The Federal Trade Commission (FTC) has notified businesses that it is “resurrecting” its Penalty Offense Authority, an enforcement tool that had not been used by the agency since the 1980s. The Penalty Offense Authority,...more
Connecticut’s new cybersecurity standards law, which goes into effect on October 1, 2021, protects companies from punitive damages in certain data breach actions where an organization has a cybersecurity program that conforms...more
10/1/2021
/ Affirmative Defenses ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Information Security Modernization Act (FISMA) ,
Gramm-Leach-Blilely Act ,
Health Insurance Portability and Accountability Act (HIPAA) ,
NIST ,
Popular ,
Safe Harbors ,
State Data Breach Notification Statutes
The General Data Protection Regulation 2016/679 (GDPR) provides means to enforce provisions related to personal data processing by you as a data controller or data processor. It introduces collective actions everywhere in...more
COVID-19 and IT service provider contracts: A checklist for force majeure events -
The COVID-19 pandemic, and the various restrictions that have been implemented in response to it, are causing extraordinary business...more
Last week, the U.S. District Court for the Eastern District of Virginia ordered Capital One to produce a forensic investigation report in multidistrict litigation arising out of the cyber incident Capital One announced in...more
Last week, the U.S. District Court for the Eastern District of Virginia ordered Capital One to produce a forensic investigation report in multidistrict litigation arising out of the cyber incident Capital One announced in...more
The COVID-19, and the various restrictions that have been implemented in response to it, are causing extraordinary business disruptions. Many organizations have had to modify their operational controls and accommodate a shift...more
Prepare for global data class actions has been moved. In the wake of the COVID-19 epidemic, there is an unfortunate increase in the cyber-security risks businesses may face. Our global team will help you best prepare for the...more
4/8/2020
/ Class Action ,
Collective Actions ,
Collective Redress ,
Compliance ,
Coronavirus/COVID-19 ,
Cross-Border ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
EU ,
General Data Protection Regulation (GDPR) ,
Member State ,
Mexico ,
Regulatory Oversight ,
Risk Management ,
Russia ,
United States ,
Webinars
The General Data Protection Regulation 2016/679 (GDPR) provides means to enforce provisions related to personal data processing by you as a data controller or data processor. It introduces collective actions everywhere in...more
11/22/2019
/ Burden of Proof ,
Class Action ,
Cybersecurity ,
Data Breach ,
Data Processors ,
Data Protection ,
EU ,
EU Data Protection Laws ,
European Commission ,
Evidence ,
Forum Shopping ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Litigation Strategies ,
Personal Data ,
Personally Identifiable Information ,
Private Right of Action ,
Risk Management ,
Russia
Class actions have become an increasingly common means to seek redress in data privacy cases. With data breaches and data privacy claims on the rise, we asked our lawyers in France and the U.S. what you should bear in mind....more
12/17/2018
/ Article III ,
Class Action ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
EU ,
General Data Protection Regulation (GDPR) ,
Hackers ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Standing
A U.S. court has recently ruled that an EU citizen’s privacy rights and the GDPR do not trump a U.S. litigant’s right to obtain discovery, including video-taped depositions....more
Over the past few years, there has been a surge in class actions challenging companies’ privacy and data security practices. But, while the number of class actions continues to grow, the suits face several significant...more
8/16/2018
/ Article III ,
Class Action ,
Corporate Counsel ,
Cyber Attacks ,
Data Breach ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Hackers ,
Identity Theft ,
Injury-in-Fact ,
Personally Identifiable Information ,
Standing
The FTC has approved the first-ever petition to reopen and modify a privacy-related consent order. The petition, filed by Sears Holdings Management Corporation, sought to amend the terms of Sears’ 2009 consent order (the...more
3/14/2018
/ Brick-and-Mortar Stores ,
Consent Order ,
Customer Information ,
Data Collection ,
Data Privacy ,
Disclosure Requirements ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Mobile Apps ,
Retail Market ,
Retail Tracking ,
Retailers ,
Sears ,
Software
The U.S. Court of Appeals for the Eighth Circuit has become the latest appellate court to enter the contested debate over Article III standing in data breach litigation. The Eighth Circuit held that 15 of 16 named plaintiffs...more
9/8/2017
/ Article III ,
Class Action ,
Cyber Attacks ,
Data Breach ,
Debit and Credit Card Transactions ,
Federal Rule 12(b)(6) ,
Hackers ,
Identity Theft ,
Injury-in-Fact ,
Personally Identifiable Information ,
Standing
The six-year fight over the type of harm a plaintiff must allege to satisfy the “injury in fact” requirement for lawsuits alleging false reporting of credit information took its latest turn this week. On Tuesday, August 15,...more
In the wake of a cyber attack, it’s a common assumption that attorney-client privilege is ironclad. It’s not that simple. Partners Harriet Pearson and Michelle Kisloff examine the nuances and offer best practices. ...more
Partners Harriet Pearson and Michelle Kisloff talk about the real-time challenges of data breaches in the context of litigation and investigations. Hear the three major things you need to do and how to avoid the common...more