Privacy General Business Science, Computers & Technology

Read Privacy Law updates, news, and legal commentary from leading lawyers and law firms:
News & Analysis as of

Out of the Box: Legal guidance for the consumer product + retail industry - Volume 2, Issue 2, Summer 2014

In This Issue: - Are Offers Of Free Credit Monitoring About To Become Mandatory In Data Breach Incidents? - Mandatory “Made-In” Labeling in the EU - A New Dawn for California Class Actions - Recent...more

When Acting to Prevent Data Breaches and Comply with Privacy Laws, Remember Overarching Employee Rights

The grocery business may be “fresh and easy,” but drafting a confidentiality and data protection policy that withstands the scrutiny of the current National Labor Relations Board (NLRB) is not. The NLRB, in its recent 2-1...more

The Board of Directors and Cybersecurity: Setting up the Right Structure

Security breaches have become a staple of the daily news. A national restaurant chain announced in August 2014, that a payment card processing system breach involved 33 restaurants in 18 states and that the incident lasted...more

Germany's Draft Bill on IT Security

On August 19, 2014, the German Federal Ministry of the Interior ("GMI") proposed a new bill to increase the security of IT systems (the "Draft Bill"). As contemplated in the White & Case Technology Newsflash of December...more

In Flight Catalog: Senator Rockefeller Opens Inquiry Into Consumer Data Practices by Airlines

Last week, Senator Jay Rockefeller (D-W.Va.) sent a letter to the top ten revenue generating passenger airlines in the United States, opening an inquiry into their practices related to charging additional fees for optional...more

Deadline For Business Associate Agreement And Data Use Agreement Compliance Is September 22, 2014

September 22, 2014 is the deadline to have all business associate and data use agreements updated to conform to the new requirements of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Final Omnibus...more

Quirky Question #240, Breach Notification Laws

Question: Our company has employees and operations in multiple states, and I’m concerned about complying with data breach laws in the various locales. What’s the status of the law on data break...more

My “Momma Bear” Is Coming Out: Cyber Bullies Prove Social Media Training Needs An Anti-Harassment Element

More than 50% of teens have experienced cyber bullying. Parents have historically looked to their children’s schools and local government to address the issue, but what about the social media sites which contribute to the...more

Secret Service Raises Warning About Backoff POS Malware

The Secret Service, which investigates financial crimes, issued a security Alert on July 31, 2014, warning of malware named “Backoff” that was being used to steal payment card data from point-of-sale (POS) systems. The Alert...more

Weighing in – 1.2 Billion Usernames and Passwords. What, Me Worry About CyberSecurity?

Last month one of our lead articles was Cyber Security: Forewarned is Fair-Warned. Last week the New York Times published an article reporting that at least 1.2 billion usernames and passwords were hacked by a Russian...more

Lawsuits Against Social Media Sites Rarely a Good Idea – This One Probably Isn’t Either

A Houston area woman has sued Facebook asking for $123 million because Facebook was slow to take down a fake a profile created by her ex-boyfriend with pornographic images. The plaintiff sued Facebook and the...more

Wearable Devices in the Workplace Challenge Data Security and Privacy

Wearable devices, including health and activity monitors, video and audio recorders, location trackers, and other interconnected devices in the form of watches, wristbands, glasses, rings, bracelets, belts, gloves, earrings,...more

Singapore's first data breach?

The Straits Times reported on 14 August that Singapore’s Personal Data Protection Commission (the “Commission”) is investigating a complaint from a user that Xiaomi has breached the Personal Data Protection Act 2012 (“PDPA”)....more

Russian Hackers Stockpile Over 1 Billion Internet Credentials: Industry Leaders Across All Sectors Likely Impacted

A Russian hacking group reportedly engaged in the largest known cyberattack by amassing over 1.2 billion unique sets of usernames and passwords and 500 million email addresses from more than 420,000 web and FTP sites. The...more

Reasonable Doubt: Data Privacy, Cybersecurity, and the FTC

Today’s cybersecurity environment demands that every business establish effective corporate data privacy and consumer information security systems and practices. But, unfortunately, no single cybersecurity law exits to...more

Community Health Systems' HIPAA Breach: Significant Lessons for Health Care and Non-Health Care Companies

On August 18, 2014, Community Health Systems, Inc. (CHS) publicly confirmed, in a filing with the Securities and Exchange Commission (CHS filing), that its computer network was attacked between April and June 2014 by hackers...more

California Federal Court Dismisses User Information Claims Against Digital Wallet Company

On August 12, the U.S. District Court for the Northern District of California dismissed for failure to state a claim a putative class action alleging that a digital wallet provider made unauthorized disclosures of user...more

Google, the House of Lords and the timing of the EU Data Protection Regulation

In the Google Spain “Right to be Forgotten” case, the ECJ held that Google must remove links to a newspaper article containing properly published information about a Spanish individual on the basis that the information is no...more

The SEC Tackles Technicality

Within several months of Securities and Exchange Commission Chair Mary Jo White’s announcement in late 2013 of a commitment to improving the SEC’s trial readiness, the Commission suffered a number of losses in federal...more

Privacy Tuesday: August 2014 #2

There is another retail data breach to talk about in this Privacy Tuesday post – privacy & security bits and bytes to start your week....more

Changes in State Breach Notification Laws

As data breaches continue to occur, breach notification laws are being amended or enacted. In the United States, state and federal breach notification laws should be monitored carefully regarding changes, as should breach...more

New Guidance for Merchants on Ensuring that Service Providers Share Security Responsibility

For merchants, long gone are the days of using a card reader with a dial-up connection to their payment processor. Today’s omni-channel retailers rely on multiple third party service providers to complete payment card...more

Bring Your Own Device Doesn't Mean Bring in Security Breach

Bring-Your-Own-Device (“BYOD”) policies have been picking up steam because of increased productivity, improved communications, and the need for employees to work remotely. However, when implementing any BYOD policy there are...more

PCI Council Issues Biz Tips to Reduce 3rd Party Security Risk

On August 7, 2014 the PCI Security Standards Council issued new guidance to supplement PCI DSS Requirement 3.0 and help organizations reduce the risks associated with entrusting third-party service providers (“TPSPs”) with...more

Does your CGL Policy Include Cybersecurity Coverage?

As implied by the name, the commercial general liability (CGL) insurance policy provides businesses with coverage for a wide array of claims by third parties, including claims for damage to “tangible property” and claims...more

1,025 Results
|
View per page
Page: of 41

Follow Privacy Updates on: