A recent decision from the Third Circuit suggests that the leak of information onto the Dark Web provides standing to class action plaintiffs in data breach litigation. In Clemens v. ExecuPharm, Inc., 48 F.4th 146 (3d Cir....more
On August 24, 2022, the California Attorney General announced its first enforcement action – including a fine for $1.2 million – under the California Consumer Protection Act (“CCPA”). The Attorney General brought its...more
On June 3, 2021, the U.S. Supreme Court issued an important opinion in Van Buren v. United States, which provided important clarification of the scope of the Computer Fraud and Abuse Act (CFAA). The CFAA bars unauthorized...more
While the California Consumer Privacy Act (effective January 1, 2020) has been getting the lion’s share of attention, Nevada’s Senate Bill No. 220 (“SB 220”) already went into effect on October 1, 2019. SB 220 gives Nevada...more
On May 7, 2019, the City of Baltimore discovered that its integral systems were the subject of a ransomware attack, breaching the City’s phone systems, emails, documents and critical operational databases, affecting roughly...more
Copyrighting Your Body: A Defense Against Revenge Pornography -
When personal, intimate photographs or videos become exposed to the public via websites or other media, victims suffer immense loss and seemingly have little...more
On November 2, 2018, Ohio’s new “cybersecurity safe harbor” law took effect, and the law gives Ohio businesses a strong new reason to proactively address data security. Data breaches are an ever-growing threat to businesses...more
If your business has customers in California, you will need to comply with the Consumer Privacy Act.
On Thursday, June 28, 2018, California enacted its state Consumer Privacy Act, the first state law that will bring...more
Over the last few weeks, we all have been inundated with emails from merchants and websites alerting us to privacy policy changes or asking for consent to use our personal information. Those merchants and websites are trying...more
On March 22, 2018, a cyberattack hit the City of Atlanta. A ransomware program infected the City’s computer systems. That malware encrypted the city’s files, and officials believe it may also have provided unauthorized...more
The General Data Protection Regulation (GDPR) takes effect in the European Union (EU) on May 25, 2018. Although U.S. businesses may think that EU regulations do not apply to them, GDPR extends to any entity that collects,...more
Do you have a written data security program in place to meet federal requirements?
In the last year, the Department of Education (DOE) released guidance in the form of a “Dear Colleague” letter emphasizing the importance...more
In February 2016, a computer hacker sent an e-mail infected with a “ransomware virus” to an employee of the town of Medfield, Massachusetts. When the e-mail was opened, the virus spread throughout the town’s computer network,...more
Federal courts have varied widely in their interpretation of standing for plaintiffs in consumer protection class actions since last year’s U.S. Supreme Court decision in Spokeo v. Robins , __ U.S. __, 136 S.Ct. 1540 (May 16,...more
Data Privacy Day was January 28th – the annual event, coordinated by the National Cyber Security Alliance, celebrates the signing in 1981 of the first international treaty addressing privacy and data protection.
On...more
This annual campaign is an effort by the U.S. Department of Homeland Security to raise awareness about data security threats.
The Privacy & Data Security Group at McNees urges you on this occasion to consider whether...more
The New York State Department of Financial Services (NYSDFS) recently proposed new cybersecurity regulations for banks, insurance companies, and other financial institutions—the first regulations of their kind in the United...more
You and your business may use the cloud vendor Dropbox (www.dropbox.com) to store or transfer files, work-related documents, or personal information (or may have used it to transfer such data in the past).
...more
If your company transfers the personal information of European Union citizens to the United States, you likely have kept a close eye on the evolution of EU privacy law since a European court invalidated the former EU-U.S....more
The Pennsylvania Supreme Court has delved into the “App Store,” addressing for the first time the use of smartphones and their applications in the context of illegal wiretapping. Pennsylvania’s Wiretap Act forbids the...more
New decisions from two federal courts may allow defendants in data breach class action litigation to breathe somewhat easier, following a run of adverse decisions last year. These decisions illustrate an emerging trend of...more
2/12/2016
/ Clapper v. Amnesty International ,
Class Action ,
Data Breach ,
Federal Trade Commission (FTC) ,
Financial Institutions ,
Michaels ,
Neiman Marcus ,
SCOTUS ,
Section 5 ,
Split of Authority ,
Standing ,
Target
Cybercrime is among the top concerns today for our business clients, but limiting the risk of identity theft should be a topic you consider at home and with your family, as well as in the boardroom. This article will provide...more
Add dating website Ashley Madison to the list of large companies like Target, Home Depot and Michael’s that have had customer information stolen by hackers. Published reports say Ashley Madison is now facing multiple lawsuits...more
9/18/2015
/ Ashley Madison ,
Breach Notification Rule ,
Class Action ,
Cyber Attacks ,
Cyber Incident Reporting ,
Cyber Insurance ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Data Security and Breach Notification Act of 2015 ,
Federal Trade Commission (FTC) ,
Hackers ,
Pending Legislation ,
Personal Data ,
Personally Identifiable Information ,
Security Audits
Companies can be fined by the federal government for failing to properly safeguard consumer data, according to a decision this week by Pennsylvania's federal appellate court....more
8/28/2015
/ Appeals ,
Credit Cards ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Debit Cards ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Fraud ,
Fraudulent Charges ,
FTC v Wyndham ,
Hackers ,
Payment Systems ,
Personally Identifiable Information ,
Popular ,
Unfair or Deceptive Trade Practices ,
Wyndham
When people think about data breaches, corporate giants like Target, Home Depot and Michael’s spring to mind. But even small businesses holding personal information can face costly consequences if a breach occurs.
In the...more