Last week, the attorneys general (AGs) of 43 states and the District of Columbia announced they reached a $1.5 million settlement with Neiman Marcus Group LLC to resolve an investigation of a 2013 data breach that involved...more
State AGs -
Coalition of AGs Asks Social Security Administration to Establish Database of SSNs to Combat ID Theft -
Forty-three state AGs sent a letter to acting Social Security Administration (SSA) Commissioner Nancy...more
California Consumer Protection Act - Privacy Groups Urge California Lawmakers Not to Weaken California Consumer Privacy Act • A variety of privacy groups, including the Electronic Frontier Foundation, the Digital Privacy...more
GDPR - European Regulators Fine Uber Over 2016 Data Breach • British and Dutch privacy regulators issued fines totaling approximately $1.2 million against ride-hailing company Uber over its 2016 data breach....more
Class Actions - Pennsylvania Supreme Court Declares Employers Have Affirmative Duty to Protect Employee Personal Information • According to a recent opinion by the Pennsylvania Supreme Court, “an employer has a legal duty to...more
Class Actions - Plaintiffs Seek Approval for $4.3 Million Settlement With Sonic in Credit Card Data Breach Suit • Following a variety of lawsuits against fast food chain Sonic Drive-In related to a 2017 credit card data...more
BIPA - Medline and Con Tech Lighting Latest Illinois Employers Hit With Claims under BIPA • Two Illinois employers, Con Tech Lighting and Medline Industries, are the latest to face claims alleging violations of Illinois’...more
10/9/2018
/ Biometric Information ,
Biometric Information Privacy Act ,
Class Action ,
COPPA ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Point of Sale Terminals
Class Actions - Judge Approves $80M Settlement in Yahoo Data Breach Suit • U.S. District Judge Lucy Koh awarded plaintiffs $80 million in a consolidated class action brought against Yahoo by shareholders resulting from data...more
With the announcement last week of its new lawsuit against several tech companies for violating Children’s Online Privacy Protection Act (“COPPA”), the FTC Act, and New Mexico’s Unfair Practices Act (“UPA”), the State of New...more
Class Actions - Hotel Investment and Management Firm Aimbridge Hospitality LLC Removes Putative Class Action to Federal Court - Hospitality company Aimbridge Hospitality LLC (Aimbridge) removed a putative class action lawsuit...more
Class Actions -
San Francisco Transit Agency Seeks Approval of Class Action Settlement -
• Bay Area Rapid Transit (BART) sought preliminary approval of a class action settlement to resolve claims that the transit...more
Biometric Information Privacy Act - AGCO Corp., Ceridian HMC Inc. and Hegewisch Development Corp. Latest Employers to Face Allegations of BIPA Violations - Lawsuits against employers for alleged violations of Illinois’...more
Data Breaches - Comcast’s Xfinity Service Potentially Exposes Addresses and Partial SSNs of More Than 26.5 Million Customers • According to security researcher Ryan Stevenson, alleged vulnerabilities in the system Comcast...more
Federal Trade Commission - Federal Trade Commission Asks for Ability to Fine Companies for Privacy Violations - Speaking before the U.S. House of Representatives’ Subcommittee on Digital Commerce and Consumer Protection, the...more
Class Actions - Macy’s Faces Suit After Disclosing Data Breach - Retail giant Macy’s notified its customers and state regulators of a data breach affecting the accounts of online shoppers. The breach occurred between April 26...more
Class Actions -
Finkly & Sons Co. Faces Illinois Biometric Information Privacy Act Class Action -
A former employee of steelmaker A. Finkly & Sons Co. filed a putative class action against the company in Cook County,...more
6/20/2018
/ Article III ,
Biometric Information ,
Biometric Information Privacy Act ,
Bitcoin ,
Class Action ,
Consumer Product Safety Commission (CPSC) ,
Cybersecurity ,
Data Protection ,
Federal Trade Commission (FTC) ,
Securities and Exchange Commission (SEC) ,
Standing
On June 6, the 11th Circuit issued its long-awaited decision on LabMD Inc. v. Federal Trade Commission, vacating as unenforceable the Federal Trade Commission’s (FTC’s) cease and desist order that required LabMD to create and...more
Canada - Canadian Banks Notify 90,000 Following Breach - Bank of Montreal and Canadian Imperial Bank of Commerce announced that they were contacted by hackers and informed that nearly 90,000 customers’ personal information...more
Class Actions -
Facebook Users BIPA Suit to Go Forward -
• Denying cross-motions for summary judgment, the U.S. District Court for the Northern District of California ruled that the class action against Facebook for...more
Class Actions - Liquor Store Chain Binny’s Is Latest Target of BIPA - In a putative class action complaint filed in Cook County Circuit Court, employees of Illinois liquor store chain Binny’s Beverage Depot alleged the...more
Class Actions - Google Seeks Dismissal of BIPA Class Action - Google has sought dismissal of a putative class action lawsuit alleging violations of Illinois’ Biometric Information Privacy Act (BIPA)....more
Data Breaches -
Portable Oxygen Device Maker Inogen Announces Data Breach -
Inogen Inc., which makes portable oxygen devices, reported to the U.S. Securities and Exchange Commission that it experienced a data breach...more
Class Actions -
Uber Data Breach Suits Consolidated in California -
The U.S. Judicial Panel on Multidistrict Litigation has settled on the U.S. District Court for the Central District of California in which to...more
Canada -
Data Breach Notification Provisions of PIPEDA Act Go Into Effect Nov. 1, 2018 -
• Pursuant to a March 26, 2018 Order in Council, the mandatory breach notification provisions of Canada’s Personal Information...more
4/11/2018
/ Biometric Information ,
Biometric Information Privacy Act ,
Breach Notification Rule ,
Canada ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
EU ,
Facebook ,
Facial Recognition Technology ,
General Data Protection Regulation (GDPR) ,
PIPEDA ,
State Data Breach Notification Statutes
EU/GDPR -
GDPR a ‘Learning Curve’ According to CNIL Head Falque-Pierrotin -
Speaking at the Global Privacy Summit of the International Association of Privacy Professionals (IAPP), Commission Nationale de l’Informatique...more