Lisa B. Dubrow is a lawyer specializing in advertising, consumer protection and privacy law. She counsels clients on legal issues surrounding the advertising and marketing of goods and services, including how to comply with subscription and recurring billing business models. Her practice encompasses consumer protection issues, the security and privacy of consumer databases, state and federal compliance with all methods of sales including e-commerce, direct mail and telemarketing, negative option sales, “back-end issues” related to consumer payments, behavioral marketing, influential and real-time marketing, licensing and affiliate sales arrangements, and the negotiation and drafting of contracts pertaining to product development, marketing and sales, including those with vendors, agencies, fulfillment, distribution, talent, production and media.

Ms. Dubrow is a Phi Beta Kappa graduate of SUNY Binghamton. She received her law degree from New York University School of Law. She has earned the credentials of being a Certified Information Privacy Professional in the United States and Europe and a Certified Information Privacy Manager (CIPP/US, CIPP/E, CIPM) through the International Association of Privacy Professionals. 

For more information, please visit:



New VISA Rules for Free Introductory Promotional Terms or Free Trials

On October 19, 2019 VISA published an updated version of its Product and Service Rules that will impact the acceptance, disclosure and notice obligations of merchants conducting free trial offers and introductory offers that convert to paid programs for both digital and physical goods and services. These changes go into effect on April 18, 2020. Here are the changes recurring merchants. need to understand.

Yogi Influencers Caught In A Bind

In a cautionary lesson for subscription businesses leveraging influencers, an advertising campaign on Instagram came to the attention of the Better Business Bureau (BBB) who found that Alo Yoga failed to disclose the material connection between the company and its influencers in violation of the FTC Guides Concerning the Use of Endorsements and Testimonials in Advertising (FTC Guides).

3 Steps Towards Privacy Compliance You Need To Look At Now

The new California privacy law (CCPA) will bring with it a need to get far more sophisticated about your data collection practices. The risk in ignoring this law is real.

There is a private right of action for any security breach, and consequently, it is time to address your company’s data security procedures. In addition, the CA Attorney General will have the right to take action for any violation of the statute. The law is effective on January 1, 2020, and although the AG has agreed not to enforce the law for six months, that will not stop class action attorneys from acting sooner if there is a security breach.

In this privacy how-to, we cover: Does the statute applies to you?, CCPA is being amended, should you wait to comply?, and, Will you need to revise your online privacy policy to comply with CCPA?

Automatic Renewal Protections Act of 2019

Regulation of automatically renewing contracts is continuing at the state level with Washington DC. The law which originally passed in March of 2019 has now been funded and will take effect in October 2020. The Automatic Renewal Protections Act of 2019 now stipulates new requirements, including a second opt-in for contracts that include a free trial before charging the consumer for the automatically renewing paid term. Lisa B. Dubrow, Esq explains.

Newest Privacy Law? Nevada.

Just as businesses are grabbling with the requirements of California’s new privacy law (CCPA), now Nevada has amended its own privacy law also granting consumers the right to opt out the sale of their personal information. The new law goes into effect on October 1, 2019 – 3 months before CCPA.

VT Automatic Renewal Law Update

The new VT law which had a pending amendment that would have deleted the requirement to affirmatively opt-in to the automatic renewal of a contract did not get through the Senate in this last session. Since the legislature is now out of session the new law stands as is and goes into effect on July 1, 2019. This law applies to both individuals (B2C) and businesses (B2B) where the initial term is one year or more that automatically renews for subsequent terms that are longer than one month.

UrthBox FTC Action Explained

The FTC has acknowledged that food delivery services can be a convenience for people with busy lives and that a free trial offer can help people decide which service they want to use. But subscription service providers also need to comply with ROSCA and other state and federal laws.

California Consumers Privacy Act (CCPA) Data Mapping Primer

For the purposes of data mapping, and the requisite notice that will be required in privacy policies, you will need to know the business or commercial purpose for which any personal information is collected and shared so your data mapping should take this into consideration. Our data mapping primer.