Privacy Consumer Protection

Read Privacy Law updates, news, and legal commentary from leading lawyers and law firms:
News & Analysis as of

Taking Measure of HIPAA Enforcement

Last month, the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) announced the largest settlement to date for alleged violations of the Health Insurance Portability and Accountability Act (HIPAA)....more

New York DFS Proposes New Cybersecurity Regulations

Earlier this month, the New York State Department of Financial Services (“DFS”) announced proposed cybersecurity regulations for financial institutions. This proposal is, according to Governor Cuomo, a “new...more

Federal and State Authorities Take First Steps Toward Regulating Blockchain, Mobile Banking and Digital Financial Services

Last week, federal and state lawmakers took significant steps toward specific regulations targeting digital financial technology, mobile banking and cybersecurity, signaling the possibility of wholesale changes to the legal...more

Cruise Line to Pay up to $76 Million to Settle TCPA Violations

Caribbean Cruise Line Inc., The Berkley Group Inc., and Vacation Ownership Marketing Tours, Inc. settled a Telephone Consumer Protection Act (TCPA) class action last week for up to $76 million (and not less than $56 million)....more

N.Y. Moves Ahead with Proposed Cybersecurity Regulations for Financial Institutions

The New York Department of Financial Services (NYDFS) will require all institutions subject to NYDFS supervision to establish and maintain a cybersecurity program meeting "certain regulatory minimum standards." All financial...more

Sixth Circuit Rules That Theft of PII from Insurance Company Results in Article III Standing

In its recent decision in Galaria v. Nationwide Mut. Ins. Co., no. 15-3386 (6th Cir. Sept. 12, 2016). Co., No. 15-3386 (6th Cir. Sept. 12, 2016), a divided Sixth Circuit panel held that plaintiffs had standing to assert...more

LabMD Seeks To Stay FTC Decision Related To Evidence Of Consumer Harm Pending Appeal

LabMD—a medical testing lab that, the Federal Trade Commission (“FTC”) alleged, exposed consumer personal information through a peer-to-peer (“P2P”) file-sharing network—is now seeking a stay pending its appeal of the FTC’s...more

Auto-ISAC Pushes To Protect Internet-Enabled Connected Cars

In July 2016, the nonprofit Automotive Information Sharing and Analysis Center (“Auto-ISAC”) released a series of auto cybersecurity best practices to collectively address cyber threats that could pose unreasonable risks to...more

September Privacy and Security Updates

Although National Cyber Security Month isn’t until October, September has brought plenty of privacy and security updates that health care companies need to be aware of. In this post, we review guidance from the Office for...more

Don’t Ignore Ransomware Vulnerabilities; You Could Be Violating FTC Act

Last week, the Federal Trade Commission convened a ransomware workshop to discuss the rising epidemic of attacks against U.S. businesses and individuals. In a ransomware attack, a malicious actor tricks a user into...more

Three Actions to Take If You Are a Victim Of Identity Theft

You may be a victim of identity theft and not even realize it. Have you received a letter from a bank you do not recognize confirming that your new line of credit has been approved? Or maybe a phone call from a credit card...more

Regulator Issues Report On Russia’s Data Localization Rules

On September 1, 2016, Russia’s Federal Service for Supervision in the Sphere of Connection, Informational Technologies and Mass Communications (“Roskomnadzor”) issued a report summarizing the results of implementation and...more

FTC sets new standard for mobile app location tracking – indirectly

If you have wondered how users' physical locations can be tracked when they use mobile devices, a new white paper explains the process. It's actually an FTC complaint, and thus a white paper only indirectly. But...more

Consumer Agreement Audits: Reduce Risk Posed by Financial Aggregators and Cyber Attacks

Has your banking organization conducted its annual review of its electronic banking agreements? If you haven’t, your organization may want to consider whether revisions are required to your bank’s deposit agreements, online...more

Bavarian Data Protection Authority issues new guidance paper on sanctions under the General Data Protection Regulation

On 1 September 2016, the Bavarian Data Protection Authority (“DPA”) issued a new guidance paper on sanctions under the new EU General Data Protection Regulation (“GDPR”) in the course of a series of non-binding guidance...more

’Privacy Shield’ Replacing Invalidated EU-US Safe Harbor Agreement is Open for Business, but Challenges to its Validity are...

The Safe Harbor agreement between the European Union and the United States permitted American businesses to import personal data of EU citizens based on self-certification of compliance with EU data protection principles....more

FTC Round-Up: NIST Framework Compliance Is Not Enough and Looming Ransomware Enforcement Activity

On August 31st and September 7th, 2016, the Federal Trade Commission (FTC) provided guidance regarding cybersecurity standards, which companies should consider when assessing their current data security posture....more

FTC Makes Clear that NIST Cyber Framework is Not a Cure-All

Last week, the FTC published a blog post titled The NIST Cybersecurity Framework and the FTC, in which the agency issued a nuanced answer to an oft-asked question: “If I comply with the NIST Cybersecurity Framework, am I...more

Complaint Alleges T-Mobile and Subway Violated TCPA

On September 6, 2016, a putative class action lawsuit was filed in the United States District Court for the Western District of Washington by two plaintiffs alleging that T-Mobile USA, Inc. (“T-Mobile”) and Subway Sandwich...more

[Event] Transatlantic data: What U.S. companies need to know about the GDPR and EU data privacy laws - September 29th, Chicago,...

The clock is ticking for the international business community to ensure compliance with the European General Data Protection Regulation, which was adopted this year and comes into full effect in May 2018....more

The Early Days of the EU-U.S. Privacy Shield: Should Your Organization Self-Certify?

On August 1, 2016, the U.S. Department of Commerce began accepting self-certification applications for the new EU-U.S. Privacy Shield Framework. In the month that has followed over 100 companies (including Microsoft, Oracle...more

VPPA Suit Over Sharing Users’ Video-Viewing Data Continues as Gannett’s Motion to Dismiss Is Denied

In a case demonstrating the ongoing difficulties of applying the Spokeo decision to interpret injury-in-fact, a Massachusetts federal court last week denied a motion to dismiss by USA Today parent company, Gannett Satellite...more

California Federal Court Dismisses TCPA Claims for Lack of Article III Standing

A plaintiff did not have Article III standing to assert claims under the Telephone Consumer Protection Act (TCPA) for alleged autodialed calls made to her without her consent, a California federal district court recently...more

Summer Round-Up: Four States Bolster Data Breach Notification Laws and More Changes on the Way

As has become typical in the data security space, there was quite a bit of activity in state legislatures over the previous year concerning data breach notification statutes. Lawmakers are keenly aware of the high profile...more

Which U.S. Businesses Must Comply with EU Data Protection Laws?

What the recent Amazon decision tells us - On 28 July 2016, the European Court of Justice rendered a decision in a dispute between an Austrian Consumer Protection organization known as VKI (Verein für...more

4,544 Results
|
View per page
Page: of 182

Follow Privacy Updates on:

JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×