News & Analysis as of

Personally Identifiable Information

A Year in Review: FTC Data Privacy Actions and its Impacts on 2017 and Beyond

Whether it means taking a prominent role shaping data security for the Internet of Things, or addressing high profile breaches, the FTC has adopted an active position in policing data privacy and security. And, as data...more

Uber Settles FTC Dispute Over Consumer Data Privacy and Security Allegations

by Ballard Spahr LLP on

There are several key takeaways from a 20-year proposed consent order agreed to by Uber Technologies, Inc. (Uber) and the Federal Trade Commission (FTC)...more

GDPR Applies to US Firms

The European Data Protection Regulation is to come into force on 25 May 2018 (the “GDPR”). It introduces many far-reaching changes in data processing, including the possibility of the supervision authority to impose high...more

Delaware Amends Data Breach Statute

by Ballard Spahr LLP on

Delaware has joined the growing list of states that have recently amended their data breach laws. With passage of the first significant amendments to its data breach law since 2005, Delaware continues a state-law trend of...more

CareFirst Data Breach Appeal Holds Three Key Lessons For Cyberattack Litigants

by Cozen O'Connor on

A recent federal appellate decision suggests that it might be getting easier for cyberattack plaintiffs to establish standing in a manner sufficient to survive a motion to dismiss. According to the U.S. Court of Appeals for...more

Divided NLRB Rules Employer Policy Protecting Customer Information Is Lawful

Employers can prohibit the use by employees of the names, social security numbers and credit card numbers of customers in furtherance of organizational activities. If this seems like it should have been a foregone conclusion,...more

Mistake in Your Credit Report? The Latest Spokeo Decision Suggests You May Have A Case.

In the 9th Circuit’s August 15, 2017 decision in Robins v. Spokeo, the latest in the long-running legal debate about when a consumer cause of action exists for a data breach, the 9th Circuit has declared that inaccuracies in...more

AD-ttorneys@law

by BakerHostetler on

Back in February, VIZIO, one of the world’s largest manufacturers of “smart” televisions, reached a $2.2 million settlement with the Federal Trade Commission (FTC) and the New Jersey attorney general’s office. The company had...more

Court Expands Standing for Plaintiffs to Pursue Data Breach Claims

On August 1, 2017, the D.C. Circuit handed down its decision in the data breach class action Attias v. CareFirst. In doing so, it became the latest federal appellate court to recognize that individual victims of a breach have...more

New Mexico’s Data Breach Law

by Snell & Wilmer on

Almost all U.S states have laws about data security and what to do when there’s a data breach. New Mexico recently added such a law for its state. Here is what’s in the New Mexico law....more

Nevada Becomes Third State with Privacy Policy Law

Joining the ranks of California and Delaware, the state of Nevada adopted a new law mandating that, beginning Oct. 1, websites and other online services post a privacy policy....more

D.C. Circuit Concludes Heightened Risk of Future Identity Theft Enough for Standing in Data Breach Class Action

by Fisher Phillips on

Much to the dismay of companies, on August 1, 2017, the U.S. Court of Appeals for the D.C. Circuit made it easier for plaintiffs, and their attorneys, to bring class action data breach cases. In Attias v. CareFirst, Inc.,...more

D.C. Circuit Finds that Theft of Health Insurance Subscriber ID Numbers Is a Cognizable Injury in Identity Theft Litigation

by Moore & Van Allen PLLC on

Recently, the D.C. Circuit Court of Appeals ruled in Attias v. CareFirst, Inc., No. 16-7108, that customers had standing to sue a health insurer for a 2014 data breach in which the customers’ information was stolen. ...more

Another Circuit Joins the Trend of Setting a “Low Bar” for Standing in Data Breach Actions

by McGuireWoods LLP on

Consistent with a growing trend among courts nationwide, the D.C. Circuit Court unanimously held that a group of plaintiffs had cleared a “low bar” to establish constitutional standing for their claims in a data breach case...more

Attempting To Avoid The High Cost Of A Reported HIPAA Breach

by Dickinson Wright on

Preventing unintended or unauthorized disclosure of protected health information is an ever-present goal of all covered entities and business associates. However, protective firewalls and electronic data security measures are...more

New Jersey Limits Use of Shopper Data

Shoppers in New Jersey were promised increased privacy after Governor Chris Christie signed the Personal Information and Privacy Protection Act that limits the collection and use of personal information obtained from...more

DFS Cyber Regulation Countdown: Who Should Certify Compliance?

Companies subject to New York’s Department of Financial Services (DFS) new cybersecurity regulation should be preparing to comply with the first round of requirements by the upcoming August 28th deadline: enacting a...more

The DC Circuit Opens the Door to Data Breach Plaintiffs Alleging Substantial Risk of Future ID Theft

by Fenwick & West LLP on

The U.S. Court of Appeals for the D.C. Circuit has held that allegations of a heightened risk of future identity theft resulting from a data breach established a concrete injury at the pleading stage....more

Privacy Tip #100 – Scary Statistics on Identity Theft of Children

It is one thing to steal our identity as an adult, but children are defenseless against this type of fraud. According to Experian, it handles 25,000-30,000 cases of identity theft and fraud every year and a whopping 17...more

Privacy Perils: The Price of Consumer Loyalty

by Bass, Berry & Sims PLC on

People love a good discount, which is why almost 75% of adult Americans are signed up for at least one customer loyalty program. We love to rack up points with airlines for a seat upgrade, get a free Starbucks latte on our...more

In Data Breach Lawsuit, Mere Risk of Identity Theft is Enough to Stand On

by Saul Ewing LLP on

As the frequency of data breach incidents increases at a record pace, courts are becoming less reluctant to open the floodgates and allow consumers to bring data breach lawsuits. In its recent Attias v. CareFirst, Inc....more

A Guide to NYDFS Cybersecurity Regulations’ August 28 Implementation Deadline

by Hogan Lovells on

As a follow-up to our previous reports (December 30, 2016 Alert; February 24, 2017 Alert) regarding the cybersecurity regulations issued by the New York State Department of Financial Services (NYDFS), we would like to remind...more

Nevada Implements Law that Requires Notice for Collection of Personal Information

Nevada has become the third state in the Union to adopt a law that requires operators of websites and online services to provide notice to consumers who are Nevada residents of their practices around the collection and...more

Maryland Amends Personal Information Protection Act

by Jackson Lewis P.C. on

Amendments to Maryland’s Personal Information Protection Act expand the definition of personal information, modify the definition of breach of the security of the system, provide a 45-day timeframe for notification, allow...more

FTC Asked to Investigate Google’s Matching of “Bricks to Clicks”

Recently, the Electronic Privacy Information Center (“EPIC”) asked the FTC to begin an investigation into a Google program called “Store Sales Management.” The purpose of Store Sales Management is to allow for the matching...more

1,861 Results
|
View per page
Page: of 75
Cybersecurity

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.