A federal district court in the Northern District of Illinois dismissed a putative class action alleging violations of the Illinois Biometric Information Privacy Act — known as the BIPA — holding that the allegation of a mere...more
On December 21, 2017, an Illinois appellate court issued an opinion that will significantly slow down the onslaught of putative class action lawsuits filed under Illinois’s Biometric Information Privacy Act (“BIPA”). In...more
It is the case that could define the scope of the U.S. Federal Trade Commission’s authority in data security. The U.S. Court of Appeals for the Eleventh Circuit heard argument six months ago in LabMD, Inc. v. Federal Trade...more
In this edition of our Privacy and Cybersecurity Update, we take a look at the Trump administration's executive order outlining its cybersecurity plans, Acting FTC Chairwoman Maureen Ohlhausen's comments on the possible...more
When data thieves steal payment card data, consumers suffer no legally cognizable injuries. Card issuers absorb the fraudulent charges and replace the affected cards. Because fraudulent charges are not billed to consumers,...more
On December 28, 2016, the New York Department of Financial Services ("DFS") released a revised version of a proposed regulation that would require banks, insurance companies, and other financial services institutions...more
In this edition of our Privacy & Cybersecurity Update, we take a look at the FCC's new rules for broadband privacy, the FTC's new playbook for data breach response and notification, the NHTSA's voluntary guidance for...more
In this edition of our Privacy & Cybersecurity Update, we discuss the revised Privacy Shield and what companies should be doing to prepare for the new program, the FTC's reinstatement of its LabMD case, the European...more
Last week, three commissioners from the Federal Trade Commission (FTC) held in In the Matter of LabMD, Inc. that a company’s failure to implement reasonable security measures to protect sensitive consumer information on its...more
The FTC has been a leader in enforcing cybersecurity issues in recent years, and just last week it issued a highly-anticipated decision on its authority to regulate cybersecurity as a form of unfair consumer practice under...more
Next term, the U.S. Supreme Court will decide whether Congress has the power to grant jurisdiction to plaintiffs who have suffered no concrete harm by authorizing them to sue based solely on violations of federal statutes....more
On Jan. 7, 2015, in Nucci v. Target Corp., et al, the District Court of Appeal of the State of Florida, Fourth District, upheld a lower court’s order compelling plaintiff Maria Nucci to produce photographs originally posted...more
Dismissing a class action based on a data breach, the Southern District of Texas added to the growing number of decisions that find an alleged risk of future identity theft due to a data breach is not an injury that creates...more