Personally Identifiable Information

News & Analysis as of

A Primer on Russia’s New Data Localization Law

Privacy and data security professionals worldwide should circle September 1 on their calendars, as it’s the day Russia’s new data localization law goes into effect – and possibly generates major waves far beyond Russian...more

Legal Insights on the Ashley Madison Hack: Part II

As more names emerge from the dark web data dump of Ashley Madison customers, lawyers around the globe have found a very willing group of would-be plaintiffs. Interestingly, all of these plaintiffs are named “Doe,” which must...more

Third Circuit Affirms FTC Authority to Police Whether Companies Have Reasonable Data Security

Since at least 2005, the Federal Trade Commission has asserted that it may regulate lax data security practices as an “unfair” business practice under Section 5 of the FTC Act. The Wyndham hotel chain was the first to...more

School Districts and Charter Schools Must Address Student Data Privacy Concerns in Contracts

In working with school districts and charter schools, our firm has learned that many clients may have entered into agreements that lack key contract terms necessary to protect student data privacy. In other cases, we have...more

On the Reidentifiability of Credit Card Metadata

PLA today posts a link to “Unique in the Shopping Mall: On the Reidentifiability of Credit Card Metadata,” which concludes that card transaction data that was anonymized in conventional ways (e.g., by removing names and...more

Legal Insights on the Ashley Madison Hack: Part I

Internet commenters and legal analysts alike are buzzing about the Ashley Madison hack. The website -- which billed itself as a networking site for anyone who wanted to discretely arrange an extramarital affair -- has already...more

FCC Settles First Data Security Enforcement Action

On July 9, 2015, the Federal Communications Commission settled its first data security case with two related telecommunications carriers – TerraCom, Inc. and YourTel America, Inc. – for $3.5 million. The settlement resolves...more

Third Circuit Upholds FTC’s Authority in Wyndham Case

On August 24, 2015, the Third Circuit, in a highly anticipated ruling, upheld a 2014 New Jersey District Court decision that the FTC has authority under section 5 of the FTC Act to regulate “unfair” data security practices...more

Banks’ Class Certification Motion Trumpets Target Data Security Failings, Ignores Impact of Card Association Settlements

Card-issuing banks are forging ahead with their lawsuit against Target arising from the 2013 holiday shopping season data breach. Their July 1 motion for class certification has just been unsealed, allowing a glimpse at...more

Third Circuit Affirms FTC’s Authority Over Companies’ Cybersecurity Practices

In a test of the Federal Trade Commission’s authority to police cybersecurity, the Third Circuit Court of Appeals yesterday ruled that the agency has broad power to take action against private sector companies which fail to...more

Delaware Changes Online, Student Privacy Protection Laws

Four pieces of legislation intended to improve online privacy and protections for Delaware residents were signed into law by Governor Jack Markell on August 7, 2015. Collectively, this legislation will impact a broad range of...more

Target Reaches $67 Million Settlement with Visa over Data Breach Claims

More than a year-and-a-half after Target’s December 2013 announcement of a massive data breach, the retailer has reached an agreement with Visa, whereby it will reimburse Visa and certain affected card issuers up to $67...more

A Guide for Insurers on Creating and Maintaining a Cybersecurity Plan

The intersection of valuable and personally identifiable digitized information and the increasing incidence of cybersecurity breaches makes the creation and maintenance of a cybersecurity plan one of the most pressing...more

New Potential Liability for Data Security: U.S. Court of Appeals for the Third Circuit Announces FTC has Authority to Scrutinize a...

The U.S. Court of Appeals for the Third Circuit announced that the Federal Trade Commission (FTC) has the authority to scrutinize a business’s data security protocol -- and to file a complaint if the FTC finds that protocol...more

EU Privacy Law May Require Individual Third Party Consent for Sale of Customer Email Lists

Parties to transactions involving personal data in Europe are well-advised to investigate whether individual consent or the offer of opt-outs are required to avoid the risk of fines and other sanctions imposed by the DPA or...more

Privacy Tuesday – August 24, 2015 – FTC vs. Wyndham Update

Rather than our usual Privacy Monday “bits and bytes,” we have a breaking story relating to the ongoing Wyndham/FTC saga. Today, Wyndham Worldwide Corp. lost a critical round in the Third Circuit. Anticipated since...more

Web.com Suffers Data Breach Affecting 93,000 Customers

The list of companies hit by cyber-attacks continues to grow.  This time, Florida-based web hosting company, Web.com, has announced that it suffered a data breach that may have compromised credit card information and other...more

Summary of California Appellate Decisions -August 2015

Insurance; Duty To Defend; Insurance Coverage; Intentional Acts; Sexual Misconduct - Gonzalez v. Fire Insurance Exchange (2015) 234 Cal.App.4th 1220, 184 Cal.Rptr.3d 394 (WL 960927) - Facts: This is an...more

Rising Conflict Among Federal Courts – Whether an Account Number Visible on a Debt Collection Envelope Violates the FDCPA

Section 1692f(8) of the Fair Debt Collection Practices Act (“FDCPA”) prohibits the use of any language or symbol, other than the debt collector’s address, on any envelope when communicating with a consumer by mail. The...more

German Federal IT Committee Issues New Restrictions for Cloud Service Providers

Last month the German Federal Government IT Advisory Committee ("Federal IT Committee") issued new cloud computing service criteria for all prospective vendors to German Federal Agencies. Cloud services providers who offer,...more

Student Data Concerns Give Rise to Proposed Changes in Federal Education Privacy Laws

It has been over 40 years since Congress initially passed the Family Educational Rights and Privacy Act (“FERPA”) (20 U.S.C. § 1232g), also referred to as the “Buckley Amendment” after its primary Congressional sponsor. ...more

Data Dump! AshleyMadison.com Fallout Deepens

The Impact Team, the vigilante group behind the hacking of the infamous website AshleyMadison.com has followed through on its threat to leak the full database of the site’s users online. On Tuesday, August 18, 2015, an...more

South Korea introduces further data protection breach penalties to encourage compliance, and issues mobile app guidance

Ever since January 2014, when South Korea’s credit card industry lost huge amounts of customer data during a data breach, the South Korean government has been gradually announcing stricter penalties for those who run afoul of...more

Canada’s amendments to PIPEDA now largely in force

Canada’s Personal Information Protection and Electronic Documents Act (“PIPEDA”) has been amended by The Digital Privacy Act (the “DPA”). DPA updates PIPEDA and modernizes Canadian data privacy and security law. DPA is now...more

Mobile Health Devices and Cybersecurity: Federal Guidance for Management of Threats in Medical Devices

New Technology = New Threats - With new technology comes new security concerns. But when that new technology is in the medical field, the cybersecurity vulnerabilities can be particularly devastating. The...more

897 Results
|
View per page
Page: of 36

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×