Craig Hoffman

Craig Hoffman

BakerHostetler

Contact  |  View Bio  |  RSS

Latest Publications

Share:

What is “Expedient” Notification of a “Data Breach?”

One of the first questions companies ask us when we are hired to help them respond to a new security incident is how fast they have to notify if the investigation shows that a “breach” occurred. Except for a couple of states...more

2/13/2014 - Breach Notification Rule Compliance Data Breach Data Protection Employer Liability Issues

Visa Loses Motion to Dismiss in Genesco Case - Are the Days for PCI Assessments Numbered?

In a highly anticipated decision, a federal court in Tennessee let stand a retailer’s claims against Visa for violation of California’s Unfair Competition Law (UCL) and for common law claims for unjust enrichment and...more

7/30/2013 - Data Breach Data Theft Fines Motion to Dismiss PCI Restitution Unfair Competition Unjust Enrichment Visa Inc

APT Threat Report Shows Cybersecurity Risks Not Limited to Identity Theft

We often talk to companies who believe they are an unlikely target for hackers because they do not have financial account information, Social Security numbers, or medical information. However, personal information is not the...more

2/22/2013 - China Critical Infrastructure Sectors Cyber Attacks Cyber Espionage Cybersecurity Cybersecurity Framework Identity Theft Trade Secrets

Magistrate Recommends Dismissal with Prejudice of Claims Against Global Payments

Global Payments, which processes credit card transactions, announced on March 30, 2012 that an unauthorized person gained access to a portion of its processing system. Global Payments later disclosed that Track 2 data (card...more

2/20/2013 - Article III Breach of Implied Contract Credit Cards Dismissal With Prejudice FCRA Fraudulent Charges Personally Identifiable Information Putative Class Actions Standing Stored Communications Act Theft Unfair or Deceptive Trade Practices

Do Merchants That Outsource Payment Processing Still Have Risk From a Breach?

Last week a small New England bakery announced that its point-of-sale (POS) devices were infected with malware that may have put card data at risk....more

2/11/2013 - Credit Cards Cybersecurity Data Breach Data Protection Debit and Credit Card Transactions Notice Requirements Notifications PCI PFI

FTC Announces New COPPA Enforcement Action & Mobile Privacy Staff Report

Authorship credit: Michael Young At a press conference this morning, outgoing FTC Chairman Jon Leibowitz announced an $800,000 settlement of its recent enforcement action against Path, the operator of a social networking...more

2/4/2013 - Consent COPPA Data Collection FTC Mobile Apps Path Inc. Social Media

Proposed FFIEC Guidance on Financial Institution Social Media Use

The Federal Financial Institutions Examination Council (FFIEC) released for comment on January 17 its proposed Social Media: Consumer Compliance Risk Management Guidance. There is a 60-day comment period. The purpose of the...more

1/24/2013 - CFPB Compliance FFIEC Risk Management Social Media

2012 Payments Systems Year-in-Review

The interchange fee and the potential of mobile payments were the dominant payment system issues in 2012. From a landmark antitrust settlement to seemingly daily announcements of a new prepaid or mobile payment product, there...more

12/29/2012 - CFPB Debit and Credit Card Transactions Durbin Amendment Rules EMV ETFs EU FCC FDIC FTC Interchange Fees Mobile Payments Point of Sale Terminals Prepaid Payment Products

Bank Agrees to Reimburse Company for Funds Taken Through Online Bank Account Theft

We reported in July on a First Circuit Court of Appeals decision finding that a bank failed to implement commercially reasonable security methods to prevent unauthorized transfers by a criminal that gained the online banking...more

12/6/2012 - Bank Security Procedures Data Breach Data Protection Financial Institution Liability Hackers

9 Results
|
View per page
Page: of 1