Privacy Law Blog
Photo of Laura E. Goldsmith

Laura E. Goldsmith

View full bio

Laura Goldsmith is an associate in the Corporate Department. She represents life science companies in various transactions, including licensing deals, research collaborations and strategic acquisitions. She also advises clients regarding compliance with federal and state laws related to privacy and data security. She contributes to Proskauer’s Privacy Law Blog and maintains the Financial Privacy and State Privacy Laws chapters of the Proskauer on Privacy treatise.

Prior to her legal career, Laura worked as a consultant to global pharmaceutical companies formulating drug development strategy and clinical trial design. She also conducted scientific research in pharmacology and biology at Duke University Medical Center and her research has been published in peer-reviewed journals.

Subscribe to all posts by Laura E. Goldsmith

French DPA Issues Robust Model Regulation for Biometric Access Controls in the Workplace

By Laura E. Goldsmith and Mathilde Pepin on Posted in Biometrics, Data Privacy Laws, European Union, France, GDPR, International, Workplace Privacy
In late March, the French Data Protection Authority, Commission Nationale de l’Informatique et des Libertés (“CNIL”) released a model regulation (the “Model Regulation”) governing the use of biometric access controls in the workplace.  Unlike many items of personal information, biometric data (such as a person’s face or fingerprints) is unique and, if stolen or otherwise … Continue Reading

With Regulators Increasing Focus on Spam Robocalls, Arkansas Follows Others States in Passing Anti-Spoofing Privacy Law

By Laura E. Goldsmith on Posted in Mobile Privacy, Privacy Law, State Privacy Laws, Telecommunications
Unwanted robocalls reportedly totaled 26.3 billion calls in 2018, sparking more and more consumer complaints to the FCC and FTC and increased legislative and regulatory activity to combat the practice. Some automated calls are beneficial, such as school closing announcements, bank fraud warnings, and medical notifications, and some caller ID spoofing is justified, such as … Continue Reading

SEC Issues Updated Guidance on Public Company Cybersecurity Disclosures

By Kristen J. Mathews and Laura E. Goldsmith on Posted in Cybersecurity, Data Breaches, SEC
On February 21, 2018, the Securities and Exchange Commission (SEC) issued an interpretive Commission Statement and Guidance on Public Company Cybersecurity Disclosures (the “Guidance”) to assist public companies in meeting their cybersecurity disclosure requirements under the federal securities laws. The Guidance notes that, as reliance on networked systems and the Internet have increased, so too have the risks … Continue Reading

Regulators Offer Guidance on Privacy and Security for Health App Developers

By Laura E. Goldsmith on Posted in Cybersecurity, Data Privacy Laws, FTC Enforcement, HIPAA, Medical Privacy, Mobile Privacy, Online Privacy
This month, the Federal Trade Commission (FTC) issued guidance on privacy and security best practices for health-related mobile apps, such as fitness apps connected with wearables, diet and weight loss apps, and health insurance portals.  At the same time, the FTC unveiled an interactive tool designed to direct health app developers to federal laws and … Continue Reading

Fiduciary Access to Digital Assets and Accounts: Revised Model Statute Adopted in Oregon

By Laura E. Goldsmith on Posted in Cloud Computing, Data Privacy Laws, Electronic Communications, Legislation, Online Privacy
Oregon became the first state to adopt the Revised Uniform Fiduciary Access to Digital Assets Act (“Revised UFADAA”) when Governor Kate Brown signed Oregon Senate Bill 1554 into law on March 3, 2016.  The law will become effective on January 1, 2017.… Continue Reading

The European Commission Issues Guidance on Alternative Cross-Border Data Transfer Tools

By Laura E. Goldsmith on Posted in Data Privacy Laws, European Union, International, Online Privacy
Today, one month after the European Court of Justice decision that invalidated the Safe Harbor framework, the European Commission (the “Commission”) issued a Communication setting forth its position on alternative tools for the lawful transfer of personal data from the EU to the United States.  The Commission also stated its objective to conclude negotiations with … Continue Reading

Uncertainty for the U.S.-EU Safe Harbor Intensified by Non-Binding Recommendation for EU High Court

By Laura E. Goldsmith on Posted in Data Privacy Laws, European Union, International
In a non-binding opinion issued on September 23, 2015, an Advocate General for the European Court of Justice (“ECJ”) recommended that the ECJ suspend the U.S.-EU Safe Harbor program (“Safe Harbor”) and reexamine whether the Safe Harbor provides adequate protection for personal data of EU citizens.  In light of its non-binding nature, the opinion did … Continue Reading

Connecticut Joins States That Protect Personal Online Accounts of Employees

By Laura E. Goldsmith on Posted in Data Privacy Laws, Electronic Communications, Online Privacy, Workplace Privacy
Connecticut has joined a list of twenty-one states with a statute designed to preserve the privacy of personal online accounts of employees and limit the use of information related to such accounts in employment decision-making. Legislation directed to online privacy of employees has also passed this year in Montana, Virginia, and Oregon, and such legislation … Continue Reading

European Union Cookie Sweep Highlights Need for Improved Compliance

By Laura E. Goldsmith on Posted in European Union, International
On February 3, 2015, European data protection regulators released the Cookie Sweep Combined Analysis Report analyzing how websites use cookies to collect data from European citizens and highlighting noncompliance with Article 5(3) of the EU’s ePrivacy Directive. Among other requirements, this directive mandates that website operators obtain users’ consent for the use of cookies or … Continue Reading
LexBlog