In This Issue:

- Data-Breach Class Actions After the Supreme Court Decision in Clapper

- California Supreme Court Holds That Song-Beverly Credit Card Act Does Not Apply to Online Purchases

- Massachusetts Privacy Law Prohibits Collection of ZIP Codes in Retail Purchases

- Recent FTC Settlement Highlights Agency’s Views on ‘Privacy by Design’

- Flaming Worms, Stuxnets and Other Cyber Threats — The European Union’s Response

- Excerpt from Data-Breach Class Actions After the Supreme Court Decision in Clapper:

One of the greatest concerns that companies face when they suffer a data breach is the potential for a class action lawsuit by all individuals whose data was effected. Such a case, if successful, could turn a merely troublesome event into one that has significant financial repercussions for the company. However, the Supreme Court’s recent decision in Clapper v. Amnesty International USA suggests that plaintiffs in such a case might not have standing if they have not suffered any actual harm from the data breach.