Business Torts Business Organization Privacy

Read Business Torts updates, news, and legal commentary from leading lawyers and law firms:
News & Analysis as of

Cyber Risks for the Boardroom Part 2: Why Corporate Directors Should be Concerned About Data Security Breaches

All this week, we are featuring a series “Cyber Risks – Director Liability and Potential Gaps in D&O Coverage” Part 2 of 5: Why Directors Should Be Concerned...more

An Overview of the 2014 Class Action Survey

To read the full 2014 Class Action Survey report, please visit Fifty-two percent of major companies are currently engaged in class action litigation. This percentage has remained fairly consistent...more

Board Oversight of Cyber Security and Cyber-Security Disclosures: Answers to Some of the Key Questions

Cyber security is top of mind for companies, and cyber-security oversight is top of mind for corporate directors. I recently co-moderated a panel discussion for directors on board oversight of cyber security and cyber-security disclosures. I thought I’d share my thoughts on some of the key issues.more

Unique Privacy Concerns for Mobile Apps

With the rise of BaaS (or Backend as a service) platforms, it is easier than ever to create a mobile app on the fly. But Fenwick privacy co-chair Tyler Newby advises that companies should be aware of some important privacy concerns unique to mobile apps. Newby says that there is increasing federal and state regulatory interest in the vast amount of personally identifiable information (PII) apps can collect through mobile devices. He covers a range of federal and state laws that come into play from the California Online Privacy Protection Act (CalOPPA) at the state level to the Child Online Privacy Protection Act (COPPA) at the federal level and the implications of laws like the Stored Communications Act and the Electronic Communications Privacy Act (or Wire Tap Act). Newby’s guidance will come as a welcome introduction for anyone involved in mobile app development to help understand the array of applicable privacy laws.more

Safeguards against Data Security Breaches (Part One)

With data security breaches dominating the headlines and a rising number of employees taking advantage of BYOD, or bring your own device to work policies, businesses have found themselves vulnerable to targets by hackers, malware and other risks. Concerns about security, trust and PII, personally-identifiable information, are all taking center stage in this discussion. Following up on his video “Top 3 Concerns in Data Security,” Fenwick’s Robert Brownstone, a leader in electronic information security issues, says that encryption is an important tool to safeguard against all kinds of breaches.more

SEC v. Hackers: More Cybersecurity Enforcement On The Horizon?

Cybersecurity may be the SEC’s newest area for enforcement actions. While the SEC first released Disclosure Guidance concerning cybersecurity in 2011, the recent media attention surrounding significant cybersecurity breaches at a number of U.S. companies may cause the SEC to renew interest in the issue, and may result in enforcement actions, as well as shareholder class actions and derivative lawsuits. Companies that fail to disclose cybersecurity events in their public filings may find themselves on the wrong end of an SEC investigation and enforcement action.more

Missouri Uniform Trade Secrets Act Does Not Protect Customer Information Insufficiently Guarded or Which is not Truly "Trade Secret" in Character

In this case, a corporate successor, Central Trust Investment Company (hereafter also "Central Trust") sued the former employee (Kennedy) of its acquired company, Springfield Trust & Investment Company (hereafter also "STC"), after the employee started a business which directly competed with his former employer and Central Trust.more

Three Key Data Retention Questions

Your company has been sued – what do you need to consider to comply with data preservation requirements? How do you address litigation holds, ediscovery and data retention? Robert Brownstone, litigation attorney and chair of Fenwick’s Electronic Information Management Group, outlines three key questions every company must ask themselves the moment litigation is anticipated or a subpoena arrives at the door. more

Trust in On-Line Advertising

It’s no surprise that people trust online reviews from consumers more than traditional advertisements. After all, advertisements are created by the company selling a product of service, whereas third party reviews are by people with no self-interest. Unless, of course, the reviewer has a hidden agenda, such as a competitor writing a bad review, or someone connected to the business singing its praises. The anonymous nature of online reviews make this kind of subterfuge possible. For example, it recently came to light that authors and reviewers-for-hire are leaving fake reviews about books on Amazon. [Forbes, 8/28/12] more

California Employment Bill Recap

California legislators have been active passing several employment law bills that impact local businesses in recent months. Here’s a recap of some with brief summaries. Legal counsel should be sought for a complete understanding of each new law, and the potential impact to your unique business circumstances. Workers Compensation (SB863) Makes numerous changes to the State’s workers compensation system in an effort to streamline and control rising medical costs. One of the major changes is that it makes the Independent Medical Review process mandatory for almost all disputes about medical treatment, effectively replacing the Workers Compensation Appeals Board in this regard, as well as limiting the involvement of attorneys and judges. Commissions (AB1396) Requires commission agreements between employers and employees to be in writing, and that the employer provide a signed copy to the employee. The agreement must set forth the method by which the commissions are computed and paid. Short term productivity bonuses are not considered commissions under the bill. . . . more

Mobile App Privacy Developments In California

The Attorney General of California has begun sending non-compliance letters to mobile app developers who are not complying with the State’s privacy laws because their apps do not have a privacy policy. The apps targeted are available through the Apple App Store and Google Play platforms. The California Online Privacy Protection Act (“CalOPPA”) requires that commercial web sites and online services post a privacy policy that, among other things, is conspicuously posted and reasonable accessible by the consumer, if the site collects personally identifiable information via the Internet about individual consumers who use or visit the site and reside in California. Failing to post a privacy policy within 30 days after receiving notice of non-compliance is a violation of CalOPPA and can result in penalties of up to $2,500 for each violation. As the Attorney General’s Office points out, that means $2,500 for each copy of an unlawful app downloaded by California consumers. [Download Sample Letter of Non-Compliance from Attorney General’s Office] more

Privacy Enforcement By California Attorney General’s Office

California takes citizen privacy rights seriously. That’s the unmistakable message communicated by a recent announcement that the Office of the Attorney General of California is creating a Privacy Enforcement and Protection Unit. In this age of digitized information and online communication, privacy rights are of special interest as the ease with which sensitive personal information can be created, collected, copied and disseminated has increased dramatically. more

Reducing Cyber Risk

The European perspective on managing cyber risk is valuable for US companies operating internationally and also as risk management guidance when operating in the US. Recently, an arm of the UK Government Communication Headquarters issued a detailed article titled 10 Steps To Cyber Security. The article includes information on reducing cyber risk in critical areas that include network security, incident management, malware protection, managing user privileges, user education and others. An article at the Global Regulatory Enforcement Law Blog culls from the report key recommendations to prevent and limit damage from cyber attacks. These include, among others: more

Who’s Liable For Vendor’s CAN-SPAM Violation?

The CAN-SPAM act sets legal rules for commercial E-Mail and includes various provisions that apply to “any electronic mail message the primary purpose of which is the commercial advertisement or promotion of a commercial product or service.” [See CAN-SPAM Act, 15 USC Section 7701 et seq.] CAN-SPAM provisions have an impact on numerous practices, including false or misleading header information, deceptive subject lines and opting out of receiving future emails. Often companies employ a third party service to manage and/or operate email and other electronic marketing efforts on their behalf. If this occurs, what happens when someone sues the company for a violation of the CAN-SPAM Act? Is the company liable or can the company look to the third party responsible for sending emails or other electronic communication on its behalf? more

Data Privacy And Protection Efforts Start With A Company Policy, But Don’t End There

If your company has a data privacy policy in place, make sure you live up to its provisions. Failure to do so makes it more likely that the Federal Trade Commission (“FTC”) will pursue an enforcement action against the company for engaging in a “deceptive practice” under Section 5 of the FTC Act. What can you do to prevent this from happening? A recent article, referencing an FTC enforcement action, suggests the following: • Conduct risk assessments • Use “reasonable methods” to prevent/detect unauthorized access to personal information • Train employees • Employ proper response measures more

California’s Shine the Light Act: Plenty of Reason$ for Businesses Not to Shine It On

Recent class actions regarding California’s Shine the Light Act illuminate the need for California businesses to pay attention to their privacy policy compliance practices. Violations of the Act can incur civil penalties of $500 per violation — or $3,000 per violation if it was willful, intentional or reckless — in addition to attorney’s fees and court costs. Shine the Light laws have been on the books since 2005, and require any organization doing business with California residents to protect personal information. That protection includes requirements to notify California customers: more

Google Privacy Violation Alleged, Leads To FTC Settlement

Google’s business model is based on delivering relevant search results and, increasingly, relevant ads to those who use its products. In order to do so, Google needs to know a user’s search history since search history and web site navigation offer important data about a user’s interests. As many people know, web sites use files known as “cookies” to track user movements/logins as they traverse the web. But web browsers such as Microsoft’s Internet Explorer, Apple’s Safari and others provide privacy controls that allow users to turn cookies on or off. more

Google Privacy Violation Alleged, Leads To FTC Settlement

Google’s business model is based on delivering relevant search results and, increasingly, relevant ads to those who use its products. In order to do so, Google needs to know a user’s search history since search history and web site navigation offer important data about a user’s interests. As many people know, web sites use files known as “cookies” to track user movements/logins as they traverse the web. But web browsers such as Microsoft’s Internet Explorer, Apple’s Safari and others provide privacy controls that allow users to turn cookies on or off. more

What is a Non-disclosure Agreement?

A non-disclosure agreement (NDA) is an agreement between (at least) two parties, where one is the provider of the information that is to be protected and another is the receiver of the information. The non-disclosure agreement works on a very simple principle; it creates a legal obligation on the receiver of the information not to disclose it to anyone else outside the terms of the contract. In case the receiver discloses any information to a third party (only for the purposes of the contract), he has to ensure that such third party agrees in writing to receive such information under terms at least as restrictive as those specified in the original agreement. The point is, the person who is receiving the information is promising not to tell anyone else what has been told to him in confidence. Any business carries out transactions with other individuals or businesses where they need to share trade secret, information received from clients that are confidential or market data that they want to keep far away from competitors. All such information requires protection. It is important that the employees of the corporation or anyone involved in the business dealings of the company do not divulge confidential information relating to the company’s activities. How can a business corporation ensure that their trade secret and business transaction data are protected and not divulged by anyone involved in the company’s dealing? A prudent business corporation generally makes its employees and business associates sign a non- disclosure agreement to ensure confidentiality of its business dealings and trade secrets. Read on to know more about this ubiquitous Non- Disclosure Agreement.more

Business Leaders Must Address Cybersecurity Risk

Assuring cybersecurity has become a necessity for businesses across all industries. According to an FBI study in March 2009, cybercrimemore

20 Results
View per page
Page: of 1

Follow Business Torts Updates on:

JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.