The Importance Of Cybersecurity During A Merger & Acquisition Transaction
Last week Marriott Hotel Services was hit with a class action lawsuit for alleged violations of the Illinois’ Biometrics Information Privacy Act (BIPA). The lawsuit alleges that the hotel violated BIPA by requiring workers to...more
Cybersecurity and the related disclosures can be critical issues for any company in today’s environment. This question is at the center of a recent decision by the Fourth Circuit Court of Appeals....more
This week’s Update features a variety of stories, including stories regarding Expedia’s planned roll up of its loyalty programs and Marriott’s recently announced loyalty program partnership with Japanese e-commerce platform,...more
The question of standing has proven to be a tricky one in data breach litigation. Last week a federal district court in Maryland rejected a proposed class action brought by Marriott guests related to a data breach suffered by...more
After the California Consumer Privacy Act (CCPA) took effect on January 1, 2020, a surge of class action lawsuits predicated on alleged CCPA violations hit businesses. Because of the act’s novelty, it was unclear whether...more
CYBERSECURITY - NYDFS - Cybersecurity Certificate of Compliance Due April 15, 2021 The New York Department of Financial Services (DFS), which regulates certain covered entities and licensed persons in the financial...more
The decision to appeal a regulatory finding is never taken lightly. By the time a regulator has completed its investigation and notified a company of its intention to fine, the company will have invested significant time and...more
States Consider Privacy and Data Security Legislation - It’s that time of year again, when we see a flood of legislative activity at the state level on privacy and data security laws. A couple of recent examples are below....more
With it being Halloween, October being National Cybersecurity Awareness Month, and 2019 drawing to an end, let’s take a look at the data privacy breaches giving compliance professionals a fright this year! ...more
In this month's edition of our Privacy & Cybersecurity Update, we examine five amendments to the California Consumer Privacy Act, the EU Court of Justice's rulings on the "Right to Be Forgotten" and what qualifies as a joint...more
While GDPR has been active as a regulation since May 2018, the first fines have just started to hit companies for data breaches. Announced by the ICO on July 8 2019, they intend to fine British Airways £183.39 million for...more
On 9 July 2019 the UK data protection authority (ICO) updated its Data Sharing Code of Practice (first published in 2011) (Code). On the same day, the ICO also announced its intention to fine Marriott International just over...more
GDPR fines are seemingly like buses, you wait over a year for enforcement action by the UK’s data supervisory authority, the ICO, and then two come along at once – and with quite dramatic effect. The ICO has stretched its...more
British Data Protection Authority Flexes GDPR Enforcement Muscles - No longer is the bark of sanctions for lax data protection practices worse than its bite. The Information Commissioner’s Office (ICO)—the United Kingdom's...more
Last week on July 9, 2019, the United Kingdom’s Information Commission Office (ICO) announced its intention to fine Marriott International £99.3 million (about $124 million), or 2.5% of Marriott’s worldwide annual revenue, in...more
Marriott International announced a massive data breach of its Starwood database. Hackers took off with names, mailing addresses, phone numbers, email addresses, passport numbers, affinity account information, dates of birth,...more
This Update highlights key legal and policy developments in cybersecurity and privacy law that may impact important trends for 2019 and beyond. A central takeaway from 2018 is that regulators in the U.S. and abroad are...more
Marriott International Inc. has released new numbers relating to its Starwood Hotel’s reservation database by stating that 5 million passport numbers were stolen in the database....more
Risk Management Question - Are you one of 500 million guests whose personal and financial information was compromised in the recent breach of Marriott's guest reservation system?...more
I knew I would get it. It was just a matter of time. The dreaded breach notification email from Starwood Hotels/Marriott hit my inbox this Monday. As you know, I am one that is serious about data privacy....more
Calling the Marriott data breach “one of the largest digital infestations in history,” a putative class action was filed in Oregon this week seeking up to $12.5 billion dollars in relief. ...more
A hotel is a personal place, even if you share it with thousands of other people. The very obscurity in a crowd can make you feel anonymous, and the private living space allows for the most private of conversations and...more