In a reminder that open source products can carry significant risks beyond intellectual property, a vulnerability in a compression tool commonly used by developers has triggered widespread concerns....more
On November 21, the Federal Trade Commission (“FTC”) approved in a 3-0 vote a resolution authorizing the use of compulsory process in nonpublic investigations involving products and services that involve or claim to involve...more
11/29/2023
/ Algorithms ,
Artificial Intelligence ,
Civil Investigation Demand ,
Corporate Counsel ,
Cybersecurity ,
Data Privacy ,
Federal Trade Commission (FTC) ,
Innovative Technology ,
Investigations ,
Machine Learning ,
Regulatory Authority ,
Regulatory Oversight
On March 8, 2023, the U.K. Secretary of State for Science for Innovation and Technology announced the publication of the Data Protection and Digital Information (No.2) Bill. This new version of the Data Protection and Digital...more
2022 proved to be an historic year for privacy and data security. Connecticut and Utah joined the list of states that have now passed comprehensive data privacy laws, bringing the total to five (5) states. For the first...more
On December 22, 2022, France’s National Commission for Technology and Freedoms (“CNIL”) fined Microsoft’s Irish subsidiary 60 million euro for failure to comply with Article 82 of the French Data Protection Law (known as the...more
On November 9, 2022, New York Department of Financial Services (NYDFS) Superintendent Adrienne Harris announced that the NYDFS formally proposed an updated cybersecurity regulation. Although the updates had previously been...more
The Third Circuit recently became the first federal appellate court to address the question of whether the victim of a data breach has Article III standing to bring a claim for damages based on the fear of identity theft...more
On October 1, 2022, the Colorado Attorney General‘s Office announced that it had submitted the first draft of its Rules implementing the Colorado Privacy Act....more
The Federal Trade Commission (FTC) recently issued a blog post stating that a failure to disclose a data breach may be a violation of Section 5 of the FTC Act. The May 20 blog post, titled Security Beyond Prevention: The...more
On March 15, 2022, President Joe Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA), which increased funding for the federal Cybersecurity and Critical Infrastructure Agency (CISA) and...more
Following in the footsteps of the Eastern District of Virginia’s Capital One decision last year and the District of D.C.’s Clark Hill decision earlier this year, the Eastern District of Pennsylvania has just ordered the...more
In an opinion that deepens an existing circuit court split, the Eleventh Circuit recently held that the future risk of identity theft is not sufficient to establish Article III standing....more
On January 12, 2021, the federal District Court for the Central District of California dismissed a data breach law suit—including a claim filed under the California Consumer Privacy Act (“CCPA”)—against Marriott...more
On August 19, 2020, the United States District Court for the Northern District of California granted preliminary approval of the class action settlement in In re Facebook Biometric Information Privacy Litigation,...more
8/21/2020
/ Attorney's Fees ,
Biometric Information ,
Biometric Information Privacy Act ,
Class Action ,
Class Members ,
Corporate Counsel ,
Data Collection ,
Evidentiary Hearings ,
Facebook ,
Facial Recognition Technology ,
IL Supreme Court ,
Popular ,
Statutory Damages
The widespread use of social media platforms make them ideal for companies trying to reach a large audience. Pharmaceutical and consumer products industries frequently maintain their own social media accounts and partner with...more
3/5/2020
/ Advertising ,
Brand ,
Celebrity Endorsements ,
Comment Period ,
Corporate Counsel ,
Disclosure Requirements ,
Endorsements ,
Federal Trade Commission (FTC) ,
FTC Act ,
FTC Endorsement Guidelines ,
Influencers ,
Marketing ,
Online Advertisements ,
Online Endorsements ,
Patients ,
Pharmaceutical Industry ,
Physicians ,
Regulatory Requirements ,
Social Media ,
Websites
At what has been described as a marathon hearing that lasted late into the night of July 9, the California Senate Judiciary Committee advanced several amendments to the California Consumer Privacy Act (the “CCPA”), but major...more
7/11/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Corporate Counsel ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Legislative Agendas ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Proposed Amendments ,
Rulemaking Process
Any entity that does business in these states or maintains confidential information of their residents should monitor the proposed data breach legislation discussed below: Oregon, New York, Alabama, and Rhode Island....more
3/5/2018
/ Corporate Counsel ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Equifax ,
Hackers ,
Legislative Agendas ,
Personally Identifiable Information ,
Popular ,
Preemption ,
Proposed Legislation ,
State and Local Government ,
State Data Breach Notification Statutes
The Arizona State Legislature is considering proposed legislation that, if enacted, would significantly change the requirements for how Arizona entities respond to data breaches....more
In the span of just nine days, the U.S. Court of Appeals for the Eighth Circuit issued two rulings in class actions involving data breaches—one breach in 2013 at brokerage firm Scottrade and another in 2014 at grocery stores...more
9/5/2017
/ Article III ,
Breach of Contract ,
Brokerage Accounts ,
Class Action ,
Corporate Counsel ,
Cyber Attacks ,
Data Breach ,
Federal Rule 12(b)(6) ,
Grocery Stores ,
Hackers ,
Injury-in-Fact ,
Personally Identifiable Information ,
Popular ,
Scottrade ,
Standing
There are several key takeaways from a 20-year proposed consent order agreed to by Uber Technologies, Inc. (Uber) and the Federal Trade Commission (FTC)...more
8/21/2017
/ Antitrust Provisions ,
Antitrust Violations ,
Cloud Storage ,
Corporate Counsel ,
Customer Privacy ,
Data Privacy ,
Data Security ,
Federal Trade Commission (FTC) ,
Personally Identifiable Information ,
Sharing Economy ,
Uber
The U.S. District Court for the District of Colorado recently dismissed a proposed class action lawsuit filed by financial institutions relating to a 2016 data breach that involved hundreds of Noodles & Company (Noodles)...more
7/27/2017
/ Banking Sector ,
Choice-of-Law ,
Class Action ,
Corporate Counsel ,
Cyber Attacks ,
Data Breach ,
Economic Loss Doctrine ,
Financial Institutions ,
PCI-DSS Standard ,
Personally Identifiable Information ,
Popular ,
Restaurant Industry