Data Security Personally Identifiable Information

News & Analysis as of

3rd Circuit Says: FTC Can Take Action Against Companies That Suffer Data Security Breaches

Companies can be fined by the federal government for failing to properly safeguard consumer data, according to a decision this week by Pennsylvania's federal appellate court....more

Third Circuit Not Hospitable to Wyndham, Upholds FTC’s Broad Powers to Regulate Cybersecurity

Over one year ago, our colleague Chris Hart argued that the District of New Jersey court’s decision in FTC v. Wyndham Worldwide Corp. et. al., No. 13-1887-ES, “point[ed] to the possibility that the FTC has potentially broad...more

The IRS Acknowledges Data Breach Worse Than Reported

On August 17, 2015, the Internal Revenue Service (“IRS”) announced that a breach of U.S. taxpayers’ personal information, first disclosed in May, was three times worse than previously thought. While initial reports indicated...more

Advertising Law - August 2015 #4

In Case You Missed It: Possible Jail Time for TCPA Violations, Microsoft Gets Slammed With Solicitation Scam Class Action, and 'Do Not Disturb' Technology Gets Pushed on FCC - The world of the Telephone Consumer...more

A Primer on Russia’s New Data Localization Law

Privacy and data security professionals worldwide should circle September 1 on their calendars, as it’s the day Russia’s new data localization law goes into effect – and possibly generates major waves far beyond Russian...more

Legal Insights on the Ashley Madison Hack: Part II

As more names emerge from the dark web data dump of Ashley Madison customers, lawyers around the globe have found a very willing group of would-be plaintiffs. Interestingly, all of these plaintiffs are named “Doe,” which must...more

Third Circuit Affirms FTC Authority to Police Whether Companies Have Reasonable Data Security

Since at least 2005, the Federal Trade Commission has asserted that it may regulate lax data security practices as an “unfair” business practice under Section 5 of the FTC Act. The Wyndham hotel chain was the first to...more

Legal Insights on the Ashley Madison Hack: Part I

Internet commenters and legal analysts alike are buzzing about the Ashley Madison hack. The website -- which billed itself as a networking site for anyone who wanted to discretely arrange an extramarital affair -- has already...more

FCC Settles First Data Security Enforcement Action

On July 9, 2015, the Federal Communications Commission settled its first data security case with two related telecommunications carriers – TerraCom, Inc. and YourTel America, Inc. – for $3.5 million. The settlement resolves...more

Third Circuit Upholds FTC’s Authority in Wyndham Case

On August 24, 2015, the Third Circuit, in a highly anticipated ruling, upheld a 2014 New Jersey District Court decision that the FTC has authority under section 5 of the FTC Act to regulate “unfair” data security practices...more

Banks’ Class Certification Motion Trumpets Target Data Security Failings, Ignores Impact of Card Association Settlements

Card-issuing banks are forging ahead with their lawsuit against Target arising from the 2013 holiday shopping season data breach. Their July 1 motion for class certification has just been unsealed, allowing a glimpse at...more

Third Circuit Affirms FTC’s Authority Over Companies’ Cybersecurity Practices

In a test of the Federal Trade Commission’s authority to police cybersecurity, the Third Circuit Court of Appeals yesterday ruled that the agency has broad power to take action against private sector companies which fail to...more

Target Reaches $67 Million Settlement with Visa over Data Breach Claims

More than a year-and-a-half after Target’s December 2013 announcement of a massive data breach, the retailer has reached an agreement with Visa, whereby it will reimburse Visa and certain affected card issuers up to $67...more

New Potential Liability for Data Security: U.S. Court of Appeals for the Third Circuit Announces FTC has Authority to Scrutinize a...

The U.S. Court of Appeals for the Third Circuit announced that the Federal Trade Commission (FTC) has the authority to scrutinize a business’s data security protocol -- and to file a complaint if the FTC finds that protocol...more

Privacy Tuesday – August 24, 2015 – FTC vs. Wyndham Update

Rather than our usual Privacy Monday “bits and bytes,” we have a breaking story relating to the ongoing Wyndham/FTC saga. Today, Wyndham Worldwide Corp. lost a critical round in the Third Circuit. Anticipated since...more

Web.com Suffers Data Breach Affecting 93,000 Customers

The list of companies hit by cyber-attacks continues to grow.  This time, Florida-based web hosting company, Web.com, has announced that it suffered a data breach that may have compromised credit card information and other...more

Canada’s amendments to PIPEDA now largely in force

Canada’s Personal Information Protection and Electronic Documents Act (“PIPEDA”) has been amended by The Digital Privacy Act (the “DPA”). DPA updates PIPEDA and modernizes Canadian data privacy and security law. DPA is now...more

Mobile Health Devices and Cybersecurity: Federal Guidance for Management of Threats in Medical Devices

New Technology = New Threats - With new technology comes new security concerns. But when that new technology is in the medical field, the cybersecurity vulnerabilities can be particularly devastating. The...more

Six Ways for Data-Driven Medical Device Companies to Implement Effective Privacy and Security Measures

The increasing amounts of health information being generated, stored and collected have heightened the special risks medical device manufacturers have long faced. In addition to the nexus to patient health and safety, if a...more

Data processing company hit with class action lawsuit for data breach and Judge denies class certification the next day

Advanced Data Processing, Inc. and Intermedix Corp. were sued in federal court in Florida last week for violating the Health Insurance Portability and Accountability Act (HIPAA) for failing to protect the health information...more

CareFirst BlueCross BlueShield sued for hacking incident

Not to be left out, plaintiffs filed suit against CareFirst BlueCross Blue Shield late last week for the hacking incident the insurer suffered in May, which resulted in unknown intruders gaining access to names, dates of...more

Cybersecurity for Startups Now a Cost of Entry for Consideration by Larger Clients: What is Your Company's Plan?

For technology startups, maintaining strong security controls remains vital to winning new business opportunities and strengthening existing relationships. Despite the global spike in cybersecurity attacks (there were 42.8...more

The ABCs of COPPA Compliance

In today’s environment – when data breaches seem to be in the news nearly every day – the media, regulators and many others are hyper-focused on privacy issues. Schools and educational institutions are no exception when it...more

House Judiciary Subcommittee Holds Hearing On The Internet Of Things

In a July 29, 2015 hearing, lawmakers asked a panel of witnesses—all industry representatives—about the current and future challenges facing the Internet of Things, and what role, if any, Congress should play in addressing...more

California, Nevada Expand Scope of Customer Personal Information Subject to Reasonable Security Measures

Recent statutory amendments passed in California and Nevada expanding the definition of “personal information” will significantly impact the security measures businesses operating in these states must implement when handling...more

78 Results
|
View per page
Page: of 4

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×