Privacy Consumer Protection General Business

Read Privacy Law updates, news, and legal commentary from leading lawyers and law firms:
News & Analysis as of

Out of the Box: Legal guidance for the consumer product + retail industry - Volume 2, Issue 2, Summer 2014

In This Issue: - Are Offers Of Free Credit Monitoring About To Become Mandatory In Data Breach Incidents? - Mandatory “Made-In” Labeling in the EU - A New Dawn for California Class Actions - Recent...more

The Board of Directors and Cybersecurity: Setting up the Right Structure

Security breaches have become a staple of the daily news. A national restaurant chain announced in August 2014, that a payment card processing system breach involved 33 restaurants in 18 states and that the incident lasted...more

In Flight Catalog: Senator Rockefeller Opens Inquiry Into Consumer Data Practices by Airlines

Last week, Senator Jay Rockefeller (D-W.Va.) sent a letter to the top ten revenue generating passenger airlines in the United States, opening an inquiry into their practices related to charging additional fees for optional...more

Singapore's first data breach?

The Straits Times reported on 14 August that Singapore’s Personal Data Protection Commission (the “Commission”) is investigating a complaint from a user that Xiaomi has breached the Personal Data Protection Act 2012 (“PDPA”)....more

Russian Hackers Stockpile Over 1 Billion Internet Credentials: Industry Leaders Across All Sectors Likely Impacted

A Russian hacking group reportedly engaged in the largest known cyberattack by amassing over 1.2 billion unique sets of usernames and passwords and 500 million email addresses from more than 420,000 web and FTP sites. The...more

Reasonable Doubt: Data Privacy, Cybersecurity, and the FTC

Today’s cybersecurity environment demands that every business establish effective corporate data privacy and consumer information security systems and practices. But, unfortunately, no single cybersecurity law exits to...more

Community Health Systems' HIPAA Breach: Significant Lessons for Health Care and Non-Health Care Companies

On August 18, 2014, Community Health Systems, Inc. (CHS) publicly confirmed, in a filing with the Securities and Exchange Commission (CHS filing), that its computer network was attacked between April and June 2014 by hackers...more

California Federal Court Dismisses User Information Claims Against Digital Wallet Company

On August 12, the U.S. District Court for the Northern District of California dismissed for failure to state a claim a putative class action alleging that a digital wallet provider made unauthorized disclosures of user...more

Google, the House of Lords and the timing of the EU Data Protection Regulation

In the Google Spain “Right to be Forgotten” case, the ECJ held that Google must remove links to a newspaper article containing properly published information about a Spanish individual on the basis that the information is no...more

Director Liability for Cybersecurity Risks

If a corporation is the target of a cyberattack resulting in a data breach, its board may be the target of a shareholder derivative action claiming breach of fiduciary duty. A recent example is Palkon v. Holmes, No....more

Recording Calls? Five Things You Can Do to Avoid the Litigation Frenzy

Restaurant chain Applebee’s has joined other businesses such as Overstock.com, Hilton, Capitol One, and Bass Pro Shops as defendants in purported class action lawsuits alleging that they illegally recorded calls to or from...more

Consumer Protection Organization Petitions FTC To Enforce U.S.-EU Safe Harbor Framework

On August 14, the Center for Digital Democracy (CDD) announced that it filed a complaint with the FTC claiming that 30 U.S. companies are compiling, using, and sharing EU consumers’ personal information without their...more

Changes in State Breach Notification Laws

As data breaches continue to occur, breach notification laws are being amended or enacted. In the United States, state and federal breach notification laws should be monitored carefully regarding changes, as should breach...more

New York Becomes First State to Propose Virtual Currency Regulations

On July 17, 2014, the New York State Department of Financial Services (DFS) became the first state agency to release proposed regulations specifically governing the crypto-currency industry. The proposed regulations were...more

What Companies Can Do to Protect Themselves in the Face of Yet Another Massive Data Breach

Last week it was reported that a small group of Russian computer hackers illegally obtained an unprecedented quantity of internet credentials, including 1.2 billion username and password combinations, and over 500 million...more

Massive Hacking Operation Further Reveals Weakness of Passwords

A small private cybersecurity firm recently revealed that a Russian computer hacking organization amassed more than 1.2 billion username and password combinations. The data was collected across a wide swath of websites, from...more

Payment Cards Security Standards Organization Publishes Third-Party Security Assurance Guidance

On August 7, the PCI Security Standards Council (PCI SSC), the open global forum responsible for setting payment security standards, published an information supplement titled “Third-Party Security Assurance Guidance,” which...more

PCI Security Standards Counsel: Recently Published Recommendations

The PCI Security Standards Council has recently published recommendations for ensuring that payment data and systems entrusted to third parties are maintained in a secure and compliant manner, in accordance with PCI-DSS...more

The EU Article 29 Working Party's Guidance on the "Legitimate Interest" Ground for Processing Personal Data

When precisely is a data controller lawfully permitted to process personal data? If a data controller does not have the consent of a data subject to process his or her data, when does the “legitimate interest”...more

Privacy Tuesday – August 2014

We are just two Mondays away from Labor Day, the traditional end of summer in the United States. Here are some privacy tidbits to get your week started. See especially Jake Romero’s piece on the new Delaware data...more

UPDATE: Germany to Tighten Data Protection Laws: Consumer Protection Associations and Trade Associations shall be Granted Right to...

As contemplated in the Newsflash in March 2014, the German Federal Ministry of Justice in June 2014 finally presented the new draft bill that allows consumer protection associations as well as trade associations to take...more

Canada’s Anti-Spam Legislation (CASL) Now in Effect

The purpose of this Client Advisory is to address the risks associated with sending commercial electronic messages without complying with the provisions of the Canada Anti-Spam Legislation of 2014 (the "CASL"), which was...more

Privacy & Cybersecurity Update - July 2014

In This Issue: - Treasury Secretary Calls for Increased Focus on Cybersecurity - New Requirements for ‘Cleared Intelligence’ Contractors - FTC Clarifies Verifiable Parental Consent Methods Under COPPA - Small...more

Eye on Privacy Newsletter - July 2014

In this issue: - Proposed California Law Would Impose Data Breach Liability on Retailers and Create More Stringent Data Security Requirements for Businesses - FTC Continues Its Aggressive FCRA Enforcement and...more

An Emboldened FTC: What Does It Mean for a Company’s Cybersecurity Team?

In April, Edith Ramirez, Chairwoman of the FTC, and Julie Brill, FTC Commissioner, tweeted: “Pleased the court recognized @FTC’s authority to hold biz accountable for safeguarding consumer data & look forward to trying this...more

477 Results
|
View per page
Page: of 20

Follow Privacy Updates on: