Header graphic for print
Privacy Law Blog

Jeremy M. Mittman

Jeremy Mittman is an associate in the Los Angeles office of Proskauer Rose LLP. Prior to joining the Los Angeles office in October 2006, he practiced in the Firm's New York office.

Mr. Mittman represents employers in state and federal courts and before administrative bodies, including the National Association of Securities Dealers and the New York Department of Human Rights. He defends employers, at the trial and appellate court levels, in litigations involving wrongful discharge, sexual harassment, wage and hour class actions, breach of contract and employment discrimination. Mr. Mittman is also a member of Proskauer Rose's Privacy and Data Security Practice Group, and a large part of his practice is focused on international employment issues. He works with clients on multi-country HR projects involving issues such as data privacy in Global Human Resources Information Systems, multi-country employment contracts, international background checks, terminations, and other HR actions.

Mr. Mittman is the author of several employment-related articles, including several that appeared in the New York Law Journal. Most recently, Mr. Mittman co-authored a chapter on International Data Privacy Law for the Practicing Law Institute’s 2006 treatise Proskauer On Privacy: A Guide to Privacy and Data Security in the Information Age.

He received his B.A. in philosophy from the University of Pennsylvania and his J.D. from the University of Southern California School of Law, where he was an Articles Editor for the University of Southern California Law Review.

Posts by Jeremy M. Mittman

FTC Revamps COPPA Rule

By Jeremy M. Mittman on Posted in Children's Online Privacy Protection Act

Two and a half years after initiating a review of the Children’s Online Privacy Protection Rule (the “Rule”), the Federal Trade Commission (FTC) announced on December 19, 2012 that the Rule will be amended to clarify perceived ambiguities and to strengthen the Rule’s protections for children who engage in online activities in light of significant… Continue Reading

FCC Approves New Rules Curbing “Robocalls”

By Jeremy M. Mittman on Posted in Direct Marketing

In a move that will no doubt please many consumers, on February 15, 2012, the Federal Communications Commission approved a new set of rules aimed to substantially curb the practice of telemarketers to engage in "robocalling", or the placing of automatic, pre-recorded calls. The key development in the FCC’s 48 page Report and Order is… Continue Reading

Recent Amendments to Russian Data Protection Law Further Clarify International Data Transfer Rules

By Jeremy M. Mittman on Posted in Data Privacy Laws

          On July 25, Russian President Dmitry Medvedev signed into law an amendment to the Russian data protection law, "On Personal Data".  The new amendments are effective as of July 1, 2011.  Of special significance, the amendments provide further clarification regarding the transfer of personal data to individuals or entities located outside of Russia.  Prior… Continue Reading

New Mexican Data Protection Law is Signed by the President

By Jeremy M. Mittman on Posted in International

Earlier, we reported on the passage of a sweeping new data protection law in Mexico. Recently, the law went into effect earlier this month. The new law drastically expands the powers of Mexico’s data protection authority, which has now been renamed the "Federal Institute of Access to Information and Data Protection."

EU Article 29 Working Party Elevates Israel to Rank of Select Few Countries That Are Deemed to Possess “Adequate” Data Protection Laws

By Jeremy M. Mittman on Posted in European Union

On January 5, 2010, the EU Article 29 Data Protection Working Party published an opinion finding that Israel provides an "adequate" level of data protection under the EU Data Protection Directive. Should the European Commission ("EC") adopt the Article 29 Working Party’s recommendation (and there is no reason to think that it would not), Israel… Continue Reading

FTC Continues Safe Harbor Enforcement Streak With Six New Proposed Settlements

By Jeremy M. Mittman on Posted in European Union

On October 6, 2009, in one fell swoop, the Federal Trade Commission (“FTC”) announced proposed settlements of charges against six companies for violations under the US/EU Safe Harbor Program. Specifically, these companies (World Innovators, Inc.; ExpatEdge Partners LLC; Onyx Graphics, Inc.; Directors Desk LLC; Collectify LLC; and Progressive Gaitways LLC) were alleged to have continued… Continue Reading

French Data Protection Authority Releases New Opinion on Compliance with U.S. Discovery Procedures

By Jeremy M. Mittman on Posted in European Union

On August 19, 2009, the French Data Protection Agency (also known as the "CNIL") released a new opinion (the "Opinion") on the transfer of personal data from France to a jurisdiction outside of Europe. The Opinion is noteworthy for describing how personal data can be transferred from France to the United States pursuant to U.S…. Continue Reading

FTC Enforces US/EU Safe Harbor Program For First Time

By Jeremy M. Mittman on Posted in European Union

In early August, the Federal Trade Commission (“FTC”) announced the first enforcement action against a U.S. company for violation of the US/EU Safe Harbor Program. This enforcement action should serve as a call-to-action for all Safe Harbor program participants to review their safe harbor programs now, and re-affirm their compliance.  

E-Verify Litigation Resumes as Homeland Security Decides to Implement Mandatory Use Rule

By Jeremy M. Mittman on Posted in Workplace Privacy

In January 2009, we reported on the postponement of a controversial federal regulation resulting from a legal challenge filed by Proskauer Rose on behalf of several trade organizations, including the U.S. Chamber of Commerce. The rule, the result of an executive order signed by then-President George W. Bush, requires most federal contractors and subcontractors to verify… Continue Reading

New Report Finds Much Room For Improvement in EU Data Protection Law

By Jeremy M. Mittman on Posted in European Union

On May 12, 2009, the UK Information Commissioner’s Office (ICO) released a much anticipated report authored by the RAND Corporation assessing the strengths and weaknesses of the 1995 EU Data Protection Directive (95/46/EC) (the "Directive), the main source of privacy legislation in Europe. While the report highlighted a number of the Directive’s positive attributes, it… Continue Reading

EU High Court Strikes Down UK DNA Database on Privacy Grounds

By Jeremy M. Mittman on Posted in European Union

In a landmark ruling, the European Court of Human Rights (ECHR)—Europe’s highest court to take up cases affecting the privacy rights of EU citizens—ruled that some aspects of the UK’s DNA database violated EU law.  Specifically, on December 4, the ECHR issued its decision, S. and Marper v. The United Kingdom (Applications 30562/04, 30566/04), holding… Continue Reading

EU Publishes New Guidance on Binding Corporate Rules

By Jeremy M. Mittman on Posted in European Union

Binding corporate rules (“BCRs”) may now be easier to implement due to much needed guidance issued last month by the European Union’s Article 29 Working Party, the group responsible for the oversight of the EU’s data protection regime. The guidance consists of three documents, which clarify the requirements for establishing BCRs. These documents are: (1) a checklist… Continue Reading

EU Data Protection Watchdog Supports Data Breach Notification Law

By Jeremy M. Mittman on Posted in European Union

The European Data Protection Supervisor (EDPS) has come out in favor of the EU enacting data security breach notification laws. The EDPS is an independent supervisory authority devoted to protecting personal data and privacy and promoting good data protection practices within the EU, both by monitoring the EU administration’s own data processing, as well as… Continue Reading

Anonymous in Arizona? Maybe Not.

By Jeremy M. Mittman on Posted in Online Privacy

In a case of first impression, the Arizona Court of Appeals recently considered the ability of a litigant to determine the identity of an anonymous Internet user. Mobilisa, Inc v. Doe, Case No 1-CA-CV 06-0521, 2007 Ariz. App. LEXIS 225 (Ariz. Ct. App., November 27, 2007). While the Court did not require disclosure of an anonymous Internet… Continue Reading

First Subsidiary of a U.S. Based Multinational Company Fined for Data Protection Violations in France

By Jeremy M. Mittman on Posted in European Union

Last month the French subsidiary of the U.S. based company, Tyco Healthcare, became the first local branch of a U.S. company to be fined for data protection violations. France’s data protection agency, La Commission Nationale de L’informatique et des Libertes (CNIL) levied a fine of 30,000 euro (or about $40,350) against the company after it… Continue Reading

EU Working Party Adopts Model Application Form for Binding Corporate Rules

By Jeremy M. Mittman on Posted in European Union

On January 10, 2007 the Article 29 Data Protection Working Party announced the adoption of a new Model Application for the submission of a company’s Binding Corporate Rules to any European Union Data Protection Authority (DPA). The EU’s approval of the Model Application is long-awaited and a welcome addition to help make Binding Corporate Rules a… Continue Reading