Latest Publications

Share:

Eighth Circuit Issues Two Class Action Data Breach Rulings

In the span of just nine days, the U.S. Court of Appeals for the Eighth Circuit issued two rulings in class actions involving data breaches—one breach in 2013 at brokerage firm Scottrade and another in 2014 at grocery stores...more

FTC Settles GLBA Enforcement Action Against TaxSlayer Stemming From 2015 Data Breach

The Federal Trade Commission (FTC) this week announced a consent order with TaxSlayer, LLC, an online tax preparation services provider, to settle claims that the company violated the Gramm-Leach-Bliley Act (GLBA) Safeguards...more

Delaware Amends Data Breach Statute

Delaware has joined the growing list of states that have recently amended their data breach laws. With passage of the first significant amendments to its data breach law since 2005, Delaware continues a state-law trend of...more

Maryland Amends Data Breach Notification Law

The Maryland General Assembly recently amended the Maryland Personal Information Protection Act to expand the definition of personal information, provide a 45-day timeframe for providing notice of a breach, allow for...more

D.C. Circuit Reverses Data Breach Class Action Dismissal on Standing Grounds

The U.S. Court of Appeals for the D.C. Circuit has reinstated a data breach class action filed against CareFirst BlueCross BlueShield (CareFirst). The lawsuit stems from a June 2014 data breach in which hackers infiltrated 22...more

Nevada Becomes the Third State to Enact Website Privacy Notification Law

Not everything that happens in Vegas stays in Vegas. Starting on October 1, 2017, a new Nevada privacy law will require certain website owners and operators to publish a notice regarding their privacy policies, disclosing to...more

Colorado District Court Dismisses Data Breach Class Action Against Noodles & Company

The U.S. District Court for the District of Colorado recently dismissed a proposed class action lawsuit filed by financial institutions relating to a 2016 data breach that involved hundreds of Noodles & Company (Noodles)...more

NYDFS Updates FAQs to Clarify Cybersecurity Regulations

The New York Department of Financial Services (NYDFS) recently updated frequently asked questions (FAQs) about its cybersecurity regulations, 23 NYCRR 500, to address four new issues. NYDFS published its initial set of FAQs...more

Ponemon Institute Study on Costs of Data Breaches Highlights Improvement and New Risks for U.S. and Global Companies

The average cost of a data breach, on both an aggregate and a per-record basis, has decreased slightly according to the Ponemon Institute's 2017 Cost of Data Breach Study: Global Overview. In addition to presenting recent...more

Colorado Division of Securities Publishes Final Cybersecurity Rules

The Colorado Division of Securities (Division) has published final cybersecurity rules applicable to broker-dealers and investment advisers. The Colorado Attorney General's office has 20 days to write an opinion on the rules,...more

SEC Emphasizes Cybersecurity Preparedness in Wake of Global Ransomware Attack

The U.S. Securities and Exchange Commission's Office of Compliance Inspections and Examinations (OCIE) has issued a Risk Alert in the wake of the widespread WannaCry ransomware attack that has inflicted hundreds of thousands...more

White House Issues New Cybersecurity Executive Order

President Trump recently signed the Presidential Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure. The Order sets forth the Trump Administration's policy for cybersecurity of...more

Is Your Organization Ready for a Systemwide Ransomware Attack?

Ransomware attacks just went big time. In a period of mere hours late last week, a global ransomware attack infected more than 200,000 computers and affected more than 100,000 organizations in over 150 countries. To put this...more

Colorado Proposes Cybersecurity Rules for Investment Advisers, Broker-Dealers

The Colorado Division of Securities recently issued proposed rules directed at establishing cybersecurity requirements for broker-dealers and investment advisers. The proposed rules were issued only a month after New York...more

New Mexico Becomes 48th State to Enact Data Breach Notification Law

New Mexico recently became the 48th state to enact a data breach notification law. This continues the accelerated pace of state data breach legislative activity in the last two years. Since 2015, at least 41 states have...more

Bank Whistleblower Suits Highlight Limits of Employee Confidentiality Agreements

Employers increasingly face the difficult scenario of employees who misappropriate company data in the pursuit of whistleblower claims alleging misconduct by the employer. Such cases can present a complex mix of regulatory,...more

IRS and Others Renew Warnings About Fraudulent Emails Targeting Employee Tax Information

With tax season in full swing, the Internal Revenue Service (IRS), state tax agencies, and tax industry groups recently renewed a warning about Form W-2 email spear-phishing scams. ...more

Data Breach Class Action Reinstated Against Horizon Healthcare Services Inc.

The U.S. Court of Appeals for the Third Circuit has vacated a district court's dismissal of a data breach class action filed against Horizon Healthcare Services Inc., in the wake of the 2013 theft of two computer laptops...more

EU e-Privacy Regulation Raises Stakes for Compliance

The European Commission's proposed e-privacy regulation sets forth obligations on handling electronic communications and clarifies obligations for seeking consent for the use of cookies. Meant to bring the e-privacy directive...more

NYDFS Revises Cybersecurity Regulation, Extends Effective Date to March 1, 2017

The New York Department of Financial Services (NYDFS) announced today a revised regulation that will require all institutions subject to NYDFS supervision to establish and maintain a cybersecurity program meeting "certain...more

FTC Settles with Targeted Digital Advertising Company over Supercookie Advertising Practices

The Federal Trade Commission (FTC) has entered into a proposed consent order requiring digital advertising company Turn Inc. to include a clear and conspicuous notice detailing how it collects, uses, or shares information...more

Affair Website Ashley Madison Fined $8.75 Million Over Data Breach, Misrepresentations

The Federal Trade Commission (FTC) has entered into a multimillion dollar settlement with the owners and operators of AshleyMadison.com, a dating website for people interested in having discreet affairs, related to the...more

Prepare for Compliance with General Data Protection Regulation Checklist

The Irish Data Protection Commissioner (DPC) has issued a 12-step checklist of actions companies can take now to better prepare for compliance with the General Data Protection Regulation (GDPR), the new EU privacy regulation...more

DOT Issues Proposed Cybersecurity Guidance to Automotive Industry

Vehicle-related cyber incidents could have devastating and deadly effects, particularly as cars and trucks become more highly automated and rely more heavily on wireless technologies. To combat this threat, the U.S....more

Federal Banking Agencies Propose New Requirements for Managing Cyber Risk

Three federal banking agencies have announced plans to develop new rules that would establish cyber risk management and resiliency standards for large interconnected entities under the agencies' supervision, as well as those...more

43 Results
/
View per page
Page: of 2

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.