Personally Identifiable Information

News & Analysis as of

Indonesia publishes data protection rule aimed at government agencies

On 14 July 2015, the Indonesian government published the Draft Regulation of the Minister of Communication and Information (RPM) of the Protection of Personal Data in Electronic Systems (‘Draft Regulation’). Pursuant to...more

Systema Software exposes information of 1.5 million on Amazon Web Service

Systema Software, which provides software solutions for claims management, is investigating a breach (although it was discovered, accessed and confirmed by an independent third party) involving information of 1.5 million...more

Comment period extended for NIST Cybersecurity Practice Guide

The National Institute of Standards and Technology has announced that due to stakeholder feed-back, the period to submit comments for the draft guide, “Securing Electronic Health Records on Mobile Devices” has been extended...more

SEC Settles Charges Against Investment Firm that Failed to Adopt Cybersecurity Policies Before Data Breach

Recently, the SEC announced that R.T. Jones Capital Equities Management, a St. Louis-based investment adviser, agreed to settle charges that it failed to establish the required cybersecurity policies and procedures before a...more

Retail Industry EMV Compliance Deadline Arrives Today - Credit Card Fraud Liability Shifts

Starting today, October 1, 2015, a substantial portion of the liability associated with in-store fraudulent credit card purchases shifts from credit card issuers, such as banks or credit unions, to retail merchants. Credit...more

SEC brings first cybersecurity-related enforcement action

The Securities and Exchange Commission (“SEC”) recently settled its first cybersecurity-related enforcement action against a Missouri based registered investment adviser, R.T. Jones Capital Equities Management, Inc. (the ...more

Boston’s MBTA joins the bluetooth beacon bus –it will now track the movement of its riders

If you don’t think you are being tracked as you move around Target or Macy’s or even through a local museum, you must not have a smartphone. Many companies are now using beacons –or stationary devices that measure the...more

Cybersecurity + Law Enforcement: The Cutting Edge Symposium | Friday, OctobeWU Law | Bristol,r 16, 2015 R Rhode Island

Cybersecurity, encryption, and government surveillance are daily challenges for public officials, corporations, and lawyers. On October 16, the Roger Williams University School of Law will present Cybersecurity and Law...more

A Compilation of Enforcement and Non-Enforcement Actions

Non-Enforcement Cybersecurity Is At the Top of SEC Examination Concerns In a recent SEC “risk alert” for registered broker-dealers and investment advisers, the SEC’s Office of Compliance Inspections and Examinations (OCIE)...more

What is reasonable? The emerging legalities of cybersecurity post-Wyndham

This month’s edition of the Advanced Cyber Security Center’s newletter includes my discussion of lessons to be learned from the Wyndham decision: Historically, security was an issue reserved in a back room for the IT...more

SEC Announces First Cybersecurity Enforcement Action Against an Investment Adviser for Failure to Protect Client Data

On September 22, 2015, the Securities and Exchange Commission (SEC) announced its first cybersecurity-related enforcement action against an investment adviser for failure to protect customer records and information. According...more

Notifying Parties In Username/Password Breaches . . . It’s Not Just the Law

As we head into the end of 2015, state legislators across the country continue to strengthen, update and, in some instances, broaden the scope of their respective state data breach notification laws. Specifically, many...more

FTC Fines Can Add Salt to a Cybersecurity Wound

Cyberattacks are on the rise—so much that we seem to hear about a high-profile hack more often than it probably rains in most parts of California. Although reputational damage from a cyberattack can be scarring, a recent U.S....more

Status Updates: Court nixes VPPA claim; lawyer suspended over blog posts; Facebook ‘unfriending’ cited in bullying decision

Tale of the tape. The Video Privacy Protection Act (VPPA), which requires video service providers to destroy personally identifiable information after a specified time, doesn’t provide a private right of action for plaintiffs...more

The Legal Lessons of Data Breaches

Every business would love to find a fortune teller to give it insight into what trends to follow, which risks to take, and when “exposure” will convert to liability. Some clients might say that, unfortunately, their lawyers...more

SEC Penalizes Investment Adviser over Inadequate Cyber-Risk Program Prior to Data Breach

On September 22, the SEC ordered a Missouri-based investment adviser to pay a $75,000 penalty, settling allegations that the investment adviser failed to implement required written cybersecurity policies and procedures prior...more

Uncertainty for the U.S.-EU Safe Harbor Intensified by Non-Binding Recommendation for EU High Court Advisor

In a non-binding opinion issued on September 23, 2015, an Advocate General for the European Court of Justice (“ECJ”) recommended that the ECJ suspend the U.S.-EU Safe Harbor program (“Safe Harbor”) and reexamine whether the...more

The Russian Data Protection Authority, Roskomnadzor, Enforces New Russian Data Localization Law

On September 9, 2015, the Federal Service for Supervision of Communications, Information Technology and Mass Communications (the “Roskomnadzor”) reported on its website that it blocked an extensive online database of more...more

Who is Stealing Your Trade Secrets? An Overview of Key Threats

Every company has trade secrets – for some, they may be special manufacturing processes, for other organizations, trade secrets could include product formulae, customer lists, software code or marketing strategies. The more...more

Data Breach Class Claims Survive Clapper

On appeal to the Seventh Circuit, a three-judge panel opinion written by Chief Judge Woods reversed the lower court. Remijas v. Neiman Marcus Group, LLC, No. 14-3122, 2015 WL 4394814, at *3 (7th Cir. July 20, 2015). The panel...more

HHS Issues Proposed Rule That Would Revise the Federal Policy for the Protection of Human Subjects

Proposals are Intended to Enhance Protections for Higher Risk Clinical Research and Privacy Safeguards, including Uses of Biospecimens and Identifiable Private Information - On September 8, 2015, the Department of Health...more

Judicial Redress Act Advances

In what may prove to be a major step forward in US-EU privacy relations, the House Judicial Committee approved H.R. 1428, the Judicial Redress Act of 2015, on September 16. If enacted, the bill would allow citizens of...more

The SEC OCIE Announces Increased Scrutiny of Broker-Dealers’ and Investment Advisers’ Cybersecurity Programs

On September 15, 2015, the Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (OCIE) issued a National Exam Program Risk Alert (2015 Risk Alert) to provide broker-dealers and investment...more

SEC Proposes “A Clearly Unwarranted Invasion of Personal Privacy”

Last week, the Securities and Exchange Commission proposed that persons involved in administrative proceedings be required to submit all documents and other items electronically.  The SEC is proposing these rules as part of...more

Investment Adviser Settles SEC Charges After Data Breach

Last week, the Securities and Exchange Commission (SEC) settled charges against a registered investment adviser for failing to comply with Rule 30(a) of Regulation S-P (17 C.F.R. § 248.30(a)) (“Safeguards Rule”). The...more

1,018 Results
View per page
Page: of 41

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.