Most companies follow a few key rules to market their offerings: Advertisements should be truthful and should not mislead consumers. Advertisements and the products being marketed should not harm consumers. Advertisers...more
The Federal Trade Commission ("FTC") recently announced its intent to "vigorously" enforce its 2009 Health Breach Notification Rule (the "Rule") via a policy statement that sheds light on the Rule's scope. The policy...more
9/24/2021
/ Application Programming Interface (APIs) ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Federal Trade Commission (FTC) ,
FTC Act ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Mobile Apps ,
Mobile Health Apps ,
Personally Identifiable Information ,
Popular
On January 21, 2019, the French data protection supervisory authority (“CNIL”) fined Google €50 million (approximately $57 million) for violating the European General Data Protection Regulation (“GDPR”). ...more
2/14/2019
/ CNIL ,
Data Protection ,
Disclosure Requirements ,
Enforcement Actions ,
EU Data Protection Laws ,
Fines ,
General Data Protection Regulation (GDPR) ,
Google ,
Notice Requirements ,
Online Advertisements ,
Personal Data ,
Popular ,
Prior Express Consent ,
Regulatory Violations ,
Transparency
Game-changing Calif. Consumer Privacy Act of 2018 puts statutory breach damages on the table -
The recently-enacted California Consumer Privacy Act of 2018 is a game-changer in a number of respects. The Act imports...more
8/24/2018
/ Class Action ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Hackers ,
New Legislation ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Risk Management ,
State and Local Government ,
State Data Breach Notification Statutes
Shortly after the new year, the Federal Trade Commission filed suit in the Northern District of California against D-Link Corporation, a Taiwan-based maker of wireless routers, Internet Protocol (IP) cameras, and software...more
2/6/2017
/ Corporate Counsel ,
Data Security ,
Federal Trade Commission (FTC) ,
Hackers ,
Popular ,
Security Standards ,
Software ,
Taiwan ,
Technology ,
Technology Sector ,
Vulnerability Assessments ,
Young Lawyers
States were busy updating their data breach notification statutes in 2016. With 2016 in the rear view, let’s take a look back at the legislative changes that will impact corporate incident response processes and what those...more
Last week, the FTC published a blog post titled The NIST Cybersecurity Framework and the FTC, in which the agency issued a nuanced answer to an oft-asked question: “If I comply with the NIST Cybersecurity Framework, am I...more
There is no doubt that companies face unprecedented volume and variation in both disruptive and intrusive cyberattacks on their networks. Among the different attack methodologies today, ransomware is quickly becoming a major...more
7/29/2016
/ Breach Notification Rule ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Malware ,
Notification Requirements ,
OCR ,
Personally Identifiable Information ,
PHI ,
Popular ,
Ransomware
Last week, the Seventh Circuit revived a data breach class action against P.F. Chang’s restaurant in an important opinion that continues a plaintiff-friendly trend that began with the court’s opinion in the Neiman Marcus case...more
Last week, fashion retailer Lord & Taylor reached a settlement with the FTC over its allegedly deceptive advertising campaign, the first such action since the FTC released its Enforcement Policy Statement on Deceptively...more
The European Commission has announced that it has reached a deal to replace the EU-US Safe Harbor framework that was declared invalid last year by the Court of Justice of the European Union (“ECJ”). Heralded as the EU-US...more
On January 5, 2015, the Federal Trade Commission (FTC) entered into a consent order with dental software manufacturer Henry Schein Practice Solutions, Inc. ("Schein") in connection with allegations that Schein had made...more
On October 6, California Governor Jerry Brown signed legislation updating California’s data breach notice statute for the third time in three years. The news was quickly overshadowed by the CJEU’s decision invalidating the...more
10/15/2015
/ Breach Notification Rule ,
Compliance ,
Corporate Counsel ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Incident Reporting ,
Data Breach ,
Data Protection ,
Encryption ,
European Court of Justice (ECJ) ,
Hackers ,
Incident Response Plans ,
International Data Transfers ,
New Legislation ,
Popular ,
Privacy Concerns ,
Privacy Laws ,
Right to Privacy ,
US-EU Safe Harbor Framework
Earlier this month, privacy and security professionals from around the globe gathered for “Privacy. Security. Risk. 2015”—the second joint conference between the International Association of Privacy Professionals and the...more
10/15/2015
/ Big Data ,
Cloud Computing ,
Compliance ,
Covered Entities ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Protection Authority ,
Data Security ,
Department of Health and Human Services (HHS) ,
Dropbox ,
Edward Snowden ,
Enforcement Actions ,
Ethics ,
EU Data Protection Laws ,
European Commission ,
European Court of Justice (ECJ) ,
Facebook ,
FCC ,
Federal Trade Commission (FTC) ,
Google ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
International Data Transfers ,
Internet of Things ,
Ireland ,
Microsoft ,
National Security ,
National Security Agency (NSA) ,
OCR ,
Personal Data ,
Popular ,
Privacy Laws ,
Right to Privacy ,
Safe Harbors ,
Schrems I & Schrems II ,
Security Risk Assessments ,
US-EU Safe Harbor Framework