Latest Posts › Cybersecurity

Share:

PA Supreme Court: Businesses Have Duty to Safeguard Sensitive Employee Information

The Pennsylvania Supreme Court has drastically changed the data breach litigation landscape by holding that an employer has a common law duty to use reasonable care to safeguard its employees' personal information stored on...more

Mandatory Data Breach Notification in Canada: Understanding Your New Obligations

On April 18, 2018, the Government of Canada published the final regulations relating to mandatory reporting of privacy breaches under Canada’s Personal Information Protection and Electronic Documents Act (“PIPEDA”). ...more

Update on California’s Consumer Privacy Act of 2018

As discussed in our prior post, the California Consumer Privacy Act of 2018 (the “Act”) is expected to be modified by the California legislature prior to its January 1, 2020, enforcement deadline. ...more

What Does “Reasonable” Data Security Mean, Exactly?

One of the most bedeviling aspects of data privacy and security law concerns the concept of “reasonable” data security, which has become the default statutory and common law standard.  The FTC began articulating a...more

GDPR is Now Effective – How Will Regulators Enforce It?

Today the EU General Data Protection Regulation (GDPR) goes into effect, ending the data protection landscape as we know it. This comprehensive privacy law applies directly to the 28 EU countries and companies established in...more

Newly Released Cybersecurity Survey: Corporate Counsel Support Uniform Federal Security and Breach Notification Law

More than two-thirds of U.S. corporate lawyers surveyed favor a federal law setting uniform data security and breach notification requirements across the country, according to results released today by the Association of...more

Fiat Chrysler Car Hacking Case Put In Neutral

Plaintiff lawyers’ continued search for damage theories to assert in claims arising from a data breach – or fear of a breach – received a potential setback this week when Chief Judge Michael Reagan of the United States...more

Alabama Becomes 50th State to Enact Data Breach Notification Law

Alabama has officially joined the data breach notification party. Alabama Governor Kay Ivey signed Act No. 2018-396 into law on March 28, 2018. ...more

Supreme Court Denies Cert Petition in CareFirst v. Attias

Earlier this week, the Supreme Court of the United States denied certiorari in CareFirst v. Attias, a closely watched case that some thought provided the Court with an opportunity to clarify the standing analysis under Spokeo...more

AV START Act Addresses Privacy and Cybersecurity Issues Associated With the Development of Highly Automated Vehicles

In proposed amendments earlier this week to the current draft of the "AV START Act," the Senate addressed important cybersecurity, data access, and privacy concerns associated with the development of highly automated vehicles...more

Worldwide Group of Data Privacy Regulators Issues Guidance on Connected-Car Technologies

A global group of data privacy regulators has, for the first time, set forth data privacy and security guidance on the development of automated and connected-car technologies. ...more

Delaware Amends Data Breach Statute

Delaware has joined the growing list of states that have recently amended their data breach laws. With passage of the first significant amendments to its data breach law since 2005, Delaware continues a state-law trend of...more

D.C. Circuit Reverses Data Breach Class Action Dismissal on Standing Grounds

The U.S. Court of Appeals for the D.C. Circuit has reinstated a data breach class action filed against CareFirst BlueCross BlueShield (CareFirst). The lawsuit stems from a June 2014 data breach in which hackers infiltrated 22...more

NYDFS Updates FAQs to Clarify Cybersecurity Regulations

The New York Department of Financial Services (NYDFS) recently updated frequently asked questions (FAQs) about its cybersecurity regulations, 23 NYCRR 500, to address four new issues. NYDFS published its initial set of FAQs...more

Ponemon Institute Study on Costs of Data Breaches Highlights Improvement and New Risks for U.S. and Global Companies

The average cost of a data breach, on both an aggregate and a per-record basis, has decreased slightly according to the Ponemon Institute's 2017 Cost of Data Breach Study: Global Overview. In addition to presenting recent...more

Autonomous Cars One Step Closer to Reality in Colorado

This month, Colorado joined a growing list of nearly half of U.S. states when it enacted a law approving the use of autonomous driving systems. The Colorado law governs systems capable of controlling highly and fully...more

Colorado Division of Securities Publishes Final Cybersecurity Rules

The Colorado Division of Securities (Division) has published final cybersecurity rules applicable to broker-dealers and investment advisers. The Colorado Attorney General's office has 20 days to write an opinion on the rules,...more

Is Your Organization Ready for a Systemwide Ransomware Attack?

Ransomware attacks just went big time. In a period of mere hours late last week, a global ransomware attack infected more than 200,000 computers and affected more than 100,000 organizations in over 150 countries. To put this...more

Eighth Circuit Remands Proposed Settlement in Target Data Breach Class Action

The Eighth Circuit Court of Appeals has remanded a $10 million settlement in the Target data breach class action on the grounds that the district court had not rigorously analyzed the propriety of the class...more

Affair Website Ashley Madison Fined $8.75 Million Over Data Breach, Misrepresentations

The Federal Trade Commission (FTC) has entered into a multimillion dollar settlement with the owners and operators of AshleyMadison.com, a dating website for people interested in having discreet affairs, related to the...more

DOT Issues Proposed Cybersecurity Guidance to Automotive Industry

Vehicle-related cyber incidents could have devastating and deadly effects, particularly as cars and trucks become more highly automated and rely more heavily on wireless technologies. To combat this threat, the U.S....more

European Court Of Justice Rules That Dynamic IP Addresses Can Be Personal Data

In a ruling with significant potential impact, the Court of Justice of the European Union (CJEU) has ruled that a dynamic internet protocol (IP) address may constitute "personal data" under EU Data Protection Directive...more

Federal Banking Agencies Propose New Requirements for Managing Cyber Risk

Three federal banking agencies have announced plans to develop new rules that would establish cyber risk management and resiliency standards for large interconnected entities under the agencies' supervision, as well as those...more

Plaintiffs Cannot Bring Data Breach Lawsuits Without Evidence That Information Will Be Used To Harm

The latest development in how American courts will handle the standing question for data breach class actions came last week when the U.S. District Court for the District of Columbia dismissed for lack of standing a putative...more

117 Results
 / 
View per page
Page: of 5

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide