Credit Cards

News & Analysis as of

Third Circuit Affirms FTC Authority to Police Whether Companies Have Reasonable Data Security

Since at least 2005, the Federal Trade Commission has asserted that it may regulate lax data security practices as an “unfair” business practice under Section 5 of the FTC Act. The Wyndham hotel chain was the first to...more

Third Circuit to Wyndham (Part I): It's "Fair" that FTC Did Not Articulate Specific Cybersecurity Standards in Enforcement Action...

On Monday, the Third Circuit issued a highly anticipated opinion affirming the Federal Trade Commission's authority to regulate "unfair" cybersecurity practices under Section 5 of the FTC Act. In allowing the data breach...more

On the Reidentifiability of Credit Card Metadata

PLA today posts a link to “Unique in the Shopping Mall: On the Reidentifiability of Credit Card Metadata,” which concludes that card transaction data that was anonymized in conventional ways (e.g., by removing names and...more

UPDATE: Third Circuit Affirms FTC’s Data Security Authority in Wyndham

The U.S. Court of Appeals for the Third Circuit released its much-anticipated ruling in Federal Trade Commission v. Wyndham Worldwide Corp. on August 24, 2015, unanimously upholding the FTC’s authority to regulate companies’...more

Banks’ Class Certification Motion Trumpets Target Data Security Failings, Ignores Impact of Card Association Settlements

Card-issuing banks are forging ahead with their lawsuit against Target arising from the 2013 holiday shopping season data breach. Their July 1 motion for class certification has just been unsealed, allowing a glimpse at...more

New Guidance for Financial Institution Directors and Officers In Cybersecurity Preparedness

Earlier this summer, the Federal Financial Institutions Examination Council (FFIEC) released its highly anticipated Cybersecurity Assessment Tool (Assessment), which is designed to assist financial institutions in identifying...more

Target Reaches $67 Million Settlement with Visa over Data Breach Claims

More than a year-and-a-half after Target’s December 2013 announcement of a massive data breach, the retailer has reached an agreement with Visa, whereby it will reimburse Visa and certain affected card issuers up to $67...more

New Potential Liability for Data Security: U.S. Court of Appeals for the Third Circuit Announces FTC has Authority to Scrutinize a...

The U.S. Court of Appeals for the Third Circuit announced that the Federal Trade Commission (FTC) has the authority to scrutinize a business’s data security protocol -- and to file a complaint if the FTC finds that protocol...more

The Consumer Financial Protection Bureau's case against Citibank for violations relating to credit card add-on products

Today we’re taking a look at the CFPB’s recent enforcement case against Citibank, N.A. (“Citibank”) and two of Citibank’s subsidiaries, Department Stores National Bank (“DSNB”) and Citicorp Credit Services, Inc. (USA) (“CCSI...more

4 Thoughts On The Ashley Madison Hack

1. Should you post anything on the internet that you wouldn’t want to see on the front page of the New York Times? “No” used to be standard advice, but that isn’t practical any more. I do online banking, but that doesn’t mean...more

Privacy Tuesday – August 24, 2015 – FTC vs. Wyndham Update

Rather than our usual Privacy Monday “bits and bytes,” we have a breaking story relating to the ongoing Wyndham/FTC saga. Today, Wyndham Worldwide Corp. lost a critical round in the Third Circuit. Anticipated since...more

Web.com Suffers Data Breach Affecting 93,000 Customers

The list of companies hit by cyber-attacks continues to grow.  This time, Florida-based web hosting company, Web.com, has announced that it suffered a data breach that may have compromised credit card information and other...more

Summary of California Appellate Decisions -August 2015

Insurance; Duty To Defend; Insurance Coverage; Intentional Acts; Sexual Misconduct - Gonzalez v. Fire Insurance Exchange (2015) 234 Cal.App.4th 1220, 184 Cal.Rptr.3d 394 (WL 960927) - Facts: This is an...more

Data Dump! AshleyMadison.com Fallout Deepens

The Impact Team, the vigilante group behind the hacking of the infamous website AshleyMadison.com has followed through on its threat to leak the full database of the site’s users online. On Tuesday, August 18, 2015, an...more

Target and Visa Announce $67 Million Settlement

Last winter, following a well-publicized data breach, a group of financial institutions sued Target, arguing that Target should be held responsible for the damages that they had experienced as a result of the data breach...more

EMV Liability Shift Update – What Liability Actually Shifts?

With the October 1, 2015 liability shift deadline looming, merchants who have not yet made the change continue to evaluate the cost of accepting EMV cards versus the liability that will shift from the issuer to the merchant...more

Target and Visa reach $67M settlement

Visa, Inc. announced on August 18th that it has reached a settlement with Target for $67 million to reimburse Visa for costs associated with the Target data breach in late 2013, including issuing millions of new cards to...more

CFPB enters into consent order with company charged with deceptive health care credit enrollment practices

The CFPB has entered into a consent order with Springstone Financial, LLC to settle charges that the company was responsible for alleged deceptive and misleading acts and practices in connection with enrolling consumers in a...more

DoD Releases Final Military Lending Act Regulations

The Department of Defense (DoD) released its final rule amending the implementing regulations of the Military Lending Act (MLA), incorporating a broader range of credit products under its coverage and potentially implicating...more

Credit Card Fraud Liability Shift Looms for Retail Industry

On October 1, 2015, a substantial portion of the liability associated with in-store fraudulent credit card purchases will shift from credit card issuers, such as banks or credit unions, to retail merchants. Credit card...more

Checklist for Businesses that Handle Credit/Debit Cards

If your business client accepts credit or debit card payments, it’s subject to the Payment Card Industry Data Security Standards (PCI DSS), which consists of a set of industry tools and measurements to assist in the safe...more

FDCPA Bona Fide Error Defense Held Applicable to Statute-of-Limitation Mistakes of Law

Following the Supreme Court’s ruling in Jerman v. Carlisle, McNellie, Rini, Kramer & Ulrich LPA, 559 U.S. 573 (2010), it is clear that the bona fide error defense set forth in section 1692k(c) of the Fair Debt Collection...more

Something Else to Complain About: CFPB to Share Monthly "Snapshot" of Consumer Complaints

Why it matters - Already unhappy with the Consumer Financial Protection Bureau's (CFPB) creation of a public database of complaints featuring consumer narratives, financial institutions now have even more to worry about:...more

Seventh Circuit Petitioned for Rehearing En Banc to Determine Whether Data Breach Class Claims Survive Clapper, Satisfy Article...

In January 2014, luxury retailer Neiman Marcus disclosed that it had suffered a cyberattack in which hackers may have gained access to 350,000 credit and debit cards used at its stores in late 2013. Plaintiffs, all of whom...more

Fred’s Inc. discloses data breach to SEC

In its most recent filing with the Securities and Exchange Commission (SEC), Fred’s Inc. disclosed this week that a security firm found malware in its system that was designed to lift customer credit card information....more

350 Results
|
View per page
Page: of 14

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×