This week, Ken Paxton, the Texas Attorney General, filed suit against General Motors for alleged violations of the Texas Deceptive Trade Practices Act in collecting and selling drivers’ data to insurers without consumer...more
This week, the Federal Communications Commission (FCC) announced a settlement with TracFone Wireless to resolve investigations into whether TracFone failed to reasonably protect its customers’ information from unauthorized...more
7/25/2024
/ Cell Phones ,
Data Breach ,
Data Privacy ,
Data Protection ,
Enforcement Actions ,
FCC ,
Information Security ,
Settlement ,
Telecommunications ,
TracFone Wireless ,
Wireless Devices ,
Wireless Industry
The Telephone Consumer Protection Act (TCPA) has not been updated in over 30 years. The Federal Communications Commission (FCC) has been asked by Congress to take “decisive action in addressing the escalating issue of...more
Following the Sephora and DoorDash enforcement actions, on June 18, 2024, the California Attorney General announced its third California Consumer Privacy Act (CCPA) enforcement action against Tilting Point Media LLC. Tilting...more
CYBERSECURITY -
Health Care Entities Continue to Get Pummeled by Cybersecurity Attacks -
The newest health care entity to be hit by a cyberattack is Ascension Health, which operates 140 hospitals and 40 assisted living...more
5/13/2024
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Health Care Providers ,
Proposed Legislation ,
Regulatory Agenda ,
Regulatory Reform ,
Snapchat ,
Surveillance ,
TikTok
Last week, the Colorado Supreme Court upheld a criminal conviction which relied in part on evidence obtained pursuant to a warrant for Google search data. People v. Seymour, 2023 CO 53 (Oct. 16, 2023) (available at...more
On May 17, 2023, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) announced a settlement with MedEvolve, Inc. for $350,000. MedEvolve provides practice and revenue cycle management and practice...more
5/19/2023
/ Cybersecurity ,
Data Breach ,
Data Protection ,
Department of Health and Human Services (HHS) ,
Enforcement Actions ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
HIPAA Violations ,
OCR ,
PHI ,
Settlement ,
Software
CYBERSECURITY -
World Economic Forum’s Global Cybersecurity Outlook for 2023 Is Bleak -
Sorry to be the bearer of bad news but remember that I am only the messenger. According to the World Economic Forum’s Global...more
2/9/2023
/ California Consumer Privacy Act (CCPA) ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Hackers ,
Information Technology ,
Popular ,
Social Engineering ,
Vulnerability Assessments
The Office of the California Attorney General recently announced that it will initiate an investigative sweep and will start sending letters to businesses about their mobile apps for failure to comply with the California...more
2/3/2023
/ California ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Enforcement Actions ,
Information Governance ,
Mobile Apps ,
Regulatory Violations ,
State Attorneys General
Epic Games $520 Million Settlement with FTC for Unfair Practices and COPPA Violations -
Recently, Epic Games, Inc. (Epic), maker of the popular Fortnite video game, settled allegations posed by the Federal Trade...more
CYBERSECURITY -
Password Manager LastPass Admits to Hack -
Password manager LastPass, reportedly used by more than 33 million users, recently announced that it was hacked, and although it reports that no passwords of...more
In the first of its kind under the California Consumer Privacy Act (CCPA), Sephora settled an enforcement action with the California Attorney General for violation of the CCPA. Sephora must pay $1.2 million in penalties and...more
8/26/2022
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Data Collection ,
Data Privacy ,
Data Sellers ,
Enforcement Actions ,
Internet Retailers ,
Retail Tracking ,
Retailers ,
Sephora ,
Settlement Agreements ,
Statutory Violations ,
Targeted Digital Advertising
What To Do When The Government Knocks On Your Lab’s Door -
The volume of federal enforcement actions involving laboratories has increased dramatically over the last few years. Not a month seems to pass without a press...more
7/15/2022
/ Clinical Laboratories ,
Coronavirus/COVID-19 ,
Cybersecurity ,
Department of Justice (DOJ) ,
Enforcement Actions ,
Healthcare ,
Hospitals ,
Infectious Diseases ,
Life Sciences ,
Pharmaceutical Industry ,
Price Transparency ,
Virus Testing
CYBERSECURITY -
Verizon’s 2022 Data Breach Investigations Report: A Must Read -
I love Verizon’s annual Data Breach Investigations Report (DBIR). I have pored over its content every year since its inception in 2008. (Just...more
6/3/2022
/ California Privacy Rights Act (CPRA) ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Enforcement Actions ,
Hackers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Personally Identifiable Information ,
Popular ,
Regulatory Reform ,
Vulnerability Assessments
In a first of its kind prosecution, the Irish Aviation Authority (IAA) successfully prosecuted a drone operator for a safety violation while flying a drone outside of a former Israeli embassy during a public demonstration....more
CYBERSECURITY -
DOJ Takes Down RaidForums' Website -
In an action against what has been described as one of the largest hacker forums in the world, the U.S. Department of Justice (DOJ) announced on April 12, 2022, that...more
4/15/2022
/ Consumer Privacy Rights ,
Cybersecurity ,
Data Management ,
Data Privacy ,
Data Protection ,
Department of Justice (DOJ) ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Microsoft ,
Network Security ,
Personal Data ,
Popular ,
Scams
CYBERSECURITY -
State Department Establishes Bureau of Cyberspace and Digital Policy -
The Department of State’s new Bureau of Cyberspace and Digital Policy (CDP) commenced operations on April 4, 2022. According to an...more
4/8/2022
/ Consumer Privacy Rights ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Drones ,
Enforcement Actions ,
Information Governance ,
Information Technology ,
Personal Data ,
Popular ,
Scams
CYBERSECURITY -
Cyber-Attackers Politically Aligned -
The most recent Accenture Global Incident Report (the Report) shows that cyber-attackers have political views and are divided between support for Russia or Ukraine....more
3/18/2022
/ Cyber Attacks ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Personal Data ,
Popular ,
Right To Know ,
Russia ,
Scams ,
Vulnerability Assessments
CYBERSECURITY -
Medical Center Rebuilding EMR Following Ransomware Attack -
Queen Creek Medical Center (QCMC), also known as Desert Wells Family Medicine, located in Arizona, has notified up to 35,000 patients of a data...more
9/17/2021
/ Apple ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Management ,
Data Privacy ,
Data Protection ,
Drones ,
Enforcement Actions ,
Information Governance ,
iPhone ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Ransomware ,
Right of Access
This week the Federal Communications Commission (FCC) proposed its highest financial penalty against lobbyist and political consultant group, John M. Burkman, Jacob Alexander Wohl, and J.M. Burkman & Associates LLC (the...more
CYBERSECURITY -
Another Win for Justice Department: Slilpp Marketplace Takedown -
People always ask me if law enforcement is having any luck in combatting cyber criminals. Let me be clear: it is a very tough job to take...more
6/18/2021
/ Ancestry.com ,
Beyond Visual Line Of Sight (BVLOS) ,
Car Rentals ,
Computer Fraud and Abuse Act (CFAA) ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Department of Justice (DOJ) ,
Drones ,
Enforcement Actions ,
Federal Aviation Administration (FAA) ,
Hackers ,
Popular ,
Ransomware ,
SCOTUS ,
Van Buren v United States
Last week, Diabetes, Endocrinology & Lipidology Center Inc. (DELC) of West Virginia reached a $5,000 settlement with the Office for Civil Rights (OCR) over allegations that it failed to provide timely access to a patient’s...more
Renown Health, P.C. (Renown), a non-profit health system in Nevada, settled with the U.S. Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services in a matter resulting from an enforcement action for...more
CYBERSECURITY -
Ubiquiti Notifies Customers of Breach -
Ubiquiti, a manufacturer of products used for networks such as routers, webcams and mesh networks, announced this week that an unauthorized access to its systems...more
1/15/2021
/ Activist ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Enforcement Actions ,
Facial Recognition Technology ,
Federal Trade Commission (FTC) ,
Hackers ,
Insurrection ,
Mobile Apps ,
Popular ,
Scams
The Federal Trade Commission (FTC) announced its settlement with Everalbum Inc. (Everalbum) for its Ever app, a photo and video storage app, due to its alleged deception of consumers related to the app’s use of facial...more