wyrick.com
Contributor

Alex M. Pearce

Alex M. Pearce

Bio

Alex dedicates his practice to privacy and data security law. He assists clients with compliance strategies, policy development and implementation, data monetization and data use analyses, privacy and security issues in transactions, privacy and security incident response, and regulatory and litigation matters that involve privacy and data security issues.

View Full Bio

Alex's Posts

Tag Icon

CalPrivacy’s Latest Data Broker Crackdown: Three Practical Takeaways for Companies

The California Privacy Protection Agency has issued two new enforcement decisions that underscore its expanding focus on data broker accountability under the…

Read Post
Tag Icon

California’s New CCPA Cybersecurity Audit Regulations: A Roadmap to “Reasonable” Security?

Last week, the California Privacy Protection Agency (“Agency”) approved adoption of detailed new regulations under the CCPA that will include (among other…

Read Post

The Justice Department’s New Rule on Access to U.S. Sensitive Personal Data and Government-Related Data by Countries of Concern or Covered Persons: A Guide to Determining Whether Your Business is Covered

The U.S. Department of Justice recently adopted a new Rule on Access to U.S. Sensitive Personal Data and Government-Related Data by Countries of Concern…

Read Post
Tag Icon

5 Reasons Virginia’s New Reproductive and Sexual Health Privacy Law is a BFD for Business (Spoiler: There’s a Private Right of Action)

In a development that seems to have flown mostly under the radar this week, Virginia’s governor signed on Monday SB754, a bill…

Read Post
Tag Icon

Analyze This: OCR Kicks Off 2025 with Two New HIPAA Enforcement Actions Against Business Associates as Part of New Risk Analysis Initiative

Just two weeks into the year, 2025 is already shaping up to be a busy year for privacy lawyers, especially those tasked with helping covered…

Read Post

Cookie Cutter: NY AG Announces Cookie Scrutiny with Business Guide to Website Privacy Controls

Website privacy controls—in the form of banners and pop-ups asking visitors to agree to, or reject, a website’s use of cookies, pixels, and similar technologies…

Read Post
Tag Icon

Sense and Sensitivity: Latest FTC Enforcement Actions Continue Focus on Sensitive Health Data

We’ve talked before about the FTC’s focus on consumer health privacy. In cases against BetterHelp and GoodRx, a…

Read Post
Tag Icon

FTC Gives it to X-Mode: 5 Lessons from the Agency’s Latest Consumer Location Data Case

The FTC announced an action last week against location data broker X-Mode Social and its corporate successor Outlogic (collectively, “X-Mode”) based on several alleged…

Read Post
Tag Icon

The Next Post They Write Might Be About You: The FTC’s Business Blog Calls Out Health Data Practices That Can Violate Section 5

In another example of the agency’s practice of regulation by blog, the FTC published last week a Business Blog…

Read Post
Tag Icon

Less Is More, Too Much Is Not Enough: What the Irish DPC’s €390 Million Fine Against Meta Could Mean for Your Privacy Notice

European data protection authorities kicked 2023 off with a bang when, on January 4, the Irish Data Protection Commission (DPC) announced that…

Read Post
Tag Icon

Glow Up or Blow Up: Five Takeaways from the CCPA Enforcement Action Against Sephora

As we discussed last year, the California Attorney General’s Office (“OAG”) has been wielding its enforcement authority under the California Consumer Privacy…

Read Post
Tag Icon

Carnival Cruise Line’s $1.25 Million Multistate Breach Settlement: 5 Lessons to Avoid and Mitigate Unstructured Data Breaches

Corporate email systems can often become repositories of personal information, with sensitive data elements appearing in the bodies of messages and their attachments, often with…

Read Post
Tag Icon

Buyers Beware: the FTC’s Case Against CafePress Highlights Privacy and Data Security Risks in Corporate Transactions

Last week the Federal Trade Commission announced a privacy and data security enforcement action against the online retail platform CafePress. The allegations in the…

Read Post
Tag Icon

To-Do in 2022: Top 5 Data Protection Contracting Tasks

Since 2018, a consistent stream of newly adopted privacy laws and other regulatory developments (such as GDPR, CCPA, Schrems…

Read Post
Tag Icon

The EU Commission’s New SCCs for International Transfers: Top 5 Immediate Takeaways

Ending months of anxious speculation from privacy lawyers around the globe, the European Commission announced on Friday that it had adopted final versions of the…

Read Post
Tag Icon

High Stakes: North Carolina Consumer Privacy Bill Sees Virginia’s CDPA and Raises a Private Right of Action with Automatic Treble Damages

Since California enacted the CCPA in 2018, legislatures in other states throughout the country have sought to pass their own comprehensive privacy laws. So far,…

Read Post
Tag Icon

Cranking up the Pressure: Federal Financial Regulators’ Proposed Rule on Computer-Security Incident Notification and How it Could Impact Banks, Fintech Firms, and Other Bank Service Providers

From California to Europe, the final months of 2020 featured several high-profile developments in the privacy and data security fields. One development that…

Read Post
Tag Icon

The California Attorney General’s Settlement with Glow: A Wake-Up Call for Consumer Health App Developers

Consumer-directed health apps are experiencing a boom thanks to COVID-19, as consumers seeking to avoid doctors’ office waiting rooms are increasingly…

Read Post
Tag Icon

Could Data Subjects or EU Supervisory Authorities Use the US Court System to Enforce GDPR?

United States companies without a presence in Europe often ask us whether they need to comply with GDPR.  Often the answer (as with most things…

Read Post
Tag Icon

Zoom for Improvement: Lessons Learned from Zoom’s Privacy and Security Backlash

As anyone working from home amid the ongoing coronavirus pandemic can appreciate, the video conferencing platform Zoom has rocketed to popularity as the app of…

Read Post
Tag Icon

Back to the Drawing Board? The Top Ten Impacts of the California AG’s Modified CCPA Regulations (Part 2 of 2)

Last Friday, the California Department of Justice released a modified version of the Department’s proposed…

Read Post
Tag Icon

So Don’t Sue Me: Strategies for Responding to CCPA Consumer Enforcement Notices

After a holiday break marked by a steady stream of emails from media, technology, and retail companies announcing updates to their privacy policies, the California…

Read Post
Tag Icon

Update Your Status: Takeaways from Facebook’s $100 Million Privacy Settlement with the SEC

The Federal Trade Commission’s historic $5 billion civil penalty against Facebook for the Cambridge Analytica scandal has been the subject of intense coverage…

Read Post
Tag Icon

Latest GDPR Fine Emphasizes Need for Privacy and Data Security Due Diligence in Corporate Acquisitions

Hot on the heels of yesterday’s announcement that it intends to impose a record-setting $230 million GDPR fine on British Airways for a…

Read Post