Data privacy is a top concern for many in-house legal professionals – and for good reason – data privacy and cybersecurity legal requirements are complex and continually evolving. Data Privacy Day is a great day to start...more
On April 25, the Securities and Exchange Commission announced a settlement with Yahoo that constituted its first enforcement action against a public company for failing to disclose a data breach.
This settlement...more
Last week, as previously reported, the U.S. Securities and Exchange Commission (SEC) unanimously voted to approve additional guidance for reporting cybersecurity risks. The release of this guidance underscores the SEC’s...more
On September 7, Equifax, one of the three major credit reporting firms in the U.S., disclosed a data breach that potentially affects 143 million consumers. Equifax’s disclosure indicated that the breach, which Equifax claims...more
Throughout the past several years, data privacy and security practices have evolved into more than just defending against identity theft and protecting sensitive data. In fact, since 2014, to help raise awareness for data...more
1/31/2017
/ Acquisitions ,
Big Data ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Department of Financial Services ,
EU ,
EU-US Privacy Shield ,
FFIEC ,
General Data Protection Regulation (GDPR) ,
Gramm-Leach-Blilely Act ,
International Data Transfers ,
Mergers ,
NIST ,
OCIE ,
Popular ,
Ransomware ,
Spokeo v Robins
It seems as if every day there is a new report of a data breach or cyber attack. For the same reason that Willie Sutton robbed banks — “because that’s where the money is” — cyber criminals have been incessant in their...more
Draft Kings and Fan Duel, competing daily fantasy sports (DFS) sites, have been vying for attention by flooding the airwaves with a reported 60,000 commercials this year. However, a recent data leak has resulted in less...more
10/13/2015
/ Arbitration ,
Arbitration Agreements ,
Attorney's Fees ,
Class Action ,
Conspiracies ,
Consumer Financial Protection Bureau (CFPB) ,
Consumer Protection Act ,
Contract Terms ,
Data Breach ,
Data Protection ,
Data Security ,
ESPN ,
False Advertising ,
Fantasy Sports ,
Federal Arbitration Act ,
Fraud ,
Negligence ,
Popular ,
Proprietary Information ,
Sports ,
Television Commercials ,
Terms of Use ,
Young Lawyers
As anticipated in our previous discussion of the Ashley Madison data breach litigation, lawyers representing the various putative classes have begun sparring over their preferred venues. The Missouri Jane Doe – who filed the...more
Retail data breaches are multi-victim crimes, with the retailer, consumers and affected third parties all having legitimate claims to “victimhood” – and each left squabbling as the hacker vanishes into the digital ether....more
9/22/2015
/ B2B Organizations ,
Class Action ,
Class Certification ,
Commonality ,
Data Breach ,
FRCP 23 ,
Interlocutory Appeals ,
Internet Retailers ,
Predominance Requirement ,
Retailers ,
Target
The 56 Dean Street Clinic, which is operated by the Chelsea and Westminster NHS Trust and specializes in HIV and other sexual health services, has apologized for the error which revealed (to all 780 recipients) the full names...more
Illicit affairs have always imposed risks – from marital discord and divorce to boiling bunnies and Maury appearances. However, when old-school adultery met new-school technology on the Ashley Madison infidelity website,...more
9/2/2015
/ Ascertainable Class ,
Ashley Madison ,
Class Action ,
Class Certification ,
Cyber Attacks ,
Data Breach ,
FRCP 23 ,
Motion to Dismiss ,
Multidistrict Litigation ,
Personally Identifiable Information ,
Standing
Does a data breach of a retailer’s payment-card information automatically confer Article III standing on affected customers? Is the mere possibility that some criminal element may use pilfered information to commit future...more
8/24/2015
/ Appeals ,
Article III ,
Clapper v. Amnesty International ,
Class Action ,
Credit Monitoring ,
Data Breach ,
En Banc Review ,
Imminent Harm ,
Neiman Marcus ,
Popular ,
Retailers ,
Standing
Last winter, following a well-publicized data breach, a group of financial institutions sued Target, arguing that Target should be held responsible for the damages that they had experienced as a result of the data breach...more
On October 1, 2015, a substantial portion of the liability associated with in-store fraudulent credit card purchases will shift from credit card issuers, such as banks or credit unions, to retail merchants. Credit card...more
Until very recently, it was considered matter of course in a services agreement for any data disclosure or loss, regardless of cause, to be excluded from any and all limitations of the vendor’s liability. However, as data...more
More details continue to emerge about the cyber attack and data breach disclosed last week of the U.S. federal government’s Office of Personnel Management (OPM), and those details continue to get worse. While original reports...more
BREAKING NEWS: Health insurer CareFirst BlueCross BlueShield disclosed today that hackers gained access to one of its databases, exposing personally identifiable information for approximately 1.1 million people....more
5/21/2015
/ Blue Cross ,
Blue Shield ,
CareFirst ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Hackers ,
Health Insurance ,
Healthcare ,
Identity Theft ,
Information Technology
Last week, in conjunction with the Criminal Division’s Cybersecurity Industry Roundtable, the U.S. Department of Justice released its “Best Practices” guide for preparing for and responding to a cyber incident....more
In 2014, grocers and restaurants continued to be plagued by attacks leading to the theft of credit card information. Among others, Supervalu Inc. and Jimmy John’s both experienced intrusions in 2014, extending the string of...more
3/13/2015
/ Banks ,
Credit Cards ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Foreseeability ,
Grocery Stores ,
Limitation of Liability Clause ,
Negligence ,
Point of Sale Terminals ,
Popular ,
Restaurant Industry ,
Target ,
Theft
During the holidays, consumers are pulling out debit and credit cards again, again and again. It is with a degree of blind faith those same consumers trust their personal data is going where intended and not into the hands of...more