In our June Privacy & Cybersecurity Update, we review new data privacy laws in Colorado, Connecticut, Florida and Montana; Verizon’s annual Data Breach Investigations Report; AM Best’s report on cyber insurance trends; and...more
7/6/2023
/ Biometric Information Privacy Act ,
Consumer Privacy Rights ,
Cyber Insurance ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Processors ,
Data Protection ,
Employer Liability Issues ,
Employment Litigation ,
Enforcement ,
Investigations ,
Liability ,
Negligence ,
New Amendments ,
New Legislation ,
New Regulations ,
Opt-Outs ,
Popular ,
Privacy Laws ,
State and Local Government ,
State Privacy Laws ,
Technology Sector ,
Verizon
In this month’s Privacy & Cybersecurity Update, we analyze recent fines against Meta and their impact on the future of behavioral advertising, the timeline for the California Privacy Rights Act’s regulations to become...more
2/1/2023
/ Advertising ,
California ,
California Privacy Rights Act (CPRA) ,
Class Action ,
Court of Justice of the European Union (CJEU) ,
Cybersecurity ,
Data Breach ,
FCC ,
Fines ,
Investigations ,
Metaverse ,
Popular ,
Privacy Laws ,
Proposed Amendments ,
Reporting Requirements ,
Settlement Agreements ,
State and Local Government ,
State Privacy Laws ,
UK
In this month’s Privacy & Cybersecurity Update, we examine the European Commission’s draft adequacy decision on the EU-U.S. Data Privacy Framework, as well as guidance from the U.K. Information Commissioner’s Office on...more
1/3/2023
/ Biometric Information Privacy Act ,
Cyber Insurance ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Employee Monitoring ,
EU ,
European Commission ,
International Data Transfers ,
Popular ,
Privacy Laws ,
Risk Assessment ,
UK
In this month's Privacy & Cybersecurity Update, we examine California’s draft amended regulations for the California Privacy Rights Act, the introduction of comprehensive federal privacy legislation in Congress and the U.K.’s...more
In this month’s Privacy & Cybersecurity Update, we review Connecticut’s passage of a comprehensive privacy law (making it the fifth state to do so), the newly enacted federal Better Cybercrime Metrics Act, New York’s new law...more
6/3/2022
/ COPPA ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
Personal Data ,
Popular ,
State Privacy Laws
In this month’s Privacy & Cybersecurity Update, we examine the FTC chair’s comments suggesting a potential shift in its approach to data privacy regulation, the European Data Protection Board’s request for comment on its...more
5/4/2022
/ Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
Food and Drug Administration (FDA) ,
Medical Devices ,
Personal Data ,
Personally Identifiable Information ,
Popular
In this month’s Privacy & Cybersecurity Update, we examine the FBI’s warning to companies regarding cyberattacks targeting confidential M&A activity, as well as the Cybersecurity and Infrastructure Security Agency’s directive...more
12/1/2021
/ Cyber Attacks ,
Cyber Insurance ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
EU ,
European Data Protection Board (EDPB) ,
FBI ,
International Data Transfers ,
Ransomware ,
Robocalling
In this month’s edition of our Privacy & Cybersecurity Update, we examine the FTC’s changes to the Gramm-Leach-Bliley Act’s Safeguards Rule and the CFPB’s order requiring six tech companies to disclose information regarding...more
11/2/2021
/ Consumer Financial Protection Bureau (CFPB) ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
GEICO ,
Gramm-Leach-Blilely Act ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Multidistrict Litigation ,
Putative Class Actions ,
Safeguards Rule
In this month's edition of our Privacy & Cybersecurity Update, we examine the Second Circuit's ruling allowing standing for increased risk of identity theft following a data breach, the European Commission's recently released...more
5/3/2021
/ Artificial Intelligence ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Labor (DOL) ,
EBSA ,
EU ,
European Commission ,
IN Supreme Court ,
Ransomware
In this month's edition of our Privacy & Cybersecurity Update, we examine the U.S. Treasury's advisories regarding the role of financial intermediaries in ransomware payments, a ruling by the Israeli data protection authority...more
11/3/2020
/ British Airways ,
California Consumer Privacy Act (CCPA) ,
Court of Justice of the European Union (CJEU) ,
Cyber Attacks ,
Cyber Insurance ,
Cybersecurity ,
Data Breach ,
Data Protection ,
EU ,
EU-US Privacy Shield ,
Financial Institutions ,
FinCEN ,
International Data Transfers ,
Office of Foreign Assets Control (OFAC) ,
Popular ,
Ransomware ,
State Attorneys General ,
Surveillance
In this month's edition, we examine the Court of Justice of the European Union's decision invalidating the EU-U.S. Privacy Shield framework, as well as the U.S. government's response to the decision. We also examine two...more
8/6/2020
/ Automotive Industry ,
Binding Corporate Rules ,
Broadband Privacy Rules ,
Connected Cars ,
Corporate Counsel ,
Court of Justice of the European Union (CJEU) ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Economic Loss Doctrine ,
Enforcement Actions ,
EU ,
EU-US Privacy Shield ,
European Data Protection Board (EDPB) ,
Federal Trade Commission (FTC) ,
First Amendment ,
Free Speech ,
General Data Protection Regulation (GDPR) ,
Hackers ,
Insurance Industry ,
International Data Transfers ,
Internet Service Providers (ISPs) ,
Misrepresentation ,
Negligence ,
NYDFS ,
Online Platforms ,
P2B ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Privacy Laws ,
Schrems I & Schrems II ,
Security Breach ,
Standard Contractual Clauses ,
U.S. Commerce Department ,
UK ,
UK Data Protection Act ,
United Nations
In this month's edition of our Privacy & Cybersecurity Update, we examine Washington state's new facial recognition law, the U.K. Supreme Court's ruling that an employer is not liable for a data breach caused by a disgruntled...more
5/3/2020
/ Coronavirus/COVID-19 ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Draft Guidance ,
Employee Misconduct ,
Employer Liability Issues ,
Equifax ,
European Commission ,
European Data Protection Board (EDPB) ,
Facial Recognition Technology ,
FSB ,
Mobile Apps ,
New Guidance ,
NYDFS ,
Phishing Scams ,
Popular ,
Privacy Laws ,
Settlement ,
UK Supreme Court
In this month's edition, we examine the landmark data breach class action in the English High Court against Equifax, the FTC's complaint against data colocation company RagingWire and a Utah business-to-business company's...more
12/4/2019
/ Commercial General Liability Policies ,
Cybersecurity ,
Data Breach ,
Denial of Insurance Coverage ,
Equifax ,
EU-US Privacy Shield ,
Federal Trade Commission (FTC) ,
International Arbitration ,
Misrepresentation ,
Popular ,
Privacy Laws ,
Settlement ,
Target ,
UK
In this month's edition of our Privacy & Cybersecurity Update, we examine New York's new laws expanding consumer protection for data breaches, the D.C. Circuit's two rulings deepening the split regarding standing in data...more
8/2/2019
/ Article III ,
Biometric Information ,
Consumer Protection Laws ,
Cookies ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Debit and Credit Card Transactions ,
Equifax ,
Fair Credit Reporting Act (FCRA) ,
General Data Protection Regulation (GDPR) ,
Hackers ,
Identity Theft ,
Injury-in-Fact ,
Malware ,
New Legislation ,
Personally Identifiable Information ,
Popular ,
Search Results ,
Settlement ,
Spokeo v Robins ,
Standing ,
State and Local Government ,
State Data Breach Notification Statutes ,
UK
In this month's edition of our Privacy & Cybersecurity Update, we reflect on the GDPR's one-year anniversary while also examining the EU's new Cybersecurity Act. We also take a look at HHS' new guidance on direct liability of...more
7/2/2019
/ Appeals ,
Business Associates ,
Consumer Privacy Rights ,
Credit Cards ,
Cybersecurity ,
Data Breach ,
Data Sellers ,
Dish Network ,
EU Cybersecurity Act ,
European Council ,
General Data Protection Regulation (GDPR) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Internet Service Providers (ISPs) ,
Liability ,
Merchant Fees ,
Opt-Outs ,
Payment Processors ,
Personal Information ,
Personally Identifiable Information ,
Privacy Laws ,
State and Local Government ,
State Data Breach Notification Statutes ,
TCPA
In this month's edition of our Privacy & Cybersecurity Update, we examine expanded data breach notification laws in New Jersey and Washington state, as well as the SEC's risk alert regarding cloud-based storage solutions. We...more
6/3/2019
/ Amended Rules ,
Annual Reports ,
Cloud Storage ,
Cybersecurity ,
Data Breach ,
Data Protection Authority ,
Data Security ,
Federal Trade Commission (FTC) ,
Finland ,
General Data Protection Regulation (GDPR) ,
Personally Identifiable Information ,
Popular ,
Privacy Laws ,
Risk Alert ,
Securities and Exchange Commission (SEC) ,
State Data Breach Notification Statutes ,
UK
In this month's Privacy & Cybersecurity Update, we examine several recent U.K.-related cybersecurity developments and the SEC's risk alert reminding investment advisers and broker-dealers to follow through on implementing...more
5/1/2019
/ Broker-Dealer ,
Canada ,
Commercial General Liability Policies ,
Cyber Insurance ,
Cyber Policies ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data-Sharing ,
Denial of Insurance Coverage ,
Designated Contract Markets (DCMs) ,
ENISA ,
Equifax ,
EU ,
Fines ,
General Data Protection Regulation (GDPR) ,
Government Investigations ,
Hackers ,
Investment Adviser ,
NCSC ,
OCIE ,
PIPEDA ,
Popular ,
Privacy Comissioners ,
Privacy Laws ,
Privacy Policy ,
Putative Class Actions ,
Regulation S-P ,
Risk Alert ,
Securities and Exchange Commission (SEC) ,
Surveys ,
TCPA ,
UK ,
UK Data Protection Act ,
UK ICO ,
Unsolicited Faxes
In this month's edition of our Privacy & Cybersecurity Update, we examine new cybersecurity legislation in California and Massachusetts, the British government's updates to its cybersecurity laws in anticipation of Brexit and...more
4/2/2019
/ California Consumer Privacy Act (CCPA) ,
Class Action ,
Class Certification ,
Credit Reporting Agencies ,
Credit Reports ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Federal Trade Commission (FTC) ,
Gramm-Leach-Blilely Act ,
Popular ,
Privacy Laws ,
Public Comment ,
State Data Breach Notification Statutes ,
Thailand ,
UK ,
UK Brexit
In this month's edition, we examine a judge's ruling allowing an investor suit against Equifax, the dismissal of a class action against the insurer CareFirst and President Donald Trump's launch of a federal artificial...more
3/4/2019
/ Artificial Intelligence ,
Class Action ,
Cybersecurity ,
Data Breach ,
Department of Financial Services ,
Dismissals ,
Equifax ,
Facebook ,
Federal Cartel Offices ,
Federal Data Privacy ,
GAO ,
Germany ,
Investors ,
NAIC ,
NYDFS ,
Popular ,
Privacy Laws ,
Proposed Legislation ,
Trump Administration ,
User-Generated Content
In this month's edition, we examine cybersecurity-related state Supreme Court rulings in Pennsylvania, Vermont and Illinois; the Department of Health and Human Services' cybersecurity guidelines for the health care industry;...more
2/2/2019
/ Actual Injuries ,
Adequacy Requirement ,
Annual Reports ,
Attorney General ,
Biometric Information Privacy Act ,
California Consumer Privacy Act (CCPA) ,
Common Law Claims ,
Corporate Counsel ,
Cyber Insurance ,
Cybersecurity ,
Data Breach ,
Data Protection Acts ,
Data Protection Authority ,
Denial of Insurance Coverage ,
Department of Health and Human Services (HHS) ,
Employee Privacy Rights ,
EU ,
EU-US Privacy Shield ,
IL Supreme Court ,
Japan ,
Neiman Marcus ,
New Guidance ,
PA Supreme Court ,
Phishing Scams ,
Policy Exclusions ,
Public Hearing ,
Security Standards ,
Settlement ,
State Attorneys General ,
Statutory Rights ,
VT Supreme Court
In this month's Privacy & Cybersecurity Update, we examine recent trends and court decisions, including a new law in Ohio that provides a safe harbor from tort-based data breach claims if the company adopts certain security...more
10/2/2018
/ Affirmative Defenses ,
Amended Rules ,
California Consumer Privacy Act (CCPA) ,
Class Action ,
Computer Fraud Insurance ,
Cybersecurity ,
Data Breach ,
Data Security ,
General Data Protection Regulation (GDPR) ,
Internet of Things ,
Personal Data ,
Popular ,
Privacy Policy ,
Private Right of Action ,
Social Engineering ,
State Attorneys General ,
State Legislatures ,
UK ,
UK ICO
In this month's edition of our Privacy & Cybersecurity Update, we examine Brazil's new data protection regulation, the French data protection authority's warning to two companies of potential GDPR violations and the U.S....more
9/7/2018
/ Appeals ,
Brazil ,
Breach Notification Rule ,
CNIL ,
Computer Fraud Insurance ,
Consent ,
Critical Infrastructure Sectors ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Protection Acts ,
Data Protection Authority ,
Data Protection Officers (DPOs) ,
Data Retention ,
Denial of Insurance Coverage ,
Department of Homeland Security (DHS) ,
Email ,
Enforcement Actions ,
EU ,
European Commission ,
European Economic Area (EEA) ,
Extraterritoriality Rules ,
France ,
Fraudulent Transfers ,
General Data Protection Regulation (GDPR) ,
Geological Data ,
International Data Transfers ,
Japan ,
Japan-EU Economic Partnership Agreement (EPA) ,
NCCIC ,
Personal Data ,
Policy Terms ,
Popular ,
Public Private Partnerships (P3s) ,
Reciprocity Rules ,
Reversal ,
Scams ,
Social Engineering ,
Spoofing ,
Standard Contractual Clauses ,
Warning Letters ,
Wire Fraud
In this month's edition of our Privacy & Cybersecurity Update, we examine new privacy laws in Germany, an FTC settlement with an alleged consumer loan company over unfair and deceptive practices, the dismissal of a data...more
8/2/2017
/ Children's Toys ,
Civil Monetary Penalty ,
Consumer Financial Products ,
Cyber Insurance ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Protection ,
Dismissals ,
EU ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Germany ,
Incident Response Plans ,
Lenders ,
Member State ,
Popular ,
Privacy Laws ,
Risk Mitigation ,
Settlement ,
Standing ,
Unfair or Deceptive Trade Practices
In this edition of our Privacy & Cybersecurity Update, we discuss how the prospect of a new chair and three new commissioners at the FTC may impact the agency's approach to cybersecurity regulation, a new Massachusetts...more
2/4/2017
/ Administrative Appointments ,
Breach Notification Rule ,
Cyber Insurance ,
Cybersecurity ,
Cybersecurity Framework ,
Data Breach ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Internet of Things ,
NIST ,
OCR ,
Popular ,
Privacy Policy ,
Public Disclosure ,
Software ,
Swiss Privacy Shield ,
Trump Administration
In this month's edition of our Privacy & Cybersecurity Update, we examine modifications to New York state's proposed cybersecurity regulations for financial institutions, a 5th Circuit ruling that a phishing scam is not...more
1/4/2017
/ Banks ,
Commercial Crime Insurance Polices ,
Consumer Insurance Products ,
Cyber Insurance ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Department of Financial Services ,
FCC ,
Home Depot ,
Internet of Things ,
Phishing Scams ,
Privacy Laws ,
Trump Administration ,
U.S. Treasury