In the past few years, cybersecurity has taken on increasing importance in the eyes of lawmakers and regulators. Traditionally, cybersecurity compliance that is tied to the protection of personal information generally has...more
Shook Weighs in on Updated CCPA Regulations - In response to extensive public comment, the California Attorney General’s office released modified draft regulations under the CCPA on February 7. Shook has provided initial...more
Earlier this month, Andrew Smith, the FTC’s Director of the Bureau of Consumer Protection, announced that the Commission had made “three major changes” to its data security orders. Citing recent hearings at the FTC, as well...more
Synopsis: On January 6, 2020, Andrew Smith, director of the Federal Trade Commission’s Bureau of Consumer Protection, outlined in a blog post the agency’s new approach to data security orders. The agency implemented this...more
Amidst mounting pressure to pursue cybersecurity more aggressively, the Federal Trade Commission (“FTC”), the federal government’s most active enforcer in the space, has recently imposed increasingly stringent cybersecurity...more
In June 2018, medical laboratory LabMD obtained the first-ever court decision overturning a Federal Trade Commission (FTC) cybersecurity enforcement action. (The team directing that effort – led by Doug Meal and Michelle...more
In LabMD v. FTC, the Eleventh Circuit vacated an order requiring a company to implement a data security program “reasonably designed” to protect information. Following the LabMD decision, the FTC announced a series of public...more
Features - International Updates (Excluding the EU) - India’s Draft Data Protection Bill: Another GDPR Around the Corner? India recently introduced the Personal Data Protection Bill 2018. ...more
Privacy protection is an issue that will always be at the forefront of the legal world. Consumers expect that companies will protect their medical and other private identifying information. While the increase in digital data...more
Editor’s Note: This blog post was originally published last week. Since then, the U.S. Court of Appeals for the District of Columbia has summarily rejected LabMD’s request to reconsider its earlier ruling that two Federal...more
Did LabMD, the now-defunct cancer testing company, expose sensitive patient information with shoddy data security practices as U.S. regulations have charged, or was the company victimized by a private forensics firm extorting...more
Our Privacy & Data Security Group reviews the Eleventh Circuit’s decision narrowing the FTC’s authority to impose broad cybersecurity measures on defendants, but cautions it would be a mistake to interpret the ruling as...more
The U.S. Court of Appeals for the Eleventh Circuit on June 6 issued its long-awaited decision in LabMD v. Federal Trade Commission, vacating a Federal Trade Commission cease and desist order directing LabMD to overhaul its...more
Earlier this month, in a much anticipated decision, the 11th U.S. Circuit Court of Appeals vacated the Federal Trade Commission’s (FTC) cease and desist order against LabMD, Inc. The 11th Circuit concluded that the FTC’s...more
In a significant ruling that calls into question the Federal Trade Commission’s (“FTC”) authority to regulate a private company’s data security program, a federal appellate court of appeals ruled that the agency’s cease and...more
We previously reported that the FBI has warned consumers about a nasty malware, known as VPNFilter and believed to have been launched by a Russian government hacking group, which is infecting hundreds of thousands of small...more
On June 6, the 11th Circuit issued its long-awaited decision on LabMD Inc. v. Federal Trade Commission, vacating as unenforceable the Federal Trade Commission’s (FTC’s) cease and desist order that required LabMD to create and...more
In the matter of LabMD Inc. v. Federal Trade Commission, case number 16-16270, the U.S. Court of Appeals for the Eleventh Circuit ruled against the FTC, finding that the order against LabMD for lax data security measures was...more
A federal judge in New York has dismissed LabMD’s lawsuit against a former United States Attorney – which charged her with ethics violations and engaging in a cover-up over her role in an U.S. Federal Trade Commission data...more
The LabMD data security case is anything but dull. An 8-year (and counting) fight with the U.S. Federal Trade Commission, a U.S. House of Representatives Oversight and Government Reform Committee investigation into...more
On June 21, 2017, the Eleventh Circuit Court of Appeals heard oral argument in LabMD, Inc. v. FTC, Case No. 16-16270, a case that is being carefully watched to see if it will clarify the limits of the Federal Trade...more
According to the Breach Level Index, the total number of data records lost or stolen in just the first half of 2016 was 554,454,942, stemming from 974 breach incidents. In the entire year of 2015, there were 707.5 million...more
Editor’s note: This is the sixth and last in our end-of-year series. See our previous posts on trade secrets, state regulation and law enforcement, HIPAA compliance, emerging threats, and energy. See you in 2017! ...more
In this month's Privacy & Cybersecurity Update, we review an 11th Circuit case involving the longstanding battle between the FTC and medical company LabMD, recent NIST guidelines for securing devices connected to the...more
LabMD—a medical testing lab that, the Federal Trade Commission (“FTC”) alleged, exposed consumer personal information through a peer-to-peer (“P2P”) file-sharing network—is now seeking a stay pending its appeal of the FTC’s...more