Privacy Policy Data Protection

News & Analysis as of

US–EU Safe Harbor – Struck Down!

1. CJEU finds Safe Harbor Invalid - In a landmark ruling delivered today, Europe's highest court, the Court of Justice of the European Union (CJEU) declared that the EU Commission's US - EU Safe Harbour regime is...more

California Attorney General Settlement Requires Hiring of Privacy Officer: Businesses with Web Presences Subject to Increasing...

On Friday, Oct. 2, home design and renovation company, Houzz, Inc., reached a settlement with the Office of California Attorney General Kamala Harris over allegations that Houzz had recorded customer and employee...more

What is reasonable? The emerging legalities of cybersecurity post-Wyndham

This month’s edition of the Advanced Cyber Security Center’s newletter includes my discussion of lessons to be learned from the Wyndham decision: Historically, security was an issue reserved in a back room for the IT...more

The SEC OCIE Announces Increased Scrutiny of Broker-Dealers’ and Investment Advisers’ Cybersecurity Programs

On September 15, 2015, the Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (OCIE) issued a National Exam Program Risk Alert (2015 Risk Alert) to provide broker-dealers and investment...more

Delaware Enacts Package of Internet Data Laws

Joining the collection of states with online privacy laws, Delaware has enacted a package of statutes governing the collection, storage and use of the personal information of Delaware residents by websites, Internet and cloud...more

Weekly Privacy Tip#2 – Protecting your (and your employees’ and customers’) Social Security numbers

Social Security numbers are one of the highest risk data elements known to mankind. A Social Security number in combination with a name and date of birth (which are publicly accessible) in the hands of a bad person can...more

Huge fine of nearly U.S. $2 million levied on Mexican bank after data breach

In early September, Mexico’s data protection authority, the National Transparency, Information Access and Data Protection Institute (INAI), issued a fine of 32 million pesos (U.S. $1.95 million) to Mexican bank Grupo...more

Just Like Neiman Case, FTC v. Wyndham Decision Not All It’s Cracked Up to Be

Back on July 20 this year, the Seventh Circuit Court of Appeals decided Remijas v. Neiman Marcus, leading a chorus of pundits to declare that case changed everything when it comes to data breach cases, signaling a “new tilt...more

Advertising Law - September 2015

Third Circuit Affirms FTC's Power to Regulate Data Security Practices - Affirming the power of the Federal Trade Commission to regulate corporate cybersecurity, the Third Circuit Court of Appeals held that the agency may...more

Time for a HIPAA Security Check-Up!

The 2015 HIPAA Security conference held by the National Institute of Standards and Technology (“NIST”) and the U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”) kicked off last week with OCR’s...more

Are Your Directors Talking Enough About Privacy and Data Security?

The number of companies suffering data breaches, and the average cost associated with each incident, continues to rise. According to the Ponemon Institute’s 2014 Cost of Data Breach Study: Global Analysis, the average...more

Federal appeals court confirms FTC authority to regulate cybersecurity policies and procedures

Banks and other companies subject to the CFPB’s jurisdiction face the possibility that the CFPB could begin using its authority under Sections 1031 and 1036 of the Dodd-Frank Act (which proscribe unfair, deceptive or abusive...more

Third Circuit affirms FTC’s jurisdiction over security practices in Wyndham case

In a strongly worded opinion, the Third Circuit Court of Appeals on Monday slammed Wyndham Worldwide Corporation’s arguments that the FTC did not have jurisdiction to enforce the security practices of businesses following a...more

The FTC Continues to Flex its Safe Harbor Enforcement Muscles

On August 17, 2015, the Federal Trade Commission (FTC) announced settlements with 13 companies on charges that they misled consumers by claiming that they were certified members of the U.S.-EU or U.S.-Swiss Safe Harbor...more

New Potential Liability for Data Security: U.S. Court of Appeals for the Third Circuit Announces FTC has Authority to Scrutinize a...

The U.S. Court of Appeals for the Third Circuit announced that the Federal Trade Commission (FTC) has the authority to scrutinize a business’s data security protocol -- and to file a complaint if the FTC finds that protocol...more

Cybersecurity for Startups Now a Cost of Entry for Consideration by Larger Clients: What is Your Company's Plan?

For technology startups, maintaining strong security controls remains vital to winning new business opportunities and strengthening existing relationships. Despite the global spike in cybersecurity attacks (there were 42.8...more

Ashley Madison and Coming to “Terms” with Data Protection

A recent massive data hack of an online dating site Ashley Madison once again proves that what one publishes, says, or does online, even in seemingly private forums, is never completely private. It’s also a reminder that the...more

The Big Move Toward Big Data in Employment

The world of Big Data has arrived, and it is beginning to affect employers and their decision-making in ways undreamed of even a few years ago. Employers can access more information about their applicant pool than ever...more

Class Is in Session: The FTC Launches New Data Security Initiative

Why it matters - The Federal Trade Commission (FTC) kicked off a new educational initiative to provide guidance to businesses in the area of data security. Based on the lessons learned from more than 50 of the agency's...more

Don’t Sling Your Data Around in Singapore

Singapore: it is the globe’s fourth-largest financial center and the only Asian nation with a top AAA rating from the three primary credit rating agencies. But, despite its reputation as one of the most business-friendly...more

EU Data Privacy Update: European Council Approves Agreement to Data Privacy Reform

European regulators took another step forward on the protracted and procedurally involved path to EU-wide data privacy reform earlier this month when the European Council (the organization of the individual member states)...more

District Court Dismisses Data Breach Class Action Against GameStop, Inc.

The US District Court for the District of Minnesota recently dismissed a data breach class action against GameStop, Inc. and Sunrise Publications, Inc. (d/b/a Game Informer) for lack of constitutional standing because the...more

Staying Out of the FTC’s Data Security Cross-Hairs

As the Federal Trade Commission acknowledges in a recent blog post, no company wants to discover that its data security practices are under federal investigation. Yet any company that collects, uses or maintains consumer data...more

Healthcare Organizations not Immune from Criminal Attacks on Sensitive Information

This month, the Ponemon Institute released its Fifth Annual Benchmark Study on Privacy & Security of Healthcare Data and its findings are generating a good deal of attention. In the past, the Study has found that most data...more

Government Contracts Quarterly Update - May 2015

The Government Contracts Quarterly Update is published by BakerHostetler’s Government Contracts Practice team to inform our clients and friends of the latest developments in federal government contracting. Topics in the...more

148 Results
View per page
Page: of 6

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.