News & Analysis as of

Liability Data Breach

Bennett Jones LLP

Legal Uncertainty for Database Defendants? Appeal Courts Assess Privacy Causes of Action With Varying Outcomes

Bennett Jones LLP on

The past year has introduced some uncertainty for institutional defendants facing privacy breach class actions in Canada. While Ontario’s Court of Appeal has been consistent in its approach to class actions against “database...more

A&O Shearman

Insuring data breach liabilities – how different policies can stack up and the problem of late notification

A&O Shearman on

An English Court has recently decided that three insurance policies covering the same loss – data breach settlements arising from an incorrectly addressed email – provided a combined, cumulative limit of indemnity. While the...more

Bennett Jones LLP

Data Spring Cleaning: Minimize Your Liability

Bennett Jones LLP on

When we are retained by clients to guide them through a cyber-attack in which information has been stolen by a threat actor, we almost always find that the client has unnecessarily stored sensitive information far beyond the...more

Integreon

Cybersecurity, Wire Fraud, and Attorney Liability: The Growing Risk Landscape

Integreon on

Wire transfer fraud is on the rise, and attorneys are increasingly becoming prime targets for cybercriminals. With billions lost annually to fraudulent transactions, legal professionals who fail to implement robust...more

DLA Piper

Germany: Monitoring and Auditing Obligations of Controllers with Respect to Their Processors

DLA Piper on

In a decision on immaterial damages under Article 82 of the EU General Data Protection Regulation (GDPR), the Higher Regional Court of Dresden, Germany (case number 4 U 940/24), set out important monitoring and auditing...more

Warner Norcross + Judd

Emphasizing Robust Contracts with Cloud Providers Amid Recent Alleged Breach at Oracle

Warner Norcross + Judd on

Recent reports concerning a potential security incident involving Oracle Cloud services provide a warning for many companies who allow third parties to access or store sensitive company data. A threat actor claims to have...more

Carlton Fields

Square Peg, Round Hole: 6th Circuit Affirms Finding That Cyber Claims Are Not Covered by CGL Policies

Carlton Fields on

In Home Depot Inc. v. Steadfast Insurance Co., Home Depot learned the hard way a rule every DIY enthusiast knows: measure twice, cut once. It appears Home Depot’s measurements were off when it sized up its insurance needs,...more

Rivkin Radler LLP

February 2025 Insurance Update

Rivkin Radler LLP on

The 2014 Home Depot data breach was one of the more notorious cyberattacks. A decade later, litigation over that incident continues. The Sixth Circuit recently decided whether an electronic data exclusion cleared insurers...more

Alston & Bird

FTC and State AGs Settle with Marriott over Starwood Data Breaches

Alston & Bird on

Our Consumer Protection/FTC and Privacy, Cyber & Data Strategy teams unpack Starwood Hotels’ and Marriott International’s settlements with the Federal Trade Commission and Marriott’s settlement with state attorneys general...more

A&O Shearman

Chief Information Security Officers and cyber whistleblowing: considerations for PE firms

A&O Shearman on

Managing these risks at a single company should be straightforward.  Executives and CISOs may be personally held accountable for cyber failings, negligence, breaches, and inadequate disclosure around cyber vulnerabilities and...more

Mitchell, Williams, Selig, Gates & Woodyard,...

Emerging Theories of Liability in the Internet of Things Era

The Internet of Things (“IoT”) has ushered in a new era of connectivity and convenience, but with it comes a host of legal issues and emerging theories of liability. As IoT devices become increasingly ubiquitous in our daily...more

Mayer Brown

EU Cyber Legislation Puts Emphasis on Board Responsibility

Mayer Brown on

What is a Management Body? Under both DORA and NIS2, a management body can be a body with managerial and/or supervisory functions. The powers and structure of management bodies vary within the EU Member State, and managerial...more

Robinson+Cole Data Privacy + Security Insider

The Risks of Excessive Data Retention and Tips for Information Security

In today’s digital age, our every action generates a trail of data. From online searches to credit card details, this data is collected by companies to enhance their services. However, the question arises – how long should...more

BakerHostetler

DSIR Deeper Dive: Data Processing Addendums: Indemnities, Limitations of Liability and the Cost of a Data Breach

BakerHostetler on

When negotiating technology or data services contracts, businesses of all sizes and industries are now spending more time and attention on privacy controls. The increasing prevalence of comprehensive U.S. state privacy laws...more

Skadden, Arps, Slate, Meagher & Flom LLP

Privacy & Cybersecurity - June 2023

In our June Privacy & Cybersecurity Update, we review new data privacy laws in Colorado, Connecticut, Florida and Montana; Verizon’s annual Data Breach Investigations Report; AM Best’s report on cyber insurance trends; and...more

Paul Hastings LLP

Delaware Supreme Court Sides with SolarWinds in Shareholder Suit Related to 2020 Cyber Attack

Paul Hastings LLP on

On May 17, 2023, the Delaware Supreme Court upheld a September 2022 decision dismissing a shareholder suit against SolarWinds Corporation. In 2021, shareholders sued SolarWinds (“the Company”) for a 2020 cybersecurity...more

Snell & Wilmer

Federal Trade Commission Finalizes Order Holding Drizly, LLC and Its CEO Accountable for Data Security Failures

Snell & Wilmer on

On January 9, 2023, the Federal Trade Commission (“FTC”) finalized an order with Drizly, LLC, an online marketplace for alcohol delivery services, and its Chief Executive Officer (“CEO”), James Cory Rellas over alleged...more

Stikeman Elliott LLP

Intrusion Upon Seclusion Claims In Privacy Breach Class Actions? Court of Appeal Trilogy Offers Guidance

Stikeman Elliott LLP on

In a trilogy of rulings released on November 25, 2022, the Ontario Court of Appeal (“Court”) has ruled that the tort of intrusion upon seclusion cannot extend to companies that collect and store personal information and fall...more

Stikeman Elliott LLP

Ontario Court of Appeal Removes Confusion: Negligent Security not an “Intrusion Upon Seclusion”

Stikeman Elliott LLP on

The Ontario Court of Appeal recently ruled that an organization that fails to take adequate steps to safeguard personal information in its possession cannot be held liable under the tort of intrusion upon seclusion when that...more

Polsinelli

FTC Announces Decision “with a 100% chance of far-reaching” Impact for Data Breaches

Polsinelli on

On Monday the Federal Trade Commission issued a press release stating it is settling a case against Drizly and its CEO for a data breach that exposed the information of 2.5 million consumers in July 2020. The proposed...more

Pietragallo Gordon Alfano Bosick & Raspanti,...

What Constitutes a Misleading Statement in a Company’s Response to a Data Breach?

Takeaway: To ensure investor safety and emphasize a commitment to user privacy, corporate executives and similarly-situated high ranking officers must not provide any statements or omissions that affirmatively create a...more

Wyrick Robbins Yates & Ponton LLP

Buyers Beware: the FTC’s Case Against CafePress Highlights Privacy and Data Security Risks in Corporate Transactions

Last week the Federal Trade Commission announced a privacy and data security enforcement action against the online retail platform CafePress. The allegations in the FTC’s complaint read like a list of worst practices,...more

Wiley Rein LLP

4 Important Class Cert. Issues From 2 Data Breach Cases

Wiley Rein LLP on

Data breach lawsuits are challenging cases for plaintiffs. Assuming they are able to survive a motion to dismiss on grounds of Article III standing in the first instance, plaintiffs next bear the high burden of achieving...more

Lowndes

Data Breach! Miranda Himself May Be Dead, But the Wisdom of the Case that Bears His Name Lives On

Lowndes on

Let us assume a company has done all the right things. Preemptive security was a concern, so the company tightened up its written cybersecurity controls and associated technical controls, including policies and...more

Clark Hill PLC

Eight Data-Related Provisions That Might be Missing from Your Professional Services Agreement

Clark Hill PLC on

Modern business requires the engagement of professional services providers, such as IT services, marketing, software, data hosting, or other needed services. Far too often, though, the agreements governing these relationships...more

30 Results
 / 
View per page
Page: of 2

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide