its Code of Advertising to address “native advertising” and ensure that, if it is not apparent that an ad is a paid commercial message, the advertiser “must ensure that such material promoting its products and services is clearly and conspicuously labeled as a ‘paid ad,’ ‘paid advertisement,’ ‘sponsored advertising content’ or other similar words that state expressly that the material is an advertisement.” The post also addresses recent activity from the National Advertising Division regarding native advertising and the FTC’s position on native advertising.
  • Time to update your employee handbook (Global Workplace Insider, November 3): The US National Labor Relations Board has been active in pursuing companies regarding their policies that allegedly constrain employees’ ability to engage in protected concerted activity. This post analyzes a recent National Labor Relations Board decision that found several Chipotle company policies, including policies regarding employee social media use and confidential information, to be unlawful. The author suggests that employers regularly review employee handbooks to ensure compliance with the law. (Last year, the NLRB also addressed a duty to bargain with unions regarding breach response, as we have previously covered.)
  • South Africa: POPI Regulator to commence duties on 1 December 2016 (Financial Services: Regulation Tomorrow, October 27): South Africa now has an Information Regulator to enforce the Protection of Personal Information (POPI) Act. It is reasonable to expect the promulgation of regulations in the near future. However, a commencement date for POPI, a 2013 law, has not yet been announced, and organizations will not be liable for fines for non-compliance for a period of 12 months from the commencement date.
  • Thinking of your target’s acquisition: is your cybersecurity risk assessment sufficient? (Deal Law Wire, October 26): Cybersecurity (and privacy) issues can have a significant impact on M&A transactions. For instance, the recent revelation of a data breach of Yahoo email accounts has prompted Verizon to ask for a $1 billion discount off of its initial offer of $4.8 billion to acquire Yahoo and has stated that the revelation of the data breach represents a material impact that would allow Verizon to withdraw from the deal. The authors suggest some issues to consider for companies conducting cybersecurity due diligence in M&A transactions.

To subscribe for updates from our Data Protection Report blog, visit the email sign-up page.