Pursuing negligence claims in the Eighth Circuit following a data breach just got harder. On May 31, 2019, the U.S. Court of Appeals for the Eighth Circuit again dismissed the data breach claims in In re SuperValu, Inc....more
6/6/2019
/ Actual Damages ,
Article III ,
Consumer Information ,
Consumer Protection Laws ,
Cybersecurity ,
Data Breach ,
FTC Act ,
Future Harm ,
Leave to Amend ,
Negligence ,
Popular ,
Standing ,
Unfair or Deceptive Trade Practices ,
Uniform Trade Secrets Acts ,
Unjust Enrichment
The Federal Trade Commission is putting more teeth into the multiyear compliance obligations of consent orders it enters into with companies to settle enforcement actions related to data breaches. The FTC recently issued a...more
5/30/2019
/ Best Practices ,
Consent Order ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Information Security ,
Personal Data ,
Risk Management ,
Security Risk Assessments ,
Vendor Contacts
The Pennsylvania Supreme Court recently held that employers have “a legal duty to safeguard” the personal data of their employees which is stored on internet-accessible computer systems and that the economic loss doctrine...more
12/20/2018
/ Breach of Duty ,
Breach of Implied Contract ,
Class Action ,
Corporate Counsel ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Data Storage ,
Duty to Protect ,
Economic Damages ,
Economic Loss Doctrine ,
Employer Liability Issues ,
Hackers ,
Identity Theft ,
Negligence ,
PA Supreme Court ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Reasonable Care ,
Remand ,
Reversal
What You Need to Know Now -
• The new law takes effect January 1, 2020, but there’s a lot to do so you need to start work now.
• The new law expands the definition of personal information and gives California consumers...more
7/17/2018
/ Consumer Privacy Rights ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Rights ,
Data Security ,
Data-Sharing ,
Disclosure Requirements ,
Enforcement ,
Governor Brown ,
Minors ,
New Legislation ,
Notice Requirements ,
Opt-In ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Privacy Laws ,
Private Right of Action ,
Right to Delete ,
Statutory Damages ,
Third-Party Service Provider ,
Vendors
The U.S. Court of Appeals for the Third Circuit has found that plaintiffs must show a causal connection between the theft of their personal information and the purported harm that they have suffered in order to survive a...more
7/13/2018
/ Appeals ,
Breach of Contract ,
Data Breach ,
Data Privacy ,
Data Security ,
Discovery ,
Dismissals ,
Economic Loss Doctrine ,
Former Employee ,
Fraudulent Charges ,
Hackers ,
Motion for Summary Judgment ,
Personally Identifiable Information ,
Property Theft ,
Putative Class Actions ,
Unjust Enrichment
The U.S. Court of Appeals for the Eleventh Circuit on June 6 issued its long-awaited decision in LabMD v. Federal Trade Commission, vacating a Federal Trade Commission cease and desist order directing LabMD to overhaul its...more
7/5/2018
/ Appeals ,
Cease and Desist Orders ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Enforcement Actions ,
Federal Rules of Civil Procedure ,
Federal Trade Commission (FTC) ,
LabMD ,
Popular ,
Reversal ,
Unfair or Deceptive Trade Practices
The U.S. Court of Appeals for the Fourth Circuit has found that allegations that fraudsters used the personal information of data breach victims are sufficient to establish standing even without any fraudulent charges...more
6/27/2018
/ Appeals ,
Article III ,
Class Action ,
Cybersecurity ,
Data Breach ,
Debit and Credit Card Transactions ,
Fraudulent Charges ,
Identity Theft ,
Injury-in-Fact ,
Negligence ,
Personally Identifiable Information ,
Pleading Standards ,
Popular ,
Remand ,
Standing ,
Subject Matter Jurisdiction ,
Vacated
The U.S. Court of Appeals for the Ninth Circuit has found that allegations of a future risk of identity theft resulting from a data breach are sufficient to establish standing....more
3/12/2018
/ Article III ,
Consumer Fraud ,
Corporate Counsel ,
Customer Information ,
Cyber Attacks ,
Data Breach ,
Hackers ,
Identity Theft ,
Injury-in-Fact ,
Internet Retailers ,
Motion to Dismiss ,
Personally Identifiable Information ,
Putative Class Actions ,
Retail Market ,
Standing ,
Zappos
The Federal Trade Commission on Jan. 8 announced its first settlement of alleged violations of the Children’s Online Privacy Protection Act arising from internet-connected toys. The FTC complaint against VTech followed the...more
1/24/2018
/ Children's Products ,
Children's Toys ,
Connected Items ,
COPPA ,
Data Breach ,
Data Collection ,
Data Security ,
Federal Trade Commission (FTC) ,
Internet of Things ,
Online Safety for Children ,
Personally Identifiable Information ,
Popular ,
Regulatory Violations ,
Settlement
Data breaches are a reality that all businesses need to take seriously. Knowing your vulnerabilities is only part of the solution. You and your key stakeholders should be prepared with an incident response plan that defines...more
Equifax, one of the three nationwide credit bureaus that track and rate the financial history of consumers, announced in September that it had suffered a data breach exposing personal information of up to 143 million...more
9/25/2017
/ Breach Notification Rule ,
Credit Reporting Agencies ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Emergency Management Plans ,
Equifax ,
Hackers ,
Personally Identifiable Information ,
Popular ,
Risk Management
The U.S. Court of Appeals for the Eighth Circuit held that allegations of a future risk of identity theft resulting from a data breach are not sufficient to establish standing. The August 30 ruling in In re SuperValu Customer...more
The U.S. Court of Appeals for the Eighth Circuit has held that allegations that the security provisions of a privacy policy were violated are sufficient for standing in a data breach case, but that plaintiffs’ contractual...more
8/28/2017
/ Article III ,
Bitcoin ,
Breach of Contract ,
Breach of Implied Contract ,
Corporate Counsel ,
Data Breach ,
Gambling ,
Hackers ,
Personally Identifiable Information ,
Popular ,
Privacy Policy ,
Putative Class Actions ,
Scottrade ,
Standing ,
Stock Prices ,
Unjust Enrichment
This week, the U.S. Court of Appeals for the Second Circuit issued an important decision in Whalen v. Michaels Stores, placing the court at the center of the controversy around what allegations are sufficient to establish...more
5/9/2017
/ Article III ,
Corporate Counsel ,
Credit Cards ,
Data Breach ,
Fraudulent Charges ,
Hackers ,
Identity Theft ,
Malware ,
Michaels ,
Personally Identifiable Information ,
Pleading Standards ,
Popular ,
Putative Class Actions ,
Retail Market ,
Standing
The U.S. Court of Appeals for the Fourth Circuit has made it more difficult to establish Article III standing in data breach cases both at the pleading stage and at summary judgment by requiring plaintiffs to allege and show...more
2/23/2017
/ Actual Injuries ,
Article III ,
Corporate Counsel ,
Data Breach ,
Future Harm ,
Identity Theft ,
Medical Records ,
Personally Identifiable Information ,
Pleadings ,
Privacy Act of 1974 ,
Split of Authority ,
Standing ,
Summary Judgment ,
Young Lawyers
A Smooth Patch in a Rough Road? Governmental Transition and Intellectual Property -
Whenever a new Congress convenes, some IP issues come to the fore while others take a back seat. Transition to a new administration in the...more
2/10/2017
/ Administrative Appointments ,
America Invents Act ,
Appeals ,
Article III ,
Barack Obama ,
Cheerleaders ,
Copyright ,
Copyright Infringement ,
Copyright Office ,
Data Breach ,
Denial of Certiorari ,
Disparagement ,
DMCA ,
Exclusive Licenses ,
Fashion Design ,
FDCPA ,
File Sharing ,
First Amendment ,
Free Speech ,
Google ,
Injury-in-Fact ,
Intellectual Property Protection ,
Inter Partes Review (IPR) Proceeding ,
International Trade Commission (ITC) ,
Internet Service Providers (ISPs) ,
IP License ,
Lanham Act ,
Lee v Tam ,
Lenz v Universal Music Corp. ,
Misappropriation ,
Non-Appealable Decisions ,
Non-Practicing Entities ,
Online Videos ,
Oracle ,
Patent Trial and Appeal Board ,
Patents ,
Petition for Writ of Certiorari ,
Popular ,
Privacy Laws ,
SCOTUS ,
Section 337 ,
Software Developers ,
Spokeo v Robins ,
Standing ,
Star Athletica v Varsity Brands ,
Takedown Notices ,
Tariff Act of 1930 ,
Trade Secrets ,
Trademark Registration ,
Trademarks ,
Trans-Pacific Partnership ,
Trump Administration ,
Uniforms ,
USPTO ,
YouTube
Last week, the Third Circuit held that allegations of the unauthorized disclosure of personal information in violation of the Fair Credit Reporting Act (FCRA) constituted a de facto injury sufficient to confer standing at the...more
1/25/2017
/ Appeals ,
Article III ,
Blue Cross ,
Blue Shield ,
Class Action ,
Consumer Reporting Agencies ,
Cookies ,
Data Breach ,
De Facto Injury ,
Dismissals ,
Fair Credit Reporting Act (FCRA) ,
Health Insurance ,
Personally Identifiable Information ,
Pleadings ,
Reversal ,
Standing ,
Statutory Rights ,
Unauthorized Disclosure ,
Web Browsers
Privacy Shield – An Early Reflection -
EU law generally prohibits the transfer of personal data from the European Economic Area to the U.S., unless the transfer is made in accordance with an authorized data transfer...more
10/25/2016
/ Article III ,
Cable Communications Protection Act (CCPA) ,
Confidential Information ,
COPPA ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Breach ,
Data Collection ,
Data Protection ,
Electronic Protected Health Information (ePHI) ,
Equal Employment Opportunity Commission (EEOC) ,
EU ,
EU-US Privacy Shield ,
Gramm-Leach-Blilely Act ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Information Sharing ,
Injury-in-Fact ,
International Data Transfers ,
IP Addresses ,
Personal Data ,
Personally Identifiable Information ,
Privacy Policy ,
Standing ,
Video Privacy Protection Act ,
VPPA ,
Wellness Programs
Last week, the Sixth Circuit held that allegations that personal information was stolen following a data breach was sufficient to confer Article III standing to sue to the affected individuals, even in the absence of...more
9/20/2016
/ Article III ,
Class Action ,
Corporate Counsel ,
Data Breach ,
Fair Credit Reporting Act (FCRA) ,
Injury-in-Fact ,
Insurance Industry ,
Nationwide Insurance Co. ,
Personally Identifiable Information ,
Popular ,
Standing
The number of data breaches has risen significantly in the past few years. More and more companies, both large and small, are having their computer networks compromised and are looking for guidance on how to respond. This...more
Last week, three commissioners from the Federal Trade Commission (FTC) held in In the Matter of LabMD, Inc. that a company’s failure to implement reasonable security measures to protect sensitive consumer information on its...more
8/3/2016
/ Actual Injuries ,
Administrative Law Judge (ALJ) ,
Data Breach ,
Data Security ,
Federal Trade Commission (FTC) ,
FTC Act ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
LabMD ,
p2p ,
PHI ,
Popular ,
Section 5 ,
Unfair or Deceptive Trade Practices
In a closely-watched cybersecurity case, a three-judge panel of the U.S. Court of Appeals for the Third Circuit held in Federal Trade Commission v. Wyndham Worldwide Corporation (No. 14-3514) that the Federal Trade Commission...more
9/1/2015
/ Administrative Authority ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Fair Notice ,
Federal Trade Commission (FTC) ,
FTC Act ,
FTC v Wyndham ,
Popular ,
Unfair or Deceptive Trade Practices ,
Wyndham
Last week, a three-judge panel of the 7th U.S. Circuit Court of Appeals held in Remijas v. Neiman Marcus Group LLC that individuals whose debit and credit card numbers were stolen by cyberthieves who had hacked into Neiman...more
8/3/2015
/ Article III ,
Clapper v. Amnesty International ,
Class Action ,
Credit Monitoring ,
Cyber Attacks ,
Data Breach ,
FISA ,
FISA Amendments Act ,
Fraudulent Charges ,
Free Identity Theft Protection ,
Identity Theft ,
Neiman Marcus ,
Standing