Data Security

News & Analysis as of

FTC Can Regulate Cybersecurity Practices, Third Circuit Rules

The Federal Trade Commission (FTC) can regulate cybersecurity policies and procedures as “unfair” acts or practices under Section 5 of the FTC Act, the U.S. Court of Appeals for the Third Circuit has ruled in a very important...more

Special Alert: Third Circuit Gives FTC Green Light to Continue Enforcing Corporate Data Security

Last week, the U.S. Court of Appeals for the Third Circuit affirmed the Federal Trade Commission’s authority to hold companies accountable for their data security practices under Section 5 of the FTC Act (15 U.S.C. § 45(a)),...more

Also In the News - Data, Privacy, & Security Practice Report - August 2015

King & Spalding Client Alert On Unprecedented Hacking And Trading Scheme — On August 11, 2015, prosecutors in the District of New Jersey and the Eastern District of New York unsealed indictments against several individuals...more

DoD New Cyber Security Reporting Rules for Contractors

In a move that highlights the changing winds of federal cybersecurity policy, the Department of Defense (“DoD”) has issued an interim Rule (“Rule”) that imposes new security and reporting requirements on federal contractors,...more

The Legal Lessons of Data Breaches

Every business would love to find a fortune teller to give it insight into what trends to follow, which risks to take, and when “exposure” will convert to liability. Some clients might say that, unfortunately, their lawyers...more

Security Frameworks 101: Which is Right for my Organization?

These days information security is on the minds of virtually all technology professionals and business executives alike. But how does an organization ensure that their security profile is adequate. It can certainly help to...more

Federal appeals court confirms FTC authority to regulate cybersecurity policies and procedures

Banks and other companies subject to the CFPB’s jurisdiction face the possibility that the CFPB could begin using its authority under Sections 1031 and 1036 of the Dodd-Frank Act (which proscribe unfair, deceptive or abusive...more

Federal Appeals Court Recognizes for the First Time the FTC’s Authority to Enforce Cybersecurity Practices

On August 24, 2015, the Third Circuit Court of Appeals issued a much-awaited decision in FTC v. Wyndham Worldwide Corporation, holding that the Federal Trade Commission (FTC) has authority to regulate “unfair” or “deceptive”...more

NIST issues Cybersecurity Practice Guide for Electric Utilities

Yesterday, the National Cybersecurity Center of Excellence issued its NIST Cybersecurity Practice Guide, Draft Special Publication 1800-2 “Identity and Access Management for Electric Utilities.” The Guide is a result of...more

Ashley Madison Fallout: Class Actions, Pentagon investigation and easily searchable data

We previously reported that hackers The Impact Team had posted legitimate detailed information about 36 million adultery website Ashley Madison users. In the wake of the shocking posting of the data last week, two class...more

Privacy in financial markets, not to be ignored

The Article 29 Working Party published a letter it sent to the European Commission urging it to consider the data protection and privacy issues when adopting the secondary regulations (‘Regulations’) necessary to implement...more

Social networking service, MeetMe, Inc., settles minors’ privacy violations for $200,000

On August 19, 2015, MeetMe, Inc. (MeetMe), a social networking website and mobile app, agreed to pay $200,000 and to change its privacy policies to settle a lawsuit alleging that MeetMe distributed teenagers’ geolocation and...more

OPM Faces Another Class Action For The Theft Of Data Affecting 21.5 Million Current, Former And Prospective Government Employees

On August 14, 2015, a class action was filed in the United States District Court for the District of Columbia on behalf of about 21.5 million federal employees, contractors, and job applicants whose personal information was...more

FTC issues statement on its enforcement abilities under § 5 of the FTC Act

On August 13, 2015, the Federal Trade Commission (FTC) issued a statement on its ability to prosecute ‘unfair trade practices’ and enforce violations under § 5 of the FTC Act. The guidance said: Section 5’s ban on...more

DoD's New Cybersecurity and Cloud Standards and Reporting Requirements

The Department of Defense (DoD) released interim rules implementing provisions of the 2013 and 2015 National Defense Authorization Acts. The rules, released on Aug. 26, 2015, are effective immediately and establish the...more

Connected and Autonomous Vehicles - Moving Forward in High Gear

This is my second and final installment in reporting on the Center for Automotive Research (CAR)’s 50th annual “Management Briefing Seminars” conference held earlier this month in Traverse City, Michigan....more

Third Circuit affirms FTC’s jurisdiction over security practices in Wyndham case

In a strongly worded opinion, the Third Circuit Court of Appeals on Monday slammed Wyndham Worldwide Corporation’s arguments that the FTC did not have jurisdiction to enforce the security practices of businesses following a...more

3rd Circuit Says: FTC Can Take Action Against Companies That Suffer Data Security Breaches

Companies can be fined by the federal government for failing to properly safeguard consumer data, according to a decision this week by Pennsylvania's federal appellate court....more

Defense Department Issues Interim Rule Requiring Contractor and Subcontractor Reporting of Cyber Incidents

On August 26, 2015, the Department of Defense (DoD) published a long-awaited Interim Rule amending the Defense Federal Acquisition Regulation Supplement (DFARS) to require “rapid” reporting of “cyber incidents” that result in...more

Brazil’s proposed privacy laws raise public concern

The Brazilian government’s proposal for Brazil’s first data protection framework (‘the Proposal’) hit a stumbling block after major concerns were raised in public comments. After the public consultation period ended,...more

Third Circuit Not Hospitable to Wyndham, Upholds FTC’s Broad Powers to Regulate Cybersecurity

Over one year ago, our colleague Chris Hart argued that the District of New Jersey court’s decision in FTC v. Wyndham Worldwide Corp. et. al., No. 13-1887-ES, “point[ed] to the possibility that the FTC has potentially broad...more

The IRS Acknowledges Data Breach Worse Than Reported

On August 17, 2015, the Internal Revenue Service (“IRS”) announced that a breach of U.S. taxpayers’ personal information, first disclosed in May, was three times worse than previously thought. While initial reports indicated...more

Advertising Law - August 2015 #4

In Case You Missed It: Possible Jail Time for TCPA Violations, Microsoft Gets Slammed With Solicitation Scam Class Action, and 'Do Not Disturb' Technology Gets Pushed on FCC - The world of the Telephone Consumer...more

A Primer on Russia’s New Data Localization Law

Privacy and data security professionals worldwide should circle September 1 on their calendars, as it’s the day Russia’s new data localization law goes into effect – and possibly generates major waves far beyond Russian...more

Legal Insights on the Ashley Madison Hack: Part II

As more names emerge from the dark web data dump of Ashley Madison customers, lawyers around the globe have found a very willing group of would-be plaintiffs. Interestingly, all of these plaintiffs are named “Doe,” which must...more

197 Results
|
View per page
Page: of 8

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×