No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
No Password Required: Founder and Commissioner of the US Cyber Games, CEO of the Cyber Marketing Firm Katzcy, and Someone Who Values Perseverance Over Perfection
Biometric Litigation
Founder of Cyber Security Unity, Member of the Order of the British Empire, and Appreciator of '80s Soap Operas
Illinois Supreme Court Clarifies BIPA Violation Accruals, Opening the Door for “Annihilative” Damage
No Password Required: The Custom T-Shirt-Wearing CEO Who Not Only Appreciates Mega Man ... He Basically Is One
Hybrid Workforces and Compliance with Sheila Limmroth
Legislating Data Privacy Series: A Conversation with Massachusetts Representatives Dave Rogers and Andy Vargas
State Law Privacy Video Series | Privacy and Sensitive Information
Podcast: BIPA Trends in 2022
State Law Privacy Video Series | Applicability
Getting Personal—Wearable Devices, Data, and Compliance
Episode 8: Why brokers, not breaches, are America's greatest privacy threat (with Rob Shavell)
NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
Inside Privacy Law: The Regulation of Personal Data
NGE On Demand: Cybersecurity Considerations for Emerging Companies with Michael Gray and David Wheeler
Oklahoma: Changing Data Privacy as We Know It?
The Convergence of AI and Data Privacy in eDiscovery: Using AI and Analytics to Identify Personal Information
Reducing Cybersecurity Burdens with a Customized Data Breach Workflow
Sitting with the C-Suite: Looking Ahead to Potential Compliance Issues Due to COVID-19
Ten years ago, a California Court of Appeal determined that the Song-Beverly Credit Card Act of 1971 (also the Act), an act that prohibits retailers from requiring consumers’ personally identifiable information (PII) as a...more
The plaintiffs’ bar has added a new tool to its arsenal to target cookies, pixels, and similar online tracking tools and the businesses that use them: the California Song-Beverly Credit Card Act of 1971 (“Act”). This...more
Over the past few months, a wave of new lawsuits has been filed in California state court against online retailers alleging violations of California’s Song-Beverly Credit Card Act, Cal. Civ. Code § 1747.08 (“Song-Beverly”)....more
The California Song-Beverly Credit Card Act (the “Act”) – an act intended to protect the personal privacy of individuals during credit card transactions – may very well become the new trend in California privacy litigation. ...more
In a case of first impression, the U.S. Court of Appeals for the Ninth Circuit was tasked with determining whether the alleged extracting and retaining of consumer data and tracking of customers using an online payment...more
Welcome to Wiley’s update on recent developments and what’s next in consumer protection at the Consumer Financial Protection Bureau (CFPB) and Federal Trade Commission (FTC). In this newsletter, we analyze recent regulatory...more
To establish credibility for their new criminal marketplace, cyber criminals have posted details on over 1,000,000 credit cards, stolen between 2018 and 2019, including card number, CVV number, name and address on the dark...more
The what: What are connected car payments? Connected car payments are a subset of connected car technology. Connected cars are vehicles with technology integrated into the user’s daily life that allow the vehicle to...more
Report on Supply Chain Compliance 3, no. 16 (August 20, 2020) - The Office of the Comptroller of the Currency fined Capital One USD 80 million for inadequate data controls leading to a 2019 data breach and for failing to fix...more
Although litigation under California’s Song-Beverly Credit Card Act has largely slowed to a trickle, businesses continue to have questions surrounding compliance and litigation risk and exposure. A recent ruling by a...more
Three million fraud cases were reported to the FTC in 2018, and 444,602 of them involved identity theft. These reported cases (just think of how high the statistic would be if all cases were reported) amounts to the third...more
Louisiana Governor John Bel Edwards activated the State’s cybersecurity team recently after several State offices’ computers started acting strangely. The IT team identified an intrusion of Ryuk ransomware and which programs...more
Approximately 3,000 customers of the Fort Worth Water Department were notified recently that their credit card information may have been compromised as a result of a data breach suffered by its vendor, Click2Gov....more
Not to say, I told you so, but around the same time that the Capital One data breach occurred, I was reminding clients that nearly half of all significant data breaches or cyber-incidents occur because of internal actors. ...more
Louisiana Governor John Bel Edwards, for the first time in history, declared a statewide cybersecurity emergency last week, following cyber-attacks against several school systems in the state. ...more
Security research firm Gigamon has reported that the nasty cybercriminal group FIN8 may have reappeared in June after a two-year silence. FIN8 is known for implementing malware on point of sale systems to steal credit card...more
In this month's edition of our Privacy & Cybersecurity Update, we reflect on the GDPR's one-year anniversary while also examining the EU's new Cybersecurity Act. We also take a look at HHS' new guidance on direct liability of...more
Apple has partnered with Goldman Sachs to offer a privacy-protected credit card that has no signature, card number or any other personal information except your name....more
Marriott International Inc. (Marriott) has released new numbers relating to its Starwood Hotel’s reservation database by stating that more than 5 million passport numbers were stolen in the database. ...more
This week, in Siglin v. Sixt Rent A Car, LLC, 18-cv-62536, a proposed class action was filed against Sixt Rent A Car, LLC (“Sixt”) for its alleged failure to properly conceal consumers’ card and identification information on...more
On July 20, 2018, SingHealth, a Singapore healthcare institution consisting of four public hospitals, five national specialty centers and a network of nine polyclinics, reported that it had been the target of a cyberattack...more
The Fourth Circuit’s 2017 decision in Beck v. McDonald held that the mere fear of identity theft in the wake of a data breach was insufficient to confer Article III standing. ...more
Last week, the U.S. Court of Appeals for the Eighth Circuit affirmed the district court’s approval of a $17 million settlement between Target Corp. and consumers whose credit card data was compromised in the 2013 data breach....more
We recently commented on one hotly contested legal issue being addressed by the courts in data breach class action litigation, that of plaintiffs’ standing. Another issue that has been the subject of recent court activity in...more
Our weekly OTA & Travel Distribution Update is below. This week’s Update features a number of familiar stories....more