Cybersecurity and data privacy risks continue to loom large with potentially significant consequences. Litigation, often filed soon after incidents, adds to the possible repercussions. In our previous article, we discussed a...more
Flexing considerable enforcement muscle, California Attorney General Rob Bonta (“AG”) recently announced a $1.2 million settlement with beauty retailer Sephora, Inc. (“Sephora”) under the landmark California Consumer Privacy...more
With football season in full swing, fans and fantasy football owners alike are busy watching games and tossing around acronyms like passes – Xs and Os, TDs, PATs, PPR, YACs, and many more. And on the legal gridiron, insurers...more
Business email compromises (BECs) remain big business. According to a recent FBI report, “[i]n 2021, BEC schemes resulted in 19,954 complaints with an adjusted loss of nearly $2.4 billion.” This is an increase from just over...more
Despite the much-anticipated impact of TransUnion LLC v. Ramirez (“Ramirez”), the Supreme Court decision has not prevented data breach and privacy class actions from proceeding past the pleading stage in federal courts across...more
Instead of identifying traditionally “tangible” injuries, data breach plaintiffs typically point to the fact that they may be the victim of identity theft at some point in the future. Prior to late April 2021, the federal...more
Ransomware is dominating headlines and creating unimaginable headaches. Ransomware has been deployed against every industry sector, and against municipalities and other government agencies. The resulting disruptions and...more
Starting January 1, 2020, California consumers are allowed to make requests for disclosure of certain information under the California Consumer Privacy Act of 2018 (“CCPA”). This article spotlights several practical issues...more
Under the California Consumer Privacy Act (CCPA), covered businesses must comply with myriad requirements starting January 1, 2020. Within those requirements, covered businesses must be prepared to deal with the “look back”...more
The effective date for the California Consumer Privacy Act (CCPA) is January 1, 2020. With fewer than 60 days remaining, covered businesses must be ramping up to meet the requirements of the CCPA. The CCPA affords several...more
On 24 September 2019, the European Union’s top court issued a landmark ruling declaring that Google does not have to extend the “right to be forgotten” rules to its search engines globally.1 This decision provides important...more
Beginning on January 1, 2020, the California Consumer Privacy Act of 2018 (CCPA) will impose new privacy obligations on certain businesses that collect personal information of California consumers. Employers with employees in...more
Under the California Consumer Privacy Act (CCPA), covered businesses must comply with myriad requirements starting January 1, 2020. Within those requirements, covered business must be prepared to deal with the “look back”...more
You can’t hear it often enough: the California Consumer Privacy Act of 2018 (CCPA)—Cal. Civ. Code § 1798.100 et seq.—comes into effect on January 1, 2020 with enforcement by the Attorney General beginning on July 1, 2020 (6...more
Beginning on January 1, 2020, the California Consumer Privacy Act of 2018 (“CCPA”) will impose new privacy obligations on certain businesses that collect personal information of California consumers. Employers with employees...more
The New York Department of Financial Services (NYDFS) blazed a cybersecurity trail with its 2017 regulation for the protection of information collected and processed in, and systems used in the operation of, the financial...more
California may have again taken the privacy protection lead among U.S. jurisdictions with the Governor’s signing on June 28, 2018 of the California Consumer Privacy Act of 2018 (AB 375) (the “Act”). Privacy and security...more
7/6/2018
/ Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
General Data Protection Regulation (GDPR) ,
New Legislation ,
Opt-Outs ,
Personally Identifiable Information ,
Private Right of Action ,
State and Local Government
The U.S. Securities and Exchange Commission is at the center of the current day “cyber storm” of data and system protection, both as a victim and as a regulator. According to an SEC director, “[c]yber-related threats and...more
The definition of “ransomware” can sound pretty academic. For example, the FBI describes ransomware as “a type of malware installed on a computer or server that encrypts the files, making them inaccessible until a specified...more
On January 1, 2017, Illinois ushered in a broader and stronger personal information and data breach regime. The Illinois Personal Information Act (PIPA), 815 ILCS § 530, applies any entity that “handles, collects,...more
What seems like a long time ago now, in 2011 PricewaterhouseCoopers (PwC) warned that “there is no question that law firms are among the companies being targeted by cyber criminals.” Despite this, many law firms believed (or...more
Retail Tracking Update: Privacy Guidance Following Nomi Technologies
- There is currently a widespread effort to quantify everything, from steps, to sleep, to batted ball exit velocity. Fifteen years ago, TV host Jeremy...more
7/31/2015
/ Breach Notification Rule ,
Canada ,
Confidential Information ,
Cyber Attacks ,
Cyber Insurance ,
Cybersecurity ,
Data Breach ,
Data Protection ,
EU ,
Facebook ,
FOIA ,
Hong Kong ,
Identity Theft ,
Notification Requirements ,
Online Safety for Children ,
PCPD ,
Personal Data ,
PIPEDA ,
Power Grid ,
Retail Tracking ,
Risk Assessment ,
Standing ,
Telecommunications ,
Turkey ,
UNCITRAL
Where do we stand on standing in data breach cases? It depends on which court you ask. In December 2014, two courts considered whether plaintiffs alleged sufficient injury in their complaints involving well-known data...more