Lindsey L. Tonsager

March 29, 2021

Lindsey Tonsager is quoted in Law360 regarding the California Privacy Protection Agency’s role in enforcing the California Consumer Privacy Act and other privacy protection laws. Ms. Tonsager notes that these new regulations will cover “broader ground” than the existing attorney general regulations implementing the CCPA. “For example, the new regulations will ...

March 18, 2021, Inside Privacy

The five members of the California Privacy Protection Agency (“CPPA”) were announced today.  The members – who were appointed by Governor Newsom, Attorney General Becerra, Senate President pro Tempore Atkins, and Assembly Speaker Rendon – will lead the new agency, which will have rulemaking and enforcement authority under the California Privacy Rights Act ...

February 26, 2021, Inside Privacy

Several states have proposed new privacy bills since their sessions began.  Some of the proposed bills carry over or re-introduce bills drafted in previous legislative sessions, while others are introducing first-in-time omnibus privacy bills.  In the high-level chart below, we compare five of the key state privacy frameworks: the CPRA, VCDPA (which we blogged ...

January 26, 2021, Inside Privacy

On January 7, the Federal Trade Commission (“FTC”) reached a proposed settlement with Tapjoy, a California-based company that operates an advertising platform within mobile gaming applications.  According to its complaint, the FTC alleges that Tapjoy deceived consumers by failing to provide in-game rewards it promised for completing actions associated with ...

January 21, 2021, Inside Privacy

Washington State Hearing on Latest Privacy Bill Highlights Competing Interests For Best Practices and Data Minimization  On January 14, 2020, Washington’s State Senate Committee on Environment, Energy & Technology received public testimony about Senate Bill 5062, the “Washington Privacy Act.”  Representatives from trade associations, the Attorney General’s ...

January 5, 2021, Inside Privacy

Judge Freeman of the U.S. District Court for the Northern District of California dismissed a class action against Google and several YouTube channel owners alleging various violations under California state law.  Plaintiffs alleged Defendants infringed their children’s privacy and consumer rights by collecting personal information and delivering targeted ...

January 5, 2021, Inside Privacy

Last year, Californians passed proposition 24, also known as the California Privacy Rights Act (“CPRA”). That law makes several changes to the California Consumer Privacy Act (“CCPA”), including some that relate to an organization’s cybersecurity practices. So, as you begin to prepare your organization’s CPRA compliance strategy, keep in mind the following ...

January 3, 2021, Law360

Lindsey Tonsager is quoted in Law360 regarding the major cybersecurity and privacy policy issues to watch in 2021. Ms. Tonsager spoke about the ramp up in California Consumer Privacy Act enforcement. She says, “The agency [California Privacy Protection Agency] will have the broadest authority in the country to issue regulations on topics like automated ...

December 21, 2020, Inside Privacy

As the year comes to a close, a reminder that the California Consumer Privacy Act requires companies to update their privacy policies annually. Consequently, as you get ready to spread the holiday cheer, make sure your privacy policy gets some attention as well.… Continue Reading

December 11, 2020, Inside Privacy

Yesterday, the California Attorney General (“AG”) proposed a fourth set of modifications to the California Consumer Privacy Act regulations. These modifications build on the third set of proposed regulations released by the AG in October, which we discussed here. Interested parties have until December 28 to submit comments in response. The proposed modifications ...

December 10, 2020

WASHINGTON—Global Data Review has named Covington to The GDR 100 Elite. The ranking profiles the top 20 firms with a broad international presence and a consistent track record of delivering cutting-edge advice to household name clients around the world, who between them handle the lion’s share of cross-border work in data privacy. The firms featured in The GDR ...

November 12, 2020

SAN FRANCISCO—The Daily Journal has named Lindsey Tonsager to its 2020 Top Cyber Lawyers list, a recognition of the leading California lawyers who specialize in cybersecurity law. Ms. Tonsager is a partner in Covington’s San Francisco office and serves as vice chair of the firm’s global privacy and cybersecurity practice, as well as head of its West Coast ...

November 5, 2020, Inside Privacy

Voters in California approved Proposition 24, which updates the California Consumer Privacy Act (“CCPA”) just a few months after the landmark regulations implementing the privacy law went into effect.  As we have previously explained, the California Privacy Rights Act (“CPRA”) will change the existing CCPA requirements in a number of ways, including limiting the ...

November 5, 2020, IAPP

Lindsey Tonsager spoke with IAPP about California's Proposition 24. Ms. Tonsager says, “Privacy pros should be reminding their colleagues that even though we now know the CPRA has passed, many of the CPRA’s details still need to be clarified and defined through regulation.” Establishment of the new enforcement agency will also be worth paying attention to. She ...

November 4, 2020, Los Angeles Times

Lindsey Tonsager is quoted in the Los Angeles Times regarding California’s Proposition 24, which will have major implications for online privacy. Ms. Tonsager says companies will be watching the composition of the board closely. She adds, “There is going to be a lot on the line depending on how this newly constituted board decides to interpret and enforce the ...

October 27, 2020, Covington Alert

The November 3, 2020 election is likely to be a watershed event in the development of privacy law in the U.S. This client alert provides a high-level overview of the areas in which change is likely to occur, depending on how the election turns out. 1. Federal Legislation Unlike most countries of its size, the U.S. does not yet have a broadly applicable data ...

October 16, 2020, Inside Privacy

On Monday, the California Attorney General (“AG”) proposed a third set of modifications to the recently enacted California Consumer Privacy Act (“CCPA”) regulations.  Interested parties have until October 28 to file comments in response. These proposed modifications are the latest effort in an extensive rulemaking process that has lasted more than a year.  Most ...

October 5, 2020

SAN FRANCISCO— The Recorder has named Covington’s Lindsey Tonsager to its second annual list of “California Trailblazers.” The list profiles 50 lawyers who made significant marks on the practice, policy, and technological advancement of their practice. As head of Covington’s West Coast Privacy and Cybersecurity practice, Ms. Tonsager helps some of the world’s ...

July 17, 2020, Inside Tech Media

In this update, we detail the key legislative updates in the second quarter of 2020 related to artificial intelligence (“AI”), the Internet of Things (“IoT”), cybersecurity as it relates to AI and IoT, and connected and automated vehicles (“CAVs”). The volume of legislation on these topics has slowed but not ceased, as lawmakers increasingly focus...… Continue ...

July 15, 2020, Covington Alert

In this update, we detail the key legislative updates in the second quarter of 2020 related to artificial intelligence (“AI”), the Internet of Things (“IoT”), cybersecurity as it relates to AI and IoT, and connected and autonomous vehicles (“CAVs”). The volume of legislation on these topics has slowed but not ceased, as lawmakers increasingly focus on the ...

June 22, 2020, Covington Alert

On June 1, California Attorney General Xavier Becerra announced that he has submitted to the Office of Administrative Law the final regulations implementing the California Consumer Privacy Act (“CCPA”). While the final regulations do not make any changes to the second modified version of the regulations released in March, the commentary released by the Attorney ...

May 12, 2020, Inside Tech Media

Though it seems like the distant past now, in this update we detail the notable legislative events from the first quarter of 2020 on artificial intelligence (“AI”), the Internet of Things (“IoT”), cybersecurity as it relates to AI and IoT, and connected and autonomous vehicles (“CAVs”). Prior to the slowdown in non-COVID related legislation that...… Continue ...

May 7, 2020, Covington Alert

Though it seems like the distant past now, in this update we detail the notable legislative events from the first quarter of 2020 on artificial intelligence (“AI”), the Internet of Things (“IoT”), cybersecurity as it relates to AI and IoT, and connected and autonomous vehicles (“CAVs”). Prior to the slowdown in non-COVID related legislation that accompanied the ...

April 8, 2020, Covington Alert

As the world moves online during the COVID-19 pandemic, companies’ privacy and security practices are coming under increased scrutiny. Because class actions often follow such scrutiny, as demonstrated by lawsuits recently filed against Google and Zoom, companies should keep the following six developments on their radar as they rush to meet the demands of our new ...

January 24, 2020, Inside Tech Media

U.S. federal policymakers continued to focus on artificial intelligence (“AI”) and the Internet of Things (“IoT”) in the fourth quarter of 2019, including by introducing substantive bills that would regulate the use of such technology and by supporting bills aimed at further study of how such technology may impact different sectors. In our fourth AI...… Continue ...

January 24, 2020, Covington Alert

U.S. federal policymakers continued to focus on artificial intelligence (“AI”) and the Internet of Things (“IoT”) in the fourth quarter of 2019, including by introducing substantive bills that would regulate the use of such technology and by supporting bills aimed at further study of how such technology may impact different sectors. In our fourth AI & IoT ...

January 13, 2020, Global Data Review

Lindsey Tonsager is quoted in Global Data Review regarding a recently released draft privacy bill from the US House Committee on Energy & Commerce which differs from current Senate bills. With roughly a quarter of House Democrats coming from California, Ms. Tonsager told GDR that there will be major opposition to pre-emption in the House. “We’ve already seen the ...

January 1, 2020, Financial Times

Lindsey Tonsager spoke with the Financial Times about the California Consumer Privacy Act (CCPA) and the different ways companies are trying to comply with the new law. Addressing some companies’ efforts to create self-serve portals to handle users’ privacy requests, Ms. Tonsager says, “This works fine but if you get a high spike of data access requests — right ...

December 4, 2019, Daily Journal

Lindsey Tonsager is quoted in Daily Journal regarding a new voter initiative designed to improve consumer privacy in California. Ms. Tonsager says, “The new ballot initiative has introduced some uncertainty into the conversation for businesses. There has been a real whiplash throughout the whole process of the CCPA. It was enacted back in 2018, and its already ...

November-December 2019, Privacy & Cybersecurity Law Report

October 29, 2019

As the effective date of the California Consumer Privacy Act looms closer, companies are grappling with the significance of the law and its definitions. One defined term in particular, “sale,” has sparked heated debate between industry and consumer advocates, and even within the legal profession. While much has been said about this term, more needs to be said. ...

October 22, 2019, Inside Tech Media

Federal policymakers continued to focus on artificial intelligence (“AI”) and the Internet of Things (“IoT”) in the third quarter of 2019, including by introducing substantive bills that would regulate the use of such technology and by supporting bills aimed at further study of how such technology may impact different sectors. In our third AI &...… Continue ...

October 21, 2019, Covington Alert

Federal policymakers continued to focus on artificial intelligence (“AI”) and the Internet of Things (“IoT”) in the second quarter of 2019, including by introducing substantive bills that would regulate the use of such technology and by supporting bills aimed at further study of how such technology may impact different sectors. In our third AI & IoT Quarterly ...

October 11, 2019, Covington Alert

On October 10, 2019, California state attorney general Xavier Becerra announced the release of proposed implementing regulations concerning the California Consumer Privacy Act (CCPA). Interested stakeholders can submit written comments until December 6, 2019 at 5 PM (Pacific Time). In addition, four public hearings will be held on December 2nd (Sacramento), ...

October 10, 2019, Covington Alert

On Monday, the Federal Trade Commission held a workshop to examine whether to update the FTC’s rule adopted under the Children’s Online Privacy Protection Act (“COPPA Rule”). The Future of the COPPA Rule: An FTC Workshop featured a range of speakers and panelists, including representatives from industry, consumer groups, and academia.

September 30, 2019, Global Data Review

Lindsey Tonsager spoke with Global Data Review about proposed amendments to the California Consumer Privacy Act filed by Alastair Mactaggart of the Californians for Consumer Privacy. Ms. Tonsager said that given the time and resources spent on preparing staff within California’s office of the attorney general for the CCPA, she was “baffled” to see the proposal ...

September 27, 2019, Covington Alert

Real estate developer Alastair Mactaggart is making news with the announcement of another privacy ballot initiative, the California Privacy Rights and Enforcement Act (“CPREA”). He intends to include his new initiative on the November 2020 ballot.

September 26, 2019, Financial Times

Lindsey Tonsager is quoted in the Financial Times regarding the California Consumer Privacy Act’s effect on businesses in the state and around the world. Ms. Tonsager says, “Once the new law takes effect, the California attorney-general will overnight become one of the most powerful privacy regulators in the world.” She adds, “Companies that already had to apply ...

September 16, 2019, Global Data Review

Lindsey Tonsager spoke with Global Data Review about the recently-passed California Consumer Privacy Act. Ms. Tonsager says the issues the attorney general need to clarify include what a “do not sell my personal information” link should look like on company websites, how that link should be formatted, and where it should be placed. One of the most important ...

September 11, 2019, Legaltech News

Lindsey Tonsager is quoted in Legaltech News regarding Google’s settlement with the FTC involving violations of the Children's Online Privacy Protection Act. Ms. Tonsager says, “This is the first FTC settlement that dealt with behavioral advertisements against a platform that just hosts third-party content.” She noted FTC Commissioner Rebecca Kelly Slaughter’s ...

September 10, 2019, The Recorder

July 25, 2019, Legaltech News

Lindsey Tonsager spoke with Legaltech News about the FTC’s public request for comment on the Children’s Online Privacy Protection Act (COPPA). Ms. Tonsager said, “Regardless of whether the FTC is looking at the rule or not, I think the common best practice is to collect only the information that you need. The data minimization helps regardless if the regulator ...

July 18, 2019, Inside Tech Media

Federal and state policymakers continued to focus on artificial intelligence (“AI”) and the Internet of Things (“IoT”) in the second quarter of 2019, including by introducing both substantive measures that would regulate the use of the technology and by supporting funding bills aimed at increasing investment. In our second AI & IoT Quarterly Legislative ...

July 17, 2019, Covington Alert

Federal and state policymakers continued to focus on artificial intelligence (“AI”) and the Internet of Things (“IoT”) in the second quarter of 2019, including by introducing both substantive measures that would regulate the use of the technology and by supporting funding bills aimed at increasing investment. In our second AI & IoT Quarterly Legislative Update, ...

July 9, 2019, Wall Street Journal

Lindsey Tonsager is quoted in the Wall Street Journal regarding the initiative to increase artificial intelligence legal practices. Ms. Tonsager says data is the fuel that drives artificial intelligence, but it can come with legal restrictions. Companies acquiring datasets need to be sure their contracts give them the right to use the data to train algorithms. ...

June 27, 2019

SAN FRANCISCO—The Daily Journal has named Lindsey Tonsager to its 2019 “Top Artificial Intelligence Lawyers,” recognizing the top artificial intelligence lawyers in California. Ms. Tonsager co-chairs the firm’s Artificial Intelligence Initiative, which is a cross-functional practice advising companies developing or utilizing AI technologies. She is advising ...

June 25, 2019, Covington Digital Health

Last week, Senators Amy Klobuchar (D-MN) and Lisa Murkowski (R-AK) introduced the Protecting Personal Health Data Act (S. 1842), which would provide new privacy and security rules from the Department of Health and Human Services (“HHS”) for technologies that collect personal health data, such as wearable fitness trackers, social-media sites focused on health ...

May 14, 2019, PayTV Show

May 1, 2019, Inside Tech Media

Federal and state policymakers introduced a range of new measures on artificial intelligence (“AI”) and the Internet of Things (“IoT”) in the first quarter of 2019. In our initial AI & IoT Quarterly Legislative Update, we detail the notable legislative events from this quarter on AI, IoT, cybersecurity as it relates to AI and IoT,...… Continue Reading

April 30, 2019, Covington Alert

Federal and state policymakers introduced a range of new measures on artificial intelligence (“AI”) and the Internet of Things (“IoT”) in the first quarter of 2019. In our initial AI & IoT Quarterly Legislative Update, we detail the notable legislative events from this quarter on AI, IoT, cybersecurity as it relates to AI and IoT, and connected and autonomous ...

April 10, 2019, Covington Digital Health

On April 2, 2019, FDA released a discussion paper entitled “Regulatory Framework for Modifications to Artificial Intelligence/Machine Learning (AI/ML)-Based Software as a Medical Device (SaMD)” (the “AI Framework”). The AI Framework is the Agency’s first policy document describing a potential regulatory approach for medical devices that use artificial ...

March 2019, DataGuidance

October 3, 2018, Privacy + Security Forum

September 21, 2018

Lindsey Tonsager is quoted in the San Francisco Business Times regarding California’s new cybersecurity bill regulating internet-connected devices. Ms. Tonsager believes the vagueness of the “reasonable” standard makes the law flexible. She says, “It’s really helpful that the legislation acknowledges flexibility in identifying which standards are reasonable. ...

September 17, 2018, Law360

Lindsey Tonsager is quoted in Law360 regarding California’s newly enacted rules mandating security features for internet-connected devices. Makers of IoT devices will be required under Senate Bill 327 to equip products with "reasonable security features." Ms. Tonsager says, "The 'reasonable security' standard is quite flexible, which is good when operating in a ...

July 3, 2018, Covington Alert

On June 28, 2018, the Governor of California signed the California Consumer Privacy Act of 2018 (“CCPA”). The new law is the most comprehensive data privacy statute in the United States and introduces significant privacy requirements for covered businesses. The CCPA takes effect on January 1, 2020, but based on comments from both the public-interest and business ...

June 28, 2018, Politico

Lindsey Tonsager is quoted in a Politico article regarding a bill passed by California lawmakers that imposes stricter consumer privacy rules on companies. Should the California law trigger other states to put their own restrictions on consumer privacy, industry lobbyists and advocates will likely look to Congress to create consistent standards, says Tonsager. ...

March 23, 2018, MLex

Lindsey Tonsager recently spoke at the BCLT Privacy Law Forum in Silicon Valley is quoted in an mLex article discussing whether GDPR will automatically become a global privacy standard. Tonsager said that working with companies that depend on AI technology to become compliant with the GDPR “is incredibly, incredibly challenging." Commenting on modifications to ...

January 24, 2018, Covington Alert

Digital advertising typically involves a vast network of publishers, advertisers and their agencies, advertising exchanges and networks, technology platforms, and measurement and data analytics providers. To help streamline the commercial dealings of all of these parties in this complex ecosystem, advertising industry self-regulatory groups have developed ...

January 16, 2018, NRF General Counsels Forum

January 8, 2018, Covington Advisory

In late December, the Federal Trade Commission (“FTC”) released a Staff Report titled Blurred Lines: An Exploration of Consumers’ Advertising Recognition in the Contexts of Search Engines and Native Advertising. This Report is the most recent sign of the FTC’s continuing interest in native advertising and effective online disclosures. This study builds upon the ...

December 5, 2017, Covington Digital Health

In the third installment of our series, Covington’s global cross-practice Digital Health team considers some additional key questions about Artificial Intelligence (AI), data privacy, and cybersecurity that companies across the life sciences and technology sectors should be asking to address the regulatory and commercial pieces of the complex digital health ...

November 9, 2017, CTIA Wireless Legal Seminar for the West

October 29, 2017, The Times

Lindsey Tonsager is quoted by The Times in an article regarding the use of artificial intelligence in healthcare. Commenting on how regulators are beginning to address some of the issues, Tonsager says, "The law hasn’t caught up with the technology. Nobody knows exactly who will be responsible.” “Some diseases disproportionately affect certain types of ...

October 17, 2017, Silicon Valley Association of General Counsel All Hands Meeting

October 13, 2017, 6th Annual US-China IP Conference

October 4, 2017, Privacy + Security Forum

September 26, 2017, Covington Digital Health

In the second of a three-part series, Covington’s global cross-practice Digital Health team considers some additional key questions that companies across the life sciences, technology, and communications industries should be asking as they seek to fit together the regulatory and commercial pieces of the complex digital health puzzle. Key Commercial Questions ...

September 22, 2017, The Recorder

Lindsey Tonsager is quoted by The Recorder in an article regarding the recent decision in a case brought by the FTC alleging that selling connected devices with known security weaknesses is an unfair and deceptive business practice. According to Tonsager, "Judge Donato's order should discourage the FTC from adopting a legal standard that would consider potential ...

Fall 2017, Journal of Student Financial Aid

August 29, 2017, Covington Digital Health

In the first of a three-part series, Covington’s global cross-practice Digital Health team answers key questions that companies across the life sciences, technology, and communications industries should be asking as they seek to fit together the regulatory and commercial pieces of the complex digital health puzzle. Key Regulatory Questions About Digital Health ...

June 29, 2017, Bloomberg Law

Lindsey Tonsager is quoted in a Bloomberg Law article regarding the FTC's updated guidance that includes adding online-based questions as a method of obtaining parental consent under the Children's Online Privacy Protection Act. According to Tonsager, the new methods are a quick way for parents to give consent without having to mail in forms, and will largely ...

May 1, 2017, Covington Alert

In a widely anticipated step, FCC Chairman Ajit Pai has released the text of a draft Notice of Proposed Rulemaking (“NPRM”) proposing to change the legal framework that governs broadband providers, eliminate the “Internet conduct standard” for evaluating broadband provider practices on a case-by-case basis, and seek comment on whether to keep, modify, or ...

April 25, 2017, In-House Benefits Counsel Network National Forum

November 9, 2015, Multichannel News

October 8, 2015

WASHINGTON, DC, October 8, 2015 — Covington advised Prosper Marketplace, a leading online marketplace that connects borrowers and investors, in its acquisition of BillGuard, a personal finance analytics company. The financial terms of the deal were not announced. According to the company’s press release, the acquisition will enable Prosper Marketplace to offer ...

October 1, 2015

WASHINGTON, DC, October 1, 2015 - Covington has elected nine of its lawyers to partnership. “We are delighted to welcome our new partners, who exemplify the spirit and substance of Covington,” said Timothy Hester, chair of the firm’s management committee. “This partnership class reflects our focus on the firm’s core practice strengths. We are confident that ...

August 20, 2015

SAN FRANCISCO, August 20, 2015 — Covington advised Tencent Holdings Ltd. on its US$50 million investment in Ontario-based Kik Interactive, Inc., a messenger application with more than 200 million registered users. Tencent is a Chinese company that provides value-added Internet, mobile and telecom services and online advertising. Its messaging app WeChat has ...

June 24, 2015, FDAnews Social Media Regulatory Affairs Summit — Social Media: Getting to Yes — Satisfy Both ROI and the FDA

May 21, 2015, IAPP Seattle KnowledgeNet

May 12, 2015, Inside Counsel

April 10, 2015, PBS Technology Conference

April 10, 2015, PBS Technology Conference

March 5, 2015, IAPP Global Privacy Summit

February 17, 2015, Bloomberg BNA Social Media Law & Policy Report, Vol. 4, No. 7

October 21, 2014, Law360

October 1, 2014, Children’s Advertising Review Unit Annual Conference

April 30, 2013, Law360

April 11, 2013, Covington E-Alert

March 8, 2013, IAPP Global Privacy Summit

March 2013

August 2, 2012, Covington E-Alert

June 7, 2012, Covington Advisory

February 27, 2012, Covington E-Alert

December 1, 2010, Covington E-Alert

September 29, 2010, Covington Advisory

July 22, 2010, Covington Advisory

March 19, 2010, Covington Report

October 30, 2009, Covington E-Alert

October 6, 2009, Covington E-Alert

August 13, 2009, Covington Advisory

June 19, 2009, Covington E-Alert

January 6, 2009, Covington Advisory

2009, PBS Technology Conference

December 2008, Data Protection Law & Policy

August 2008, Data Protection Law & Policy

March 2008, Data Protection Law & Policy

2008, Annual Presentation to the Smithsonian Institution’s Office of General Counsel on Developments in Intellectual Property

2007, Annual Presentation to the Smithsonian Institution’s Office of General Counsel on Developments in Intellectual Property

2006, 90 Minn. L. Rev. 1506