Photo of Yana Komsitsky

Yana Komsitsky

Subscribe to Yana Komsitsky's Posts

Many viewed the highly anticipated coming into force of the European Union’s General Data Protection Regulation (GDPR) on May 25, 2018 as the “finish line” for the marathon efforts towards privacy compliance that took place in the months running up to this date. In reality, however, this date should be treated instead as a “starting line” from which to launch mandatory organizational protections for the personal data of individuals in the EU and elsewhere going forward.

Most companies with European operations have spent at least two years preparing for the GPDR. These often extensive ‐ and expensive ‐ efforts were typically led by companies’ legal, compliance, IT and security departments, and/or privacy offices, if any, and were supported by outside counsel and privacy consultants. The efforts often prioritized commercial or business data processed by the companies (through the websites, products, business contracts, etc.) instead of the data of employment candidates, employees, and other workers, such as temporary agency workers and independent contractors (collectively, “HR data”).

Click here to read the entire article (originally published by Bloomberg Law) which focuses on how companies should continue to focus on HR data compliance post-GDPR.

By now, you have no doubt heard about the passage of the California Consumer Privacy Act of 2018, going into effect January 1, 2020. This new privacy legislation will force many companies – whether headquartered in or out of California – into compliance with several onerous requirements. Some have called it California’s answer to the (notorious) GDPR. But what does this mean from an employment perspective?

It means that despite the title, the Act extends certain protections to California employees because it defines “consumer” as “any natural person who is a California resident.” Therefore, regardless of where your company is located, if it employs at least one individual who is living or domiciled in the state and also meets one of the thresholds below, it must comply at least with regard to all California residents, including employees.

Continue Reading Yes, The California Consumer Privacy Act Covers California-Based Employees

(With special thanks to our Global Equity Services team and Lothar Determann for collaborating on this post.)

One month from today, on May 25, 2018, the European Union (EU) General Data Protection Regulation (GDPR) will go into effect. In light of this, we have been recommending companies review their data privacy policies and practices in the context of equity plan participation and update their share plan documents. In the final month, we want to highlight these items again and encourage you to make sure your company’s equity programs are ready for the GDPR.

Continue Reading Countdown to GDPR… Are Your Equity Plans Ready?

The new data privacy rules are just around the corner…are you ready?

The EU General Data Protection Regulation (GDPR) comes into force May 25, 2018. GDPR introduces stricter requirements and higher penalties for violations, so it is important for companies to review their data privacy compliance not just with respect to customers but with respect to employees.

Join our upcoming webinar to review the new legal landscape under GDPR, discuss the different approaches for dealing with personal data after effectiveness of GDPR and consider the pros and cons of each approach.

Date: April 5, 2018

Time: 11AM – 12PM CST

Click here for more details on the webinar, including featured speakers. Register today to gain an understanding of the new rules and how to tackle them.

(With thanks to Lois Rodriguez from our Madrid office for preparing this post in collaboration with Yana Komsitsky.)

Before conducting workplace surveillance, employers who want to monitor their workplaces, even if they suspect their employees of stealing or other nefarious activity, should heed the recent European Court of Human Rights (ECHR) judgement in the case of Lopez Ribalda and others v. Spain.

In early January, the ECHR held in favor of five supermarket chain employees who had been dismissed after they were caught stealing on hidden cameras because the cameras had intruded on their right to respect for private and family life.

Continue Reading The European Court Of Human Rights Awards Damages To Five Employees Filmed Stealing From Their Employer

A recent Court of Appeal decision in the UK (Tillman v Egon Zehnder Limited) found that a post-termination non-compete restriction was unreasonably wide (and therefore unenforceable) on the basis that there was no carve out for shareholdings in the typically broad restriction which provided that the employee could not “directly or indirectly engage or be concerned or interested in any business carried on in competition with” the employer.

The Tillman court declined to sever (or “blue pencil”) the offensive wording and enforce the remaining provisions. Instead, the court invalidated the entire agreement.

Lots of non-compete covenants are broadly drafted and include catchall phrases like “concerned or interested in” and often do not include an express carve-out for shareholdings. As such, we suggest a quick review of your non-compete covenants in the UK (and other Commonwealth jurisdictions such as Hong Kong, Singapore and Canada) to determine if they are at risk of being deemed invalid. Seeking to enforce an invalid restriction could have costly consequences. However, there are steps you can take now, to mitigate the risk of voiding a restriction, even with existing employees.

Reach out to your Baker McKenzie lawyer for more details.