Latest Publications

Share:

Supreme Court Searches for Fourth Amendment Line for the Digital Economy

On November 29, 2017, the Supreme Court heard oral argument in Carpenter v. United States. The Court’s decision could have critical implications for companies operating in the digital economy and their ability to limit...more

Recent Decision Highlights Viability of Factual Challenges to Standing in Data Breach Cases

Private civil actions against companies that have suffered data security breaches raise a panoply of issues, but none more prevalent or decisive than those relating to injury and damages. This is because most plaintiffs in...more

Federal Trade Commission Presses Forward with Data Security Enforcement in Settlement with Uber

On August 15, Uber Technologies, Inc. (“Uber”) reached an agreement with the Federal Trade Commission (“FTC”) to settle allegations that the company deceived consumers by misrepresenting its security and employee access...more

Federal Trade Commission Announces Investigation Reforms

On July 17, Federal Trade Commission (“FTC”) Acting Chairman Maureen Ohlhausen announced a set of process reforms within the agency’s Bureau of Consumer Protection aimed at streamlining information requests and improving...more

Don't WannaCry: Ten Questions Boards and Company Management Can Ask in the Wake of Recent Ransomware Attacks

The WannaCry ransomware attack that hit computers around the world last week is yet another reminder that computers play key roles in most enterprises, and that it does not take much to disable those computers. Questions...more

Trump Issues First Executive Order on Cybersecurity: While Goals Are Ambitious, Timelines Are Tight

On May 11, 2017, President Donald J. Trump signed an executive order addressing cybersecurity risk management across three key areas: (1) federal government networks, (2) critical infrastructure, and (3) cybersecurity for the...more

Recent Decisions Highlight Legal Risks Associated with Product Cybersecurity Vulnerabilities

Last month, plaintiffs in two product cybersecurity class actions were partially successful in surviving motions to dismiss, continuing the recent trend by plaintiffs and regulatory agencies to expand the pool of defendants...more

Federal Trade Commission Holds Medical Laboratory Liable for Allegedly Unfair Data Security Practices

On July 29, the Federal Trade Commission (“FTC” or “Commission”) issued a unanimous Opinion and Final Order reversing the FTC Administrative Law Judge (“ALJ”) Initial Opinion issued November 13, 2015, which had dismissed the...more

District Court Ruling in FTC v. Amazon Carries Implications for Data Security Breach Cases

Since the outset of its controversial foray into the data security space, the Federal Trade Commission (“FTC” or “Commission”) has cited its statutory power to seek injunctive relief as a basis for bringing actions against...more

New York Supreme Court Rules that Merchant Lacks Standing to Sue MasterCard over Data Security Breach Assessments; All Merchants...

On May 5, the Commercial Division of the New York Supreme Court for Westchester County dismissed the complaint in Jetro Holdings, LLC v. MasterCard International, Inc., in which Jetro, a leading food service wholesaler, had...more

Federal Trade Commission Chairwoman Ramirez Testifies Before Congress Regarding 17 FTC Reform Bills Pending in Congress

On May 24, 2016, Federal Trade Commission (“FTC” or the “Commission”) Chairwoman Edith Ramirez delivered testimony before the House Energy and Commerce Committee’s Subcommittee on Commerce, Manufacturing, and Trade in a...more

Supreme Court’s Spokeo Decision Erects Barriers for Privacy and Data Security Plaintiffs

On May 16, 2016, the United States Supreme Court in Spokeo, Inc. v. Robins confirmed that a “concrete” injury is required of all private parties seeking to assert claims in federal court, even those alleging violations of a...more

First Circuit Decision Increases Risks to Businesses Under VPPA

On April 26, 2016, the First Circuit handed down a plaintiff-friendly Video Privacy Protection Act (“VPPA”) decision offering potentially expansive definitions of “subscriber” and “personally identifiable information.” The...more

Key Data Privacy and Security Concerns for Investment Firms

Privacy and data security concerns are among the most critical issues facing investment funds, advisors and managers (collectively, “investment firms”). This article outlines the privacy and data security challenges...more

PCI SSC Releases Version 3.2 of Data Security Standard

On April 28, 2016, the Payment Card Industry Security Standards Council (the “PCI SSC” or “Council”) released a new version of its Data Security Standard (“PCI DSS”), version 3.2. Significantly, the updated standard requires...more

U.S. Supreme Court Affirms Class Certification Based on “Representative Evidence” of Liability and Damages

On March 22, 2016, the Supreme Court of the United States issued a 6-2 opinion in Tyson Foods, Inc. v. Bouaphakeo, affirming the certification of a class based on the “representative evidence” of a statistical sample used to...more

FTC Launches Study of Assessment Process for Payment Card Industry Data Security Standards

On March 7, the FTC announced a study of Payment Card Industry Data Security Standard (“PCI DSS”) assessments – the audits required of certain merchants pursuant to rules imposed by payment card brands such as Visa and...more

Consumer Financial Protection Bureau Brings Its First Data Security Enforcement Action

On March 2, the Consumer Financial Protection Bureau (“CFPB”) issued its first ever consent order in a data security matter. According to the order, Dwolla, Inc. settled allegations that it misrepresented that the company had...more

FTC’s Proposed Settlement with Dental Practice Software Provider Marks Latest Data Security Action Against a Product Supplier

On January 5, the Federal Trade Commission (“FTC”) reached an agreement with Henry Schein Practice Solutions, Inc. (“HSPS”) to settle allegations that HSPS misrepresented that its dental practice software provided...more

The FTC’s Recent Enforcement Action Against Oracle Further Expands the Growing Pool of Potential Data Security Defendants

On December 21, 2015, Oracle Corporation (“Oracle”) reached an agreement with the Federal Trade Commission (“FTC”) to settle charges that it allegedly deceived customers regarding the security provided by updates to its Java...more

Wyndham and FTC Agree to Consent Order Ending Data Security Breach Litigation

On Friday, December 11, 2015, the U.S. District Court for the District of New Jersey entered a consent order between the Federal Trade Commission (“FTC”) and hospitality company Wyndham Hotels and Resorts, LLC (“Wyndham”)...more

State Attorneys General Fire Shot Across the Bow at Major Payment Card Brands Over “Chip and PIN” Technology

For well over a decade, U.S. regulators have been taking enforcement action against merchants and payment processors that, in the regulators’ view, failed to take “reasonable and appropriate” steps to secure payment card...more

ALJ Dismisses FTC Data Security Claims Against LabMD Due to Lack of Actual or Likely Substantial Consumer Harm

On November 13, a Federal Trade Commission administrative law judge dismissed the FTC data security complaint against medical laboratory LabMD, potentially vindicating LabMD’s vigorous two-year struggle to deny the FTC’s...more

11/25/2015  /  ALJ , Data Breach , FTC , LabMD , Section 5

FCC Expands Its Claim of Data Security Authority with Recent Enforcement Action Against Cox Communications

Last week, the Federal Communications Commission (“FCC”) reached a settlement with Cox Communications, Inc. (“Cox”) regarding a 2014 data security breach that allegedly exposed the personal information of at least 54 current...more

Nomi FTC Settlement Highlights Risks of Publicizing Company Privacy Policies

A closely divided Federal Trade Commission (“FTC” or the “Commission”) has signaled support for the agency’s recent focus on mobile device privacy. On April 23, 2015, the five-member Commission voted 3-2 to accept a proposed...more

41 Results
/
View per page
Page: of 2

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.