The Federal Trade Commission (FTC) is conducting a three-part fall conference workshop on select technology issues. The first conference was held on September 7th about ransomware. The second conference was held on October...more
On October 26, 2015, EU Commissioner Jourová, responsible for data protection, delivered before the European Parliament a speech on the implications of the Schrems ruling (C-362/14) by the Court of Justice of the EU, which...more
It seems as if every day there is a new report of a data breach or cyber attack. For the same reason that Willie Sutton robbed banks — “because that’s where the money is” — cyber criminals have been incessant in their...more
On October 20, 2015, the IRS, state taxing authorities, and leaders of the tax industry announced continued progress to expand and strengthen protection against identity theft in refund fraud for the 2016 tax season. “We are...more
After the October 6, 2015, decision of the CJEU, it is clear that transfers of personal data may no longer take place under the Safe Harbor. This was confirmed with no ambiguity by the Article 29 Working Party (Group 29,...more
10/23/2015
/ Article 29 Working Group ,
Binding Corporate Rules ,
Data Controller ,
Data Protection Authority ,
Derogation ,
EU ,
EU Data Protection Laws ,
European Commission ,
European Court of Justice (ECJ) ,
International Data Transfers ,
Model Contracts
After the decision of October 6, 2015, of the Court of Justice of the EU (CJEU) invalidating the decision from the EU Commission (Decision 2000/520) on the Safe Harbor, transfer of personal data to the U.S. based on Standard...more
10/16/2015
/ Cybersecurity ,
Data Protection Authority ,
Edward Snowden ,
EU ,
EU Data Protection Laws ,
European Commission ,
European Court of Justice (ECJ) ,
Facebook ,
Federal Trade Commission (FTC) ,
Germany ,
International Data Transfers ,
Ireland ,
National Security ,
National Security Agency (NSA) ,
Personal Data ,
Privacy Laws ,
Right to Privacy ,
Safe Harbors ,
Schrems I & Schrems II ,
US-EU Safe Harbor Framework
Draft Kings and Fan Duel, competing daily fantasy sports (DFS) sites, have been vying for attention by flooding the airwaves with a reported 60,000 commercials this year. However, a recent data leak has resulted in less...more
10/13/2015
/ Arbitration ,
Arbitration Agreements ,
Attorney's Fees ,
Class Action ,
Conspiracies ,
Consumer Financial Protection Bureau (CFPB) ,
Consumer Protection Act ,
Contract Terms ,
Data Breach ,
Data Protection ,
Data Security ,
ESPN ,
False Advertising ,
Fantasy Sports ,
Federal Arbitration Act ,
Fraud ,
Negligence ,
Popular ,
Proprietary Information ,
Sports ,
Television Commercials ,
Terms of Use ,
Young Lawyers
On September 29, 2015, Commodity Futures Trading Commission (CFTC) Chairman Timothy Massad delivered a “State of the Derivatives Marketplace” speech before the 3rd Annual OTC Derivative Summit North America. The speech...more
10/8/2015
/ Banking Sector ,
CFTC ,
Covered Entities ,
Cybersecurity ,
Derivatives ,
Derivatives Clearing Organizations ,
Market Participants ,
Regulatory Standards ,
Risk Assessment ,
Risk Management ,
Swap Data Repositories
On October 6, 2015, the Court of Justice of the EU (CJEU) ruled that the Safe Harbor decision from the EU Commission (Decision 2000/520) is invalid. The ruling seems more severe than the opinion rendered on September 23,...more
The U.S. Secret Service’s most recent scandal spectacularly illustrates the need to enforce restrictions on access to databases housing confidential information. According to a September 25, 2015, report from the Office of...more
It’s 12:43 in the morning, and you have had a tough day at work. You are tired, thinking slowly, and feeling a little anxious that you should already be in bed to catch some rest before a 6 a.m. wake-up call. And then you get...more
10/5/2015
/ Data Collection ,
Defamation ,
Facebook ,
First Amendment ,
Harassment ,
Mobile Apps ,
Online Reputation ,
Online Reviews ,
Popular ,
Privacy Concerns ,
Stalking ,
Text Messages
The European Commission made it clear on September 16, 2015, that the issue of whether to introduce national data retention laws is a national decision. The European Commission has no intention of going back on this statement...more
As anticipated in our previous discussion of the Ashley Madison data breach litigation, lawyers representing the various putative classes have begun sparring over their preferred venues. The Missouri Jane Doe – who filed the...more
As the old Bob Dylan song goes, “the times they are a-changin’.” While I suspect his message may have been intended for a more meaningful topic than social media employee privacy laws, his words do ring true. When Maryland...more
On September 23, 2015, Advocate General Yves Bot delivered an opinion on the issue of the transfer of personal data from Facebook Ireland to Facebook USA, in light of the generalized access the National Security Agency (NSA)...more
There once existed a time when a crew of skydiving surfers could throw on surprisingly well crafted ex-president masks, stroll into a cash-heavy bank and rob the institution blind. There was a time when the weapon of choice...more
On Sept. 15, 2015, the Securities Exchange Commission (SEC) Office of Compliance Inspections and Examinations (OCIE) published its second cybersecurity risk alert (the “2015 Risk Alert”). The 2015 Risk Alert is a follow up to...more
Retail data breaches are multi-victim crimes, with the retailer, consumers and affected third parties all having legitimate claims to “victimhood” – and each left squabbling as the hacker vanishes into the digital ether....more
9/22/2015
/ B2B Organizations ,
Class Action ,
Class Certification ,
Commonality ,
Data Breach ,
FRCP 23 ,
Interlocutory Appeals ,
Internet Retailers ,
Predominance Requirement ,
Retailers ,
Target
The EU and U.S. reached an agreement on Tuesday (9 September) which will enable the two sides to exchange personal data during criminal and terrorism investigations....more
9/15/2015
/ Criminal Investigations ,
Data-Sharing ,
EU ,
European Commission ,
Government Investigations ,
Industrial Espionage ,
Judicial Redress Act ,
Legislative Agendas ,
National Security ,
National Security Agency (NSA) ,
Popular ,
Privacy Laws ,
Right to Privacy ,
Surveillance ,
U.S. Commerce Department ,
Umbrella Agreement
The 56 Dean Street Clinic, which is operated by the Chelsea and Westminster NHS Trust and specializes in HIV and other sexual health services, has apologized for the error which revealed (to all 780 recipients) the full names...more
On August 28, 2015, the National Futures Association (NFA) submitted a proposed interpretative notice (Notice) to the Commodity Futures Trading Commission (CFTC) to require information systems security programs (ISSPs). If...more
Illicit affairs have always imposed risks – from marital discord and divorce to boiling bunnies and Maury appearances. However, when old-school adultery met new-school technology on the Ashley Madison infidelity website,...more
9/2/2015
/ Ascertainable Class ,
Ashley Madison ,
Class Action ,
Class Certification ,
Cyber Attacks ,
Data Breach ,
FRCP 23 ,
Motion to Dismiss ,
Multidistrict Litigation ,
Personally Identifiable Information ,
Standing
The UK’s Information Commissioner’s Office (ICO) has made what appears to be its first “right to be forgotten” enforcement action against Google Inc. The ICO issued the notice on 18 August 2015, ordering Google to remove nine...more
Does a data breach of a retailer’s payment-card information automatically confer Article III standing on affected customers? Is the mere possibility that some criminal element may use pilfered information to commit future...more
8/24/2015
/ Appeals ,
Article III ,
Clapper v. Amnesty International ,
Class Action ,
Credit Monitoring ,
Data Breach ,
En Banc Review ,
Imminent Harm ,
Neiman Marcus ,
Popular ,
Retailers ,
Standing
Last winter, following a well-publicized data breach, a group of financial institutions sued Target, arguing that Target should be held responsible for the damages that they had experienced as a result of the data breach...more