In this issue:

- Proposed California Law Would Impose Data Breach Liability on Retailers and Create More Stringent Data Security Requirements for Businesses

- FTC Continues Its Aggressive FCRA Enforcement and Ninth Circuit Lowers Standing Threshold in FCRA Cases

- President's Counselor Makes Recommendations on Privacy and Other Values in Big Data Age

- EU Data Protection Regulators Issue Several Opinions on Key EU Data Protection Issues

- FCC Clarifies That Consent May Be Provided by Intermediary for Informational Text Messages

- The Wyndham Rulings and the FTC's Leadership on Data Security Enforcement

- Privacy & Data Security Risk Assessments: An Overview

- Excerpt from Proposed California Law Would Impose Data Breach Liability on Retailers and Create More Stringent Data Security Requirements for Businesses:

A proposed California law, the Consumer Data Breach Protection Act (A.B. 1710),1 has the potential to upend the calculus of determining liability after retail data breaches, create additional data security requirements for retailers and other consumer-facing businesses operating in California, and establish new standards for data breach reporting for breaches affecting California residents. The bill, introduced by California State Assemblymen Bob Wieckowski and Roger Dickinson in February 2014 and currently pending before the California Assembly Committee on the Judiciary, may in part represent an effort to respond to the recent data breaches affecting Target Corp. and Neiman Marcus Ltd., and aims to strengthen one of the most prescriptive state statutes already in existence.