Perkins Coie's Privacy & Security practice maintains this comprehensive chart of state laws regarding security breach notification. The chart is for informational purposes only and is intended as an aid in understanding each...more
10/19/2023
/ Breach Notification Rule ,
Class Action ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Information Security ,
Notification Requirements ,
Popular ,
Privacy Laws ,
State Privacy Laws
President Biden issued an executive order (EO) increasing protections and safeguards for personal data subject to signals intelligence activities. It also establishes a redress mechanism for residents of qualifying states who...more
10/11/2022
/ Biden Administration ,
Court of Justice of the European Union (CJEU) ,
Critical Infrastructure Sectors ,
Cybersecurity ,
EU ,
Executive Orders ,
General Data Protection Regulation (GDPR) ,
National Security ,
Personal Data ,
Popular ,
Schrems I & Schrems II ,
Surveillance
Perkins Coie's Privacy & Security practice maintains a comprehensive chart that summarizes state laws regarding security breach notification. The chart is for informational purposes only and is intended as an aid in...more
As more and larger data breaches come to light, states continue to update and expand their breach notification statutes, adding to the patchwork of notification obligations that now exists in every state. Generally speaking,...more
The Federal Trade Commission (FTC) announced settlements with four companies last month—IDmission LLC, mResource LLC (doing business as Loop Works LLC), SmartStart Employment Screening, Inc. and VenPath, Inc.—of the FTC’s...more
This spring has brought a particularly active round of revisions to state data breach notification laws. Most notably, as of July 1, 2018, every state will have a breach notification law. Alabama and South Dakota both passed...more
2017 has reminded us that data security threats continue to evolve and that the stakes for companies can be very high if their data security programs fail to evolve as well. Before the recent announcement of Equifax’s...more
9/19/2017
/ Cyber Insurance ,
Cybersecurity ,
Data Breach ,
Data Security ,
Equifax ,
Hackers ,
Human Resources Professionals ,
Phishing Scams ,
Ransomware ,
Risk Assessment ,
Risk Mitigation ,
Tax Fraud ,
Tax Scams ,
Third-Party Service Provider
Computer systems around the world have been impacted by the largest cyber-extortion attack in history. According to news reports, the “ransomware” attack hit more than 200,000 victims in 150 countries since it started on...more
5/16/2017
/ Commercial Insurance Policies ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Protection ,
Employee Training ,
FBI ,
Forensic Examination ,
Hackers ,
Incident Response Plans ,
Microsoft ,
National Security Agency (NSA) ,
Ransomware
The spring legislative sessions this year brought a now-familiar round of revisions to data breach notification laws, with states broadening their laws in often divergent ways. This year, Illinois, Nebraska, and Tennessee...more
The Court of Justice of the European Union (CJEU) issued its landmark decision in Maximillian Schrems v. Data Protection Commissioner on October 6, 2015, ultimately invalidating the U.S.-EU Safe Harbor Framework.
Under...more
10/8/2015
/ Corporate Counsel ,
Cybersecurity ,
Data Protection Authority ,
Edward Snowden ,
EU Data Protection Laws ,
European Commission ,
European Court of Justice (ECJ) ,
Facebook ,
Federal Trade Commission (FTC) ,
International Data Transfers ,
Ireland ,
National Security ,
National Security Agency (NSA) ,
Personal Data ,
Popular ,
Privacy Laws ,
Right to Privacy ,
Safe Harbors ,
Schrems I & Schrems II ,
US-EU Safe Harbor Framework ,
Young Lawyers
The SEC announced last week that an investment adviser had agreed to settle charges that it failed to take required steps to protect against and respond effectively to a cybersecurity breach. The action comes on the heels of...more
9/29/2015
/ Best Practices ,
Board of Directors ,
Broker-Dealer ,
Capital Markets ,
Compliance ,
Corporate Counsel ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Incident Reporting ,
Cyber Insurance ,
Cybersecurity ,
Data Breach ,
Data Loss Prevention ,
Data Security ,
Department of Health and Human Services (HHS) ,
Department of Justice (DOJ) ,
Disclosure Requirements ,
Due Diligence ,
Enforcement Actions ,
FCC ,
Federal Trade Commission (FTC) ,
Financial Institutions ,
Hackers ,
Incident Response Plans ,
Investment Adviser ,
OCR ,
Popular ,
Regulation S-P ,
Risk Alert ,
Risk Assessment ,
Securities Act of 1933 ,
Securities and Exchange Commission (SEC) ,
Third-Party Service Provider
Since at least 2005, the Federal Trade Commission has asserted that it may regulate lax data security practices as an “unfair” business practice under Section 5 of the FTC Act. The Wyndham hotel chain was the first to...more
8/27/2015
/ COPPA ,
Credit Cards ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Debit Cards ,
Fair Credit Reporting Act (FCRA) ,
Federal Trade Commission (FTC) ,
Fraudulent Charges ,
FTC Act ,
FTC v Wyndham ,
Hackers ,
Personally Identifiable Information ,
Popular ,
SCOTUS ,
Section 5 ,
Unfair or Deceptive Trade Practices ,
Wyndham
President Obama recently issued Executive Order 13694 (EO 13694 or EO), “Blocking the Property of Certain Persons Engaging in Significant Malicious Cyber-Enabled Activities.” EO 13694 is aimed at deterring cyber attacks,...more