Data Breach Privacy Policy

News & Analysis as of

California Passes Four Bills Amending Breach Notification Law and Requiring Warrant to Access Digital Data

Last week was a big one for California’s privacy regime. In a landmark move, Governor Jerry Brown signed into law four bills further protecting Californians’ privacy rights: three strengthen the state’s data breach...more

Three Privacy Policies Every Company Should Have in 2016

As we have reached the 4th quarter of 2015, many companies are actively planning for the next calendar year. In the last 12 months, privacy law has become a “front burner” issue for many companies....more

School Districts to Undergo Cybersecurity Audit

Missouri Auditor Nicole Galloway recently announced plans to conduct cybersecurity audits of five school districts. Coinciding with National Cybersecurity Awareness Month, the audits are intended to reveal how school...more

SEC Steps Up Cybersecurity Enforcement

September has been a busy month for the SEC in addressing cybersecurity. In the span of a week, the SEC issued a new alert in connection with its cybersecurity examination of Wall Street firms, entered a Cease and Desist...more

What is reasonable? The emerging legalities of cybersecurity post-Wyndham

This month’s edition of the Advanced Cyber Security Center’s newletter includes my discussion of lessons to be learned from the Wyndham decision: Historically, security was an issue reserved in a back room for the IT...more

The SEC OCIE Announces Increased Scrutiny of Broker-Dealers’ and Investment Advisers’ Cybersecurity Programs

On September 15, 2015, the Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (OCIE) issued a National Exam Program Risk Alert (2015 Risk Alert) to provide broker-dealers and investment...more

Huge fine of nearly U.S. $2 million levied on Mexican bank after data breach

In early September, Mexico’s data protection authority, the National Transparency, Information Access and Data Protection Institute (INAI), issued a fine of 32 million pesos (U.S. $1.95 million) to Mexican bank Grupo...more

SEC Releases First Cybersecurity Enforcement Action for Failure to Protect Client Data

The SEC’s focus in the action was not on the manner of the firm’s responses to the breach or whether there was any actual harm, but predominantly on the adequacy of the firm’s written policies for safeguarding customer...more

Just Like Neiman Case, FTC v. Wyndham Decision Not All It’s Cracked Up to Be

Back on July 20 this year, the Seventh Circuit Court of Appeals decided Remijas v. Neiman Marcus, leading a chorus of pundits to declare that case changed everything when it comes to data breach cases, signaling a “new tilt...more

Advertising Law - September 2015

Third Circuit Affirms FTC's Power to Regulate Data Security Practices - Affirming the power of the Federal Trade Commission to regulate corporate cybersecurity, the Third Circuit Court of Appeals held that the agency may...more

Are Your Directors Talking Enough About Privacy and Data Security?

The number of companies suffering data breaches, and the average cost associated with each incident, continues to rise. According to the Ponemon Institute’s 2014 Cost of Data Breach Study: Global Analysis, the average...more

$750,000 Settlement Agreement Reiterates Importance of HIPAA Security Rule Compliance

On September 2, 2015, the U.S. Department of Health and Human Services ("HHS") announced that it had entered into a Settlement Agreement with an Indiana-based medical practice for alleged violations of the Health Insurance...more

Also In the News - Data, Privacy, & Security Practice Report - August 2015

King & Spalding Client Alert On Unprecedented Hacking And Trading Scheme — On August 11, 2015, prosecutors in the District of New Jersey and the Eastern District of New York unsealed indictments against several individuals...more

Rocky Road Ahead for Ashley Madison after Widespread Damage Arising from Disclosure of Personal Information

Ashley Madison, the self-described “world's leading married dating service for discreet encounters” is the latest high-profile social media website to sustain a cyberattack. Established to provide an opportunity for married...more

Illinois Governor Vetoes Expansion of Breach Notice Requirements

A recent attempt by the Illinois legislature to significantly expand the scope of the Illinois data breach notification legislation was vetoed by Governor Rauner. As passed by the General Assembly, Illinois Senate Bill 1833...more

Third Circuit affirms FTC’s jurisdiction over security practices in Wyndham case

In a strongly worded opinion, the Third Circuit Court of Appeals on Monday slammed Wyndham Worldwide Corporation’s arguments that the FTC did not have jurisdiction to enforce the security practices of businesses following a...more

U.S. Appeals Court Upholds the FTC’s Authority to Police Cybersecurity Practices

In a highly anticipated and precedential opinion issued earlier this week, the Third Circuit Court of Appeals upheld the FTC’s authority to regulate corporate cybersecurity. The decision in Federal Trade Commission v Wyndham...more

Appellate Court Confirms the FTC’s Power to Regulate Cybersecurity

In a highly-anticipated decision, the U.S. Court of Appeals for the Third Circuit has ruled in FTC v. Wyndham Worldwide Corporation that the Federal Trade Commission (“FTC”) is authorized to pursue lawsuits against those who...more

From Bad to Worse for Wyndham

Lawyers often say “bad facts make bad law”. Combine that with weak legal arguments and, well, things can get really bad, really fast. That’s precisely what happened to Wyndham yesterday when the Third Circuit affirmed a...more

New Potential Liability for Data Security: U.S. Court of Appeals for the Third Circuit Announces FTC has Authority to Scrutinize a...

The U.S. Court of Appeals for the Third Circuit announced that the Federal Trade Commission (FTC) has the authority to scrutinize a business’s data security protocol -- and to file a complaint if the FTC finds that protocol...more

Privacy Tuesday – August 2015: Three Bytes for End of Summer

It’s Privacy Tuesday again – and summer is winding down. Here are three bytes of privacy/security information to start your week...more

Cybersecurity for Startups Now a Cost of Entry for Consideration by Larger Clients: What is Your Company's Plan?

For technology startups, maintaining strong security controls remains vital to winning new business opportunities and strengthening existing relationships. Despite the global spike in cybersecurity attacks (there were 42.8...more

Ashley Madison and Coming to “Terms” with Data Protection

A recent massive data hack of an online dating site Ashley Madison once again proves that what one publishes, says, or does online, even in seemingly private forums, is never completely private. It’s also a reminder that the...more

State Law Roundup: Legislatures Across the U.S. Revamp Data Breach Notification Laws

As the number of highly publicized data breaches continues to skyrocket and proposals for a federal data breach notification law stagnate, state legislatures around the country have been busy amending their own breach...more

Cybersecurity is once again a hot topic as Illinois undergoes PIPA update

Cybersecurity is a hot topic at both the state and federal level. Specifically, Illinois is in the process of amending its Personal Information Protection Act (“PIPA”). Illinois SB 1833 will amend PIPA by establishing more...more

84 Results
View per page
Page: of 4

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.