Sign Up for Alerts
Sign up to receive receive industry-specific emails from our legal team.
Sign Up for Alerts
We provide tailored, industry-specific legal updates to our clients and other friends of the firm.
Areas of Interest
April 1st, 2022
Are “Privacy-First” Clean Rooms Safe From Regulators?
Privacy & Data Security Group Chair Daniel M. Goldberg was quoted in the article, “Are ‘Privacy-First’ Clean Rooms Safe From Regulators?” published by Cybersecurity Law Report. The article discusses “data clean rooms” which enable companies to share consumer data with each other for targeted marketing while supposedly protecting privacy. Daniel is quoted saying, “Does this really move the industry forward? Or are we solving the issue of the disappearing third-party cookie, but bringing companies another bucket of privacy concerns?” He adds, “Not all data clean rooms rely on the same technology or security measures. They definitely could be subject to scrutiny, especially by regulators who don’t understand the technical nuances in the technology.”
Daniel comments on the claimed protections of a clean room, “you can use your first-party data to facilitate the types of advertising that you wanted to do previously. Don’t worry about the fact that third-party cookies are going away. We will still allow you to achieve what you need to be achieving.” Companies having an interest in clean rooms is positive, Daniel noted. This shows a company is “already thinking about the sophistication and importance of deidentifying data and the security around it,” he said.
Daniel says, “From a regulatory perspective, using a clean room sounds great in theory” because clean rooms have promoted themselves as privacy secure. However, Daniel notes, “clean rooms each have their secret sauce, with proprietors citing ‘fragmented architectures’ and other obscure approaches to protect PII.” One recently acquired start-up, DataFleets, noted that its clean-room technology “is very cutting edge and uses privacy-preserving algorithms coming out of academia and other corporate research programs.”
Regulators have already batted at adtech magic, Daniel said. They may look past the de-identified means of data sharing to focus on its ends: companies are using clean rooms to effectively target consumers on a one-to-one basis. He says, “A regulator's interpretation may be that there should not be any individually targeted ads in the ecosystem at all, period."
Given the potential regulations with clean rooms Daniel says, “Companies should investigate how the provider strips out identifiers and stops reversals of the process. Companies must confirm the clean room’s deidentification approach sufficiently ensures that one is not able to re-identify people in any context.” Daniel advises, “Companies should check the security of the systems to ensure that access restrictions are operating and rely on two-factor authentication or stronger measures.”
Daniel suggests a marketing or sales team to learn about the contract language review, “A marketing team or sales team is talking to the sales representative of the clean room, who will make all these promises around how it works. When you look at the contractual language, it doesn’t necessarily impose all those obligations or expressly state or incorporate those,” he said.
“Get on the line with the technical team, those who actually are responsible for the product, so they can explain to you how the product works,” Daniel says. Ask questions around what data goes in and how the data is joined with other data. What type of analytics can each party perform on the data? Companies considering using a clean room should confirm that the contract specifies the implementation measures, Daniel adds. The contract also should show what type of data can leave the room. “One reason that these clean rooms exist and are effective is because they compile the data of many, many different customers,” Daniel adds in conclusion.
Read the full article here. (Behind paywall)
Other Quoted
Key Amendments to the New York Rules of Professional Conduct
The New York Law Journal quotes Tyler C. Maulsby on the recently amended Rules of Profesisonal Conduct, which will affect conflicts, screening of laterals, fairness to opposing counsel, and more. (Behind paywall) View Article
April 1 2025
Duke’s ‘White Lotus’ Cameo Not Likely An IP Problem for HBO
Law360 quotes Kimberly M. Maynard on whether HBO was within its rights to use Duke University's apparel in its artistic expression on the dark comedy show "The White Lotus." Kim argues that when discussing something that's clearly an artistic expression, brand owners' rights are fairly limited by the First Amendment and the Rogers case, even as amended by the Jack Daniels' case. (Behind paywall) View Article
March 31 2025
The Television Academy’s Second Annual AI Summit Pushed Calm—and Concern
IndieWire quotes Andrew Folks who spoke on a panel of legal experts at the Television Academy’s AI Summit at the Saban Media Center in North Hollywood. The speakers addressed AI's impact on the industry and talent. Mr. Folks stated that privacy and copyright laws “are grappling” to address AI. He explained regulatory actions, and the application of copyright law. He also discussed litigation, including how OpenAI and Google in a government proposal argued that fair use protections apply to all copyrighted material used for AI purposes. The article noted, "over 400 A-List Hollywood power players condemned such an action." View Article
March 21 2025