Data Protection Cybersecurity

News & Analysis as of

DoD New Cyber Security Reporting Rules for Contractors

In a move that highlights the changing winds of federal cybersecurity policy, the Department of Defense (“DoD”) has issued an interim Rule (“Rule”) that imposes new security and reporting requirements on federal contractors,...more

The Legal Lessons of Data Breaches

Every business would love to find a fortune teller to give it insight into what trends to follow, which risks to take, and when “exposure” will convert to liability. Some clients might say that, unfortunately, their lawyers...more

Security Frameworks 101: Which is Right for my Organization?

These days information security is on the minds of virtually all technology professionals and business executives alike. But how does an organization ensure that their security profile is adequate. It can certainly help to...more

Federal appeals court confirms FTC authority to regulate cybersecurity policies and procedures

Banks and other companies subject to the CFPB’s jurisdiction face the possibility that the CFPB could begin using its authority under Sections 1031 and 1036 of the Dodd-Frank Act (which proscribe unfair, deceptive or abusive...more

FTC v. Wyndham: The Litigation Goes On, But Other Lessons To Learn

It’s fair to say that the opinion by the Third Circuit Court of Appeals in FTC v. Wyndham was a set-back for Wyndham, but for businesses it may be just the right wake-up call....more

Federal Appeals Court Recognizes for the First Time the FTC’s Authority to Enforce Cybersecurity Practices

On August 24, 2015, the Third Circuit Court of Appeals issued a much-awaited decision in FTC v. Wyndham Worldwide Corporation, holding that the Federal Trade Commission (FTC) has authority to regulate “unfair” or “deceptive”...more

Privacy in financial markets, not to be ignored

The Article 29 Working Party published a letter it sent to the European Commission urging it to consider the data protection and privacy issues when adopting the secondary regulations (‘Regulations’) necessary to implement...more

DoD's New Cybersecurity and Cloud Standards and Reporting Requirements

The Department of Defense (DoD) released interim rules implementing provisions of the 2013 and 2015 National Defense Authorization Acts. The rules, released on Aug. 26, 2015, are effective immediately and establish the...more

Third Circuit affirms FTC’s jurisdiction over security practices in Wyndham case

In a strongly worded opinion, the Third Circuit Court of Appeals on Monday slammed Wyndham Worldwide Corporation’s arguments that the FTC did not have jurisdiction to enforce the security practices of businesses following a...more

3rd Circuit Says: FTC Can Take Action Against Companies That Suffer Data Security Breaches

Companies can be fined by the federal government for failing to properly safeguard consumer data, according to a decision this week by Pennsylvania's federal appellate court....more

Defense Department Issues Interim Rule Requiring Contractor and Subcontractor Reporting of Cyber Incidents

On August 26, 2015, the Department of Defense (DoD) published a long-awaited Interim Rule amending the Defense Federal Acquisition Regulation Supplement (DFARS) to require “rapid” reporting of “cyber incidents” that result in...more

Third Circuit Not Hospitable to Wyndham, Upholds FTC’s Broad Powers to Regulate Cybersecurity

Over one year ago, our colleague Chris Hart argued that the District of New Jersey court’s decision in FTC v. Wyndham Worldwide Corp. et. al., No. 13-1887-ES, “point[ed] to the possibility that the FTC has potentially broad...more

The IRS Acknowledges Data Breach Worse Than Reported

On August 17, 2015, the Internal Revenue Service (“IRS”) announced that a breach of U.S. taxpayers’ personal information, first disclosed in May, was three times worse than previously thought. While initial reports indicated...more

Legal Insights on the Ashley Madison Hack: Part II

As more names emerge from the dark web data dump of Ashley Madison customers, lawyers around the globe have found a very willing group of would-be plaintiffs. Interestingly, all of these plaintiffs are named “Doe,” which must...more

Data Security Issues in the Workplace: It’s 10:00 p.m. – Do You Know Where Your Company’s Data Is?

It seems that not a day goes by without another massive data breach incident providing fodder for the morning headlines or the evening news. That should come as no surprise. According to key studies, the average company...more

Back to School – HIPAA 101

After a summer that saw major data breaches at the Office of Personnel Management and UCLA Health System, this fall is a great time to take your organization back to school on HIPAA compliance and data security. Here are...more

The FTC Continues to Flex its Safe Harbor Enforcement Muscles

On August 17, 2015, the Federal Trade Commission (FTC) announced settlements with 13 companies on charges that they misled consumers by claiming that they were certified members of the U.S.-EU or U.S.-Swiss Safe Harbor...more

Third Circuit Affirms FTC Authority to Police Whether Companies Have Reasonable Data Security

Since at least 2005, the Federal Trade Commission has asserted that it may regulate lax data security practices as an “unfair” business practice under Section 5 of the FTC Act. The Wyndham hotel chain was the first to...more

Third Circuit to Wyndham (Part I): It's "Fair" that FTC Did Not Articulate Specific Cybersecurity Standards in Enforcement Action...

On Monday, the Third Circuit issued a highly anticipated opinion affirming the Federal Trade Commission's authority to regulate "unfair" cybersecurity practices under Section 5 of the FTC Act. In allowing the data breach...more

Legal Insights on the Ashley Madison Hack: Part I

Internet commenters and legal analysts alike are buzzing about the Ashley Madison hack. The website -- which billed itself as a networking site for anyone who wanted to discretely arrange an extramarital affair -- has already...more

Under the Thumb: Regulatory Compliance When Outsourcing Cybersecurity Management

Managed security services are often a natural “add-on” when outsourcing IT services given that data protection is integral to application development, software as a service, and cloud storage, among other services. More...more

UPDATE: Third Circuit Affirms FTC’s Data Security Authority in Wyndham

The U.S. Court of Appeals for the Third Circuit released its much-anticipated ruling in Federal Trade Commission v. Wyndham Worldwide Corp. on August 24, 2015, unanimously upholding the FTC’s authority to regulate companies’...more

FCC Settles First Data Security Enforcement Action

On July 9, 2015, the Federal Communications Commission settled its first data security case with two related telecommunications carriers – TerraCom, Inc. and YourTel America, Inc. – for $3.5 million. The settlement resolves...more

Third Circuit Upholds FTC’s Authority in Wyndham Case

On August 24, 2015, the Third Circuit, in a highly anticipated ruling, upheld a 2014 New Jersey District Court decision that the FTC has authority under section 5 of the FTC Act to regulate “unfair” data security practices...more

Banks’ Class Certification Motion Trumpets Target Data Security Failings, Ignores Impact of Card Association Settlements

Card-issuing banks are forging ahead with their lawsuit against Target arising from the 2013 holiday shopping season data breach. Their July 1 motion for class certification has just been unsealed, allowing a glimpse at...more

916 Results
|
View per page
Page: of 37

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×