Mintz - Privacy & Cybersecurity Viewpoints

Contact
Share
Info
Firm Profile: Mintz
Blog
YouTube
RSS
LinkedIn
X (formerly Twitter)
Facebook
One Financial Center
Boston, MA 02111, United States
Phone: (617) 348-1732
Fax: (617) 542-2241
Areas Of Practice
  • Class Action
  • Communications & Media Law
  • International Law & Trade
  • Litigation
  • Privacy
  • Science, Computers, & Tech
Locations
Other U.S. Locations
  • California
  • D.C.
  • Massachusetts
  • New York
Other Countries
  • United Kingdom
Number of Attorneys
400+ Attorneys
Report Profile »
Publications About Authors Awards

Nancy Adams

Court Holds Crime Policy Covers Business Compromise Email Loss

The “business compromise email” is what the FBI calls the “$5 billion scam,” but apparently an insurance company did not agree with an insured company that they had been the victim of a crime…more

Business E-Mail Compromise (BEC), Computer Fraud Insurance, Corporate Counsel, Crime Insurance Policies, Cyber Crimes

See all updates »

Kevin Ainsworth

Back to School – Avoiding Theft of Data and Money via the “Business Email Compromise” Scam

The FBI warned this summer that the “Business Email Compromise” (“BEC”) scam continues to grow, evolve, and target businesses of all sizes. As reported by the FBI in June, the scam had hit more than 22,000 victims for a combined…more

Business E-Mail Compromise (BEC), Cyber Crimes, Cybersecurity, Data Breach, Data Protection

See all updates »

Michael Arnold

Part Five of the COVID-19 Roadmap Series: Ensuring a Safe Workplace - COVID-19 Screening and Testing

In Part Five of our Roadmap Series, we take a closer look at COVID-19 screening and testing, including best practices and legal implications, as potential tools to maintain a safe workplace. Can We Screen Our Employees for…more

Americans with Disabilities Act (ADA), Coronavirus/COVID-19, Employer Liability Issues, Employer Responsibilities, Equal Employment Opportunity Commission (EEOC)

See all updates »

Danielle Barney

Texas Has Been Busy Ramping up Privacy Protections with New Comprehensive Data Privacy Law and Stricter Data Breach Notification Requirements

Texas has joined the growing list of states enacting comprehensive consumer data privacy laws. On June 18, 2023, Governor Abbott (R) signed H.B.4, otherwise known as the Texas Data Privacy and Security Act (“TDPSA”). The TDPSA…more

Breach Notification Rule, Cybersecurity, Data Privacy, Data Protection, Families First Coronavirus Response Act (FFCRA)

See all updates »

Eoin Beirne

Narrow Ruling for Privacy at SCOTUS in Carpenter

The Supreme Court ruled, at the end of June, that seizing cell-site location information—data that tracks cell phone users’ movements—constitutes a search under the Fourth Amendment. Speaking for a 5-4 majority in Carpenter v…more

Carpenter v US, Cell Phones, Cell Site Location Information (CSLI), Criminal Convictions, Electronic Records

See all updates »

Alden Bianchi

The New HIPAA Omnibus Rule & Your Liability — A Detailed Review

As we have reported in this blog, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently released final regulations containing modifications to the HIPAA Privacy, Security, Enforcement, and…more

Business Associates, Cloud Computing, Covered Entities, Data Breach, Department of Health and Human Services (HHS)

See all updates »

Dianne Bourque

A New Decade of HIPAA – What Can We Expect?

As the decade winds down, it’s hard to believe that the HIPAA Privacy and Security Rules are almost twenty years old. It has been ten years since the U.S. Department of Health and Human Services (HHS) Office for Civil Rights…more

Business Associates, California Consumer Privacy Act (CCPA), Civil Monetary Penalty, Covered Entities, Data Breach

See all updates »

Joshua Briones

TCPA & Consumer Calling - Monthly TCPA Digest - May 2017

We are pleased to present the latest edition of our Monthly TCPA Digest, providing insights and news related to the Telephone Consumer Protection Act (TCPA). This month’s issue features updates on the latest regulatory…more

ATDS, Faxes, FCC, Lack of Authority, Opt-Outs

See all updates »

Elana Lerner Brockmann

Florida Governor Signs Data Privacy Law Focused on Children, Search Engines and Billion Dollar Businesses

Florida has joined the growing list of states enacting comprehensive privacy laws. Governor Ron DeSantis (R) signed the Florida Digital Bill of Rights (“FDBR”) into law on June 6th. How does it compare?..…more

California Consumer Privacy Act (CCPA), Compliance, Corporate Counsel, Data Privacy, FERPA

See all updates »

Anne Bruno

SEC Issues Updated Guidance on Cybersecurity Incident Disclosure Under Item 1.05 of Form 8-K

On June 24, 2024, the SEC issued five new Compliance & Disclosure Interpretations (C&DIs) relating to the materiality assessment and disclosure requirements of material cybersecurity incidents under Item 1.05 of Form 8-K…more

Compliance, Cyber Incident Reporting, Cybersecurity, Disclosure Requirements, Form 8-K

See all updates »

Christopher Buontempo

Rhode Island Enacts Comprehensive Privacy Law

Rhode Island Governor Daniel McKee allowed the Rhode Island Data Transparency and Privacy Protection Act (“RIDTPPA”) to pass on June 25, 2024 when he transmitted the bill back to the legislature without signature, making Rhode…more

COPPA, Data Protection, EPIC, Fair Credit Reporting Act (FCRA), FERPA

See all updates »

Lara Compton

OCR and FTC Issue Joint Statement Warning Health Care Providers and App Developers About Use of Third Party Online Tracking Technologies

Covered entities, business associates, and any entities that collect health information about consumers online should carefully review the latest joint letter from the Office for Civil Rights (OCR) and the Federal Trade…more

Cybersecurity, Data Collection, Data Privacy, Federal Trade Commission (FTC), FTC Act

See all updates »

John Condon

Preparation for 2023 Fiscal Year-End SEC Filings and 2024 Annual Shareholder Meetings

A number of significant regulatory, legal, market, and ESG-related developments and issues will affect how public companies approach the upcoming year-end reporting process. As in past years, Mintz has prepared an in-depth…more

10b5-1 Plans, Artificial Intelligence, Chief Information Security Officer (CISO), Clawbacks, Climate Change

See all updates »

Daniel Connelly

Massachusetts Information Security and Privacy Act Sent to “Study”

It does not look as though Massachusetts will be state number 6 to enact a comprehensive data privacy law – or at least not the one that people have been talking about. The Massachusetts Joint Committee on Health Care Financing…more

Personal Information, Privacy Laws, Private Right of Action, Proposed Legislation, State Data Privacy Laws

See all updates »

Nadia Do Canto

Zoom to Implement New Security Measures in Deal with NY Attorney General

Amidst multiple investigations into the privacy and security practices at Zoom Video Communications (“Zoom”), New York Attorney General Letitia James recently announced a settlement agreement with Zoom after the failings of the…more

Corporate Counsel, Cybersecurity, Data Privacy, Data Security, Department of Education

See all updates »

Kathryn Edgerton

OCR and FTC Issue Joint Statement Warning Health Care Providers and App Developers About Use of Third Party Online Tracking Technologies

Covered entities, business associates, and any entities that collect health information about consumers online should carefully review the latest joint letter from the Office for Civil Rights (OCR) and the Federal Trade…more

Cybersecurity, Data Collection, Data Privacy, Federal Trade Commission (FTC), FTC Act

See all updates »

Christian Fjeld

Hearings on the SolarWinds Hack and Possible Policy Responses

The 117th Congress kicked off its First Session with, among other initiatives, oversight hearings on the SolarWinds cyber hack. On February 23, the Senate Intelligence Committee held a hearing on the high profile, far-reaching…more

Cyber Attacks, Cybersecurity, Data Breach, Data Security, Department of Homeland Security (DHS)

See all updates »

Hope Foster

Part Five of the COVID-19 Roadmap Series: Ensuring a Safe Workplace - COVID-19 Screening and Testing

In Part Five of our Roadmap Series, we take a closer look at COVID-19 screening and testing, including best practices and legal implications, as potential tools to maintain a safe workplace. Can We Screen Our Employees for…more

Americans with Disabilities Act (ADA), Coronavirus/COVID-19, Employer Liability Issues, Employer Responsibilities, Equal Employment Opportunity Commission (EEOC)

See all updates »

Susan Foster, Ph.D.

New EU-US Data Privacy Framework

The European Commission has published its long-awaited draft of the new EU-US Data Privacy Framework, available here. The Data Privacy Framework will replace the Privacy Shield decision that was invalidated in July 2020 by the…more

Biden Administration, Compliance, Data Privacy, EU-US Privacy Shield, European Commission

See all updates »

Russell Fox

TCPA & Consumer Calling - Monthly TCPA Digest - May 2017

We are pleased to present the latest edition of our Monthly TCPA Digest, providing insights and news related to the Telephone Consumer Protection Act (TCPA). This month’s issue features updates on the latest regulatory…more

ATDS, Faxes, FCC, Lack of Authority, Opt-Outs

See all updates »

Jonathan Garvin

FCC Partners With States to Increase on Privacy and Data Protection Investigations, Signaling Increased Focus on Future Enforcement

The Federal Communications Commission (“FCC”) announced Thursday that in furtherance of the work of the agency’s Privacy and Data Protection Task Force, the FCC’s Enforcement Bureau signed Memoranda of Understanding (“MOU”) with…more

Broadband Internet Access Services (BIAS), Communications Act of 1934, Customer Proprietary Network Information (CPNI), Cybersecurity, Data Breach

See all updates »

Megan Gates

SEC Proposes New Cybersecurity Rules for Public Companies

Following closely on its proposal for substantial new cybersecurity requirements for investment advisers and registered investment companies, the Securities and Exchange Commission (SEC) unveiled a new slate of proposed…more

Corporate Governance, Cyber Incident Reporting, Cybersecurity, Disclosure Requirements, Investment Adviser

See all updates »

Michael Goldberg

“Commercial Surveillance” Questions Take Center Stage at the Federal Trade Commission

In the spring of 2018 and in the wake of the Facebook-Cambridge Analytica data scandal, tech CEOs Tim Cook of Apple and Mark Zuckerberg of Meta (fka “Facebook”) initiated a contentious and public debate over the ethics of…more

Advanced Notice of Proposed Rulemaking (ANPRM), Data Collection, Data Privacy, Facebook, Federal Trade Commission (FTC)

See all updates »

Michael Graif

New York Attorney General: Data Breaches Will Cost You

As the rate of international cyberattacks increases, it is essential that corporations that collect and store their customers’ personal data keep it safe from breaches. But even large corporations can be slow to act in order to…more

Cyber Attacks, Data Breach, New York, Passwords, Personal Data

See all updates »

Christopher Harvie

Action Items on Technology and Communication Policies in front of the Senate Commerce Committee

With the Senate set to flip to Democratic control in the 117th Congress, albeit by a razor thin margin, the policy priorities for the upper chamber are likely to significantly change. In so doing, the various Senate committees…more

Biden Administration, Communications Decency Act, Cybersecurity, Department of Justice (DOJ), FCC

See all updates »

Jane Haviland

Supreme Court Declines to Address Circuit Split on Data Breach Standing Issue

A circuit split on whether actual misuse of personal data is required to have standing to assert data breach claims remains unresolved. Last week the Supreme Court rejected a petition to review that issue in CareFirst v. Attias…more

Article III, Cybersecurity, Data Breach, Hackers, Identity Theft

See all updates »

Alexander Hecht

August Cybersecurity Update: Congress Finishes Up NDAA and Continues Work on Cybersecurity Bills

As August recess gets underway for the House and the Senate, ML Strategies has prepared a summary of the status of this summer’s key cybersecurity issues. ML Strategies will continue to track these and other cybersecurity…more

Cybersecurity, Department of Defense (DOD), Department of Energy (DOE), Department of Homeland Security (DHS), Federal Contractors

See all updates »

Kevin Hiraki

California Privacy Protection Agency Unanimously Opposes the American Data Privacy and Protection Act

The new California privacy regulatory body, the California Privacy Protection Agency (CPPA), has loudly voiced its opposition to the proposed federal American Data Privacy and Protection Act (ADPPA). The bottom line for the…more

California, California Consumer Privacy Act (CCPA), California Privacy Rights Act (CPRA), Data Privacy, Data Protection

See all updates »

Page Hubben

Preparation for 2023 Fiscal Year-End SEC Filings and 2024 Annual Shareholder Meetings

A number of significant regulatory, legal, market, and ESG-related developments and issues will affect how public companies approach the upcoming year-end reporting process. As in past years, Mintz has prepared an in-depth…more

10b5-1 Plans, Artificial Intelligence, Chief Information Security Officer (CISO), Clawbacks, Climate Change

See all updates »

Jacob Hupart

Preparation for 2023 Fiscal Year-End SEC Filings and 2024 Annual Shareholder Meetings

A number of significant regulatory, legal, market, and ESG-related developments and issues will affect how public companies approach the upcoming year-end reporting process. As in past years, Mintz has prepared an in-depth…more

10b5-1 Plans, Artificial Intelligence, Chief Information Security Officer (CISO), Clawbacks, Climate Change

See all updates »

Angie Isaza-Loaiza

May Madness: Montana’s New Consumer Data Privacy Law Follows the Leaders ... and we’re not talking about California!

Our May Madness series is getting you caught up on comprehensive privacy legislation passing state legislatures across the nation.  In April, governors signed legislation in Tennessee and Indiana, and this month ahead of their…more

Consumer Privacy Rights, Corporate Counsel, Cybersecurity, Data Privacy, Data Protection

See all updates »

Ellen Janos

A New Decade of HIPAA – What Can We Expect?

As the decade winds down, it’s hard to believe that the HIPAA Privacy and Security Rules are almost twenty years old. It has been ten years since the U.S. Department of Health and Human Services (HHS) Office for Civil Rights…more

Business Associates, California Consumer Privacy Act (CCPA), Civil Monetary Penalty, Covered Entities, Data Breach

See all updates »

Ilse Johnson

2023 Round-Up on State Consumer Data Privacy Laws

Looking back sometimes means looking forward. That is absolutely the case for new comprehensive data privacy statutes enacted in a number of U.S. states during 2023, including Indiana, Tennessee, Montana, Florida, Texas and…more

Consumer Privacy Rights, Corporate Counsel, Data Privacy, Enforcement, Opt-Outs

See all updates »

Stefan Jovic

SEC Adopts Final Cybersecurity Rules for Public Companies

In a narrow 3-2 decision on July 26, the SEC adopted its final rule concerning cybersecurity risk management, strategy, governance, and incident disclosure (the “Final Rule”).  Below we highlight some of the principal changes to…more

Compliance, Cybersecurity, Disclosure Requirements, Final Rules, Form 8-K

See all updates »

Daniel Kajunski

SEC Issues Updated Guidance on Cybersecurity Incident Disclosure Under Item 1.05 of Form 8-K

On June 24, 2024, the SEC issued five new Compliance & Disclosure Interpretations (C&DIs) relating to the materiality assessment and disclosure requirements of material cybersecurity incidents under Item 1.05 of Form 8-K…more

Compliance, Cyber Incident Reporting, Cybersecurity, Disclosure Requirements, Form 8-K

See all updates »

Narges Kakalia

Microsoft Loses Round in Fight Over Email Held in Irish Data Center

Rarely do Microsoft, AT&T, Verizon, Apple, Cisco and the ACLU all agree on a particular subject; rarer still that such an unlikely coalition fails…more

Data Centers, Electronically Stored Information, Email, Microsoft, Popular

See all updates »

Hannah Karraker

SEC Adopts Amendments Requiring Electronic Filing of Forms 144

On June 2, 2022, the U.S. Securities and Exchange Commission (the “SEC”) announced the adoption of its 2021 proposed amendments regarding the mode of filing certain forms and documents. Historically, SEC rules permitted or…more

EDGAR, Electronic Filing, New Amendments, Securities, Securities and Exchange Commission (SEC)

See all updates »

Michael Katz

2023 Round-Up on State Consumer Data Privacy Laws

Looking back sometimes means looking forward. That is absolutely the case for new comprehensive data privacy statutes enacted in a number of U.S. states during 2023, including Indiana, Tennessee, Montana, Florida, Texas and…more

Consumer Privacy Rights, Corporate Counsel, Data Privacy, Enforcement, Opt-Outs

See all updates »

Adam Korn

An Overview of Why Class Action Privacy Lawsuits May Have Just Gotten Bigger – Yet Again.

The Illinois Biometric Information Privacy Act (BIPA), enacted in 2008, was one of the first state laws to address commercial collection of biometric data. Biometric data includes an iris scan, a fingerprint, a voiceprint, or a…more

Biometric Information, Biometric Information Privacy Act, California Consumer Privacy Act (CCPA), California Privacy Rights Act (CPRA), Class Action

See all updates »

John Koss

Will the GDPR Ease Cross-Border Data Transfers for Purposes of E-Discovery?

As the clock ticks down to May 25, 2018, when the European Union’s General Data Protection Regulation (“GDPR”) becomes fully enforceable throughout the EU, the Internet and airwaves have become saturated with guidance for…more

Corporate Counsel, Discovery, e-Discovery Professionals, Electronically Stored Information, EU

See all updates »

Angela Kung

FCC Proposes Changes to its Reporting Requirements for Customer Data Breaches

On December 28, 2022, the Federal Communications Commission (“FCC”) adopted a Notice of Proposed Rulemaking (“NPRM”) seeking to modernize and strengthen its rules to better protect consumers from the harm caused by breaches of…more

Customer Proprietary Network Information (CPNI), Cybersecurity, Data Breach, FCC, Internet Service Providers (ISPs)

See all updates »

Trust Kupupika

Illinois Supreme Court’s Latest BIPA Ruling Increases Risk and Uncertainty as to the Scope of Damages Available Under the Statute

Since its adoption in 2008, the Illinois Biometric Information Privacy Act, (“BIPA”), 740 ILCS 14/1, et seq., has imposed severe penalties—$1,000 per negligent violation and $5,000 per intentional or reckless violation—for…more

Biometric Information, Biometric Information Privacy Act, Data Collection, Facial Recognition Technology, Fingerprints

See all updates »

Sarah Beth S. Kuyers

Health Care Data Breaches Are Increasing Both in Number and Cost

It feels like we’ve been seeing a lot more health care breaches caused by hackers and other IT security incidents, and there’s a good reason why: a recent report by cloud security company Bitglass confirms that both the number…more

Cybersecurity, Data Breach, Department of Health and Human Services (HHS), Enforcement Actions, Health Care Providers

See all updates »

Brian Lam

Beware Dark Patterns – What are They and What Should Your Business Do About Them?

While the term “dark patterns” is not new, it has recently been getting a more attention, not least because the newly passed California Privacy Rights Act (“CPRA”) will regulate dark patterns. In this article, we will focus on…more

California Privacy Rights Act (CPRA), Consumer Privacy Rights, Cybersecurity, Data Privacy, Data Protection

See all updates »

Cynthia Larose

SEC Issues New Statement on Cybersecurity Incident Disclosure

Last week, Erik Gerding, Director of the SEC’s Division of Corporation Finance (the Division), issued a statement providing clarification regarding the disclosure of cybersecurity incidents by reporting companies. This follows…more

Corporate Counsel, Cyber Incident Reporting, Cybersecurity, Disclosure Requirements, Foreign Private Issuers

See all updates »

Meredith Leary

On the Second Day of Privacy, Plaintiffs’ Counsel Gave to Me . . .

. . . still more privacy litigation. In 2015, we are likely to see further development of the law in data breach class actions, continuing growth in statutory privacy claims, and increased risk of privacy-related claims arising…more

Data Breach, Data Protection, Popular, Right to Privacy, TCPA

See all updates »

Breton Leone-Quick

Preparation for 2023 Fiscal Year-End SEC Filings and 2024 Annual Shareholder Meetings

A number of significant regulatory, legal, market, and ESG-related developments and issues will affect how public companies approach the upcoming year-end reporting process. As in past years, Mintz has prepared an in-depth…more

10b5-1 Plans, Artificial Intelligence, Chief Information Security Officer (CISO), Clawbacks, Climate Change

See all updates »

Matthew Levitt

Massachusetts High Court Permits Compelled Decryption of Seized Digital Evidence

Today, in Commonwealth v. Gelfgatt, No. SJC-11358 (Mass. June 25, 2014), a divided Massachusetts Supreme Judicial Court held that under certain circumstances, a court may compel a criminal defendant to provide the password to…more

Criminal Prosecution, Electronic Records, Encryption, Evidence, Fifth Amendment

See all updates »

Melanie Ruthrauff Levy

Preparation for 2023 Fiscal Year-End SEC Filings and 2024 Annual Shareholder Meetings

A number of significant regulatory, legal, market, and ESG-related developments and issues will affect how public companies approach the upcoming year-end reporting process. As in past years, Mintz has prepared an in-depth…more

10b5-1 Plans, Artificial Intelligence, Chief Information Security Officer (CISO), Clawbacks, Climate Change

See all updates »

Karen Lovitch

Part Five of the COVID-19 Roadmap Series: Ensuring a Safe Workplace - COVID-19 Screening and Testing

In Part Five of our Roadmap Series, we take a closer look at COVID-19 screening and testing, including best practices and legal implications, as potential tools to maintain a safe workplace. Can We Screen Our Employees for…more

Americans with Disabilities Act (ADA), Coronavirus/COVID-19, Employer Liability Issues, Employer Responsibilities, Equal Employment Opportunity Commission (EEOC)

See all updates »

Bertie Magit

Further Updates to the CPPA Proposed Regulations: Risk Assessments and Automated Decisionmaking Technology

After years of internal discussion, the Board of the California Privacy Protection Agency (CPPA), at their March 8th meeting, voted to progress toward formalizing the proposed regulations on risk assessments and automated…more

Artificial Intelligence, Automated Decision Systems (ADS), Bias, California Privacy Protection Agency (CPPA), Corporate Counsel

See all updates »

Patrick McDonough

D.C. Circuit Holds Cyber-Theft of Customers’ Medical Identifying Information Created Sufficient Increased Risk of Harm to Establish Standing

Earlier this month, an appellate panel of the federal DC Circuit unanimously held that individuals affected by a healthcare insurer’s data breach in 2014 could pursue claims against the insurer stemming from the cyberattack. In…more

Appeals, Cyber Crimes, Data Breach, Data Theft, Electronic Medical Records

See all updates »

Kevin McGinty

Illinois Supreme Court’s Latest BIPA Ruling Increases Risk and Uncertainty as to the Scope of Damages Available Under the Statute

Since its adoption in 2008, the Illinois Biometric Information Privacy Act, (“BIPA”), 740 ILCS 14/1, et seq., has imposed severe penalties—$1,000 per negligent violation and $5,000 per intentional or reckless violation—for…more

Biometric Information, Biometric Information Privacy Act, Data Collection, Facial Recognition Technology, Fingerprints

See all updates »

Pete Michaels

FINRA Again Reminds Firms to Beware of Fraud during COVID-19 Pandemic

As we previously discussed, FINRA issued guidance to member firms and their associated persons in April 2020 to remain “vigilant in their surveillance against cyber threats and take steps to reduce the risk of cyber events.” On…more

Business E-Mail Compromise (BEC), Coronavirus/COVID-19, Cybersecurity, Financial Industry Regulatory Authority (FINRA), Fraud Alerts

See all updates »

Esteban Morales

TCPA & Consumer Calling - Monthly TCPA Digest - May 2017

We are pleased to present the latest edition of our Monthly TCPA Digest, providing insights and news related to the Telephone Consumer Protection Act (TCPA). This month’s issue features updates on the latest regulatory…more

ATDS, Faxes, FCC, Lack of Authority, Opt-Outs

See all updates »

Evan Nadel

Seventh Circuit Declines to Review Class Certification Order in Enormous Computer Privacy Class Action

In its recent decision in Harris v. comScore, Inc., the Seventh Circuit declined to review a trial court order certifying a plaintiff class consisting of hundreds of thousands of computer owners who downloaded software that…more

Class Action, Class Certification, Clickwrap Agreements, Computer Fraud and Abuse Act (CFAA), Data Collection

See all updates »

Sebastian Navarro

An Overview of Why Class Action Privacy Lawsuits May Have Just Gotten Bigger – Yet Again.

The Illinois Biometric Information Privacy Act (BIPA), enacted in 2008, was one of the first state laws to address commercial collection of biometric data. Biometric data includes an iris scan, a fingerprint, a voiceprint, or a…more

Biometric Information, Biometric Information Privacy Act, California Consumer Privacy Act (CCPA), California Privacy Rights Act (CPRA), Class Action

See all updates »

Matthew Novian

CCPA Breach Class Action Settlement About to Get “Minted”

Although the California Consumer Protection Act (“CCPA”) went into effect on January 1, 2020 and over 100 class actions referencing the CCPA have been filed to date, very few class actions have actually made their way to court…more

California Consumer Privacy Act (CCPA), Class Action, Class Action Settlement, Corporate Counsel, Cybersecurity

See all updates »

Zane Polston

“When You Promise Security, You Need to Deliver Security”

If your company is marketing any smart device, particularly if the device is involved with home security and collects personal information from users, it’s time to pay attention to the story of Tapplock. Tapplock, Inc…more

Cybersecurity, Data Security, Federal Trade Commission (FTC), Internet of Things, Unfair or Deceptive Trade Practices

See all updates »

Natalie Prescott

Facebook to Pay $90 Million to Settle Data Privacy Lawsuit

Facebook’s parent company Meta has agreed to settle one of the longest-running data privacy lawsuits in the country for $90 million. This dispute, originally filed in 2012 in a total of 21 related cases, alleged that Facebook…more

Appeals, Class Action, Data Privacy, Facebook, Federal Trade Commission (FTC)

See all updates »

Nicole Rivers

Part Five of the COVID-19 Roadmap Series: Ensuring a Safe Workplace - COVID-19 Screening and Testing

In Part Five of our Roadmap Series, we take a closer look at COVID-19 screening and testing, including best practices and legal implications, as potential tools to maintain a safe workplace. Can We Screen Our Employees for…more

Americans with Disabilities Act (ADA), Coronavirus/COVID-19, Employer Liability Issues, Employer Responsibilities, Equal Employment Opportunity Commission (EEOC)

See all updates »

Todd Rosenbaum

An Overview of Why Class Action Privacy Lawsuits May Have Just Gotten Bigger – Yet Again.

The Illinois Biometric Information Privacy Act (BIPA), enacted in 2008, was one of the first state laws to address commercial collection of biometric data. Biometric data includes an iris scan, a fingerprint, a voiceprint, or a…more

Biometric Information, Biometric Information Privacy Act, California Consumer Privacy Act (CCPA), California Privacy Rights Act (CPRA), Class Action

See all updates »

Joel Rothman

SEC Cybersecurity Initiative: Five Steps ALL Broker-Dealers and Investment Advisers Should be Taking

Last week, the U.S. Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (OCIE) released a Risk Alert announcing its Cybersecurity Initiative…more

Broker-Dealer, Cyber Attacks, Cyber Insurance, Cybersecurity, Cybersecurity Framework

See all updates »

Jennifer Rubin

The California Consumer Privacy Act – A Brief Guide for Covered Employers

The California Consumer Privacy Act becomes effective on January 1, 2020 with an amendment that impacts California employers. Covered businesses should, of course, already be in the process of preparing CCPA privacy notices and…more

California Consumer Privacy Act (CCPA), Consumer Privacy Rights, Cybersecurity, Data Collection, Data Protection

See all updates »

Elana Safner

Tracking Kids Through Your App? Think Again.

Klepto Cats and Dogs have been “stealing” children’s personal information without parental consent and using it for targeted advertising. Bad dog! Well, almost. HyperBeard, Inc., a developer of apps popular with children under…more

Advertising, COPPA, Corporate Counsel, Cybersecurity, Data Collection

See all updates »

Ellen Shapiro

Preparation for 2023 Fiscal Year-End SEC Filings and 2024 Annual Shareholder Meetings

A number of significant regulatory, legal, market, and ESG-related developments and issues will affect how public companies approach the upcoming year-end reporting process. As in past years, Mintz has prepared an in-depth…more

10b5-1 Plans, Artificial Intelligence, Chief Information Security Officer (CISO), Clawbacks, Climate Change

See all updates »

Laura Stefani

Trump Administration Botnet Report Will Impact IoT Device Makers – Things You Should Know

Manufacturers of wireless devices used for Internet of Things (IoT) applications should take heed of new Trump Administration proposals aimed at reducing the cybersecurity threats from botnets and other automated and distributed…more

Automation Systems, Bots, Critical Infrastructure Sectors, Cybersecurity, Data Security

See all updates »

Kate Stewart

OCR and FTC Issue Joint Statement Warning Health Care Providers and App Developers About Use of Third Party Online Tracking Technologies

Covered entities, business associates, and any entities that collect health information about consumers online should carefully review the latest joint letter from the Office for Civil Rights (OCR) and the Federal Trade…more

Cybersecurity, Data Collection, Data Privacy, Federal Trade Commission (FTC), FTC Act

See all updates »

Raven Sun

SEC Issues New Statement on Cybersecurity Incident Disclosure

Last week, Erik Gerding, Director of the SEC’s Division of Corporation Finance (the Division), issued a statement providing clarification regarding the disclosure of cybersecurity incidents by reporting companies. This follows…more

Corporate Counsel, Cyber Incident Reporting, Cybersecurity, Disclosure Requirements, Foreign Private Issuers

See all updates »

Jon Taylor

Maryland Enacts Sweeping Privacy Reform

The push by U.S. states to pass data privacy laws continues with Maryland being the 18th state to join their ranks. However, Maryland has taken a more stringent and comprehensive approach than many of its peers: Governor Wes…more

Commodity Exchange Act (CEA), Consumer Privacy Rights, COPPA, Data Protection, Fines

See all updates »

David Ward

FINRA Again Reminds Firms to Beware of Fraud during COVID-19 Pandemic

As we previously discussed, FINRA issued guidance to member firms and their associated persons in April 2020 to remain “vigilant in their surveillance against cyber threats and take steps to reduce the risk of cyber events.” On…more

Business E-Mail Compromise (BEC), Coronavirus/COVID-19, Cybersecurity, Financial Industry Regulatory Authority (FINRA), Fraud Alerts

See all updates »

Kevin Yao

SEC Issues Updated Guidance on Cybersecurity Incident Disclosure Under Item 1.05 of Form 8-K

On June 24, 2024, the SEC issued five new Compliance & Disclosure Interpretations (C&DIs) relating to the materiality assessment and disclosure requirements of material cybersecurity incidents under Item 1.05 of Form 8-K…more

Compliance, Cyber Incident Reporting, Cybersecurity, Disclosure Requirements, Form 8-K

See all updates »
This profile may constitute attorney advertising. Prior results do not guarantee a similar outcome. Any correspondence with this profile holder does not constitute a client/attorney relationship. Neither the content on this profile nor transmissions between you and the profile holder through this profile are intended to provide legal or other advice or to create an attorney-client relationship.

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide