Skip to main content

Privacy & Cybersecurity

Viewpoints

Filter by:

Answering the centuries’ old question, it appears it is the Federal Trade Commission (“FTC”) that watches the watchmen. The FTC sent warning letters to a pair of foreign app developers cautioning them that their practices of collecting children’s geolocation data without parental consent may be in violation of the Children's Online Privacy Protection Act (“COPPA”).
A challenge to the use of a cy pres charitable donations to settle privacy claims against Google will be heard by the Supreme Court. In Frank v. Gaos, petitioners seek reversal of lower court decisions rejecting their objection to an $8.5 million settlement of claims arising from Google’s transmission of users’ search terms to third-party websites.
With the recent enactment of data breach notification laws in South Dakota and Alabama, all 50 US states now have laws regulating data breach notification. We’ve updated the Mintz Matrix (maintained by the Mintz Privacy Team for nearly 10 years) to provide you with the latest information.
Uber Technologies, Inc. (“Uber”) has agreed to an expansion of its initial August 2017 proposed consent agreement with the Federal Trade Commission (“FTC”), in light of revelations of an additional security breach in October 2016, which it knew about but did not disclose until November 2017, after it settled over its initial May 2014 breach.
Roughly around this time last year, the U.S. Supreme Court issued its ruling in Bristol-Myers Squibb v. Superior Court, 137 S. Ct. 1773 (2017), wherein the Court rejected the California Supreme Court’s finding of specific jurisdiction over mass tort claims filed by nonresidents.

On March 22, 2018, the Federal Communications Commission (FCC) adopted a Second Further Notice of Proposed Rulemaking (FNPRM) proposing the creation of a reassigned numbers database. Under the proposed rules, the FCC will ensure that a database is available to provide callers with the timely and comprehensive information they need to avoid calling reassigned numbers. The FNPRM also seeks comment on the kind of information that callers need from such a database, the best way for service providers to report this information, and whether the FCC should adopt a safe harbor from TCPA liability for callers who check the database.
Facebook has recently chosen to no longer fund opposition to the California Consumer Privacy Act, which could appear on the California State Ballot as an initiated state statute on November 6, 2018.
As the clock ticks down to May 25, 2018, when the European Union’s General Data Protection Regulation (“GDPR”) becomes fully enforceable throughout the EU, the Internet and airwaves have become saturated with guidance for companies about what to expect and how to prepare for its new protections and restrictions.
Alabama has joined the "crazy quilt" of state data breach notification laws with the governor's signature of the Alabama Data Breach Notification Act of 2018.

Only One Left .....

April 2, 2018| Blog

Only one U.S. state without a data breach notification law, that is.
South Dakota as become the 49th state to enact a data breach notification law, which take effect on July 1. The South Dakota law follows the pattern of the most recent notification laws, including an expansive definition of "Personal Information".
The U.S. Supreme Court’s Spokeo v. Robins decision held that plaintiffs do not have standing to sue under Article III based solely on technical violations of the Fair Credit Reporting Act. Ever since the Supreme Court’s 2016 decision in Spokeo, Inc. v. Robins, 136 S. Ct. 1536, defendants have filed motions to dismiss putative TCPA class actions for lack of subject-matter jurisdiction.
The U.S. Court of Appeals for the District of Columbia released its long-awaited opinion on the Telephone Consumer Protection Act (“TCPA”), reversing in part and upholding in part the Federal Communications Commission (“FCC”) 2015 TCPA Declaratory Ruling and Order (“2015 R&O”).
On March 1, 2018, the Federal Communications Commission (“FCC” or “Commission”) released a draft Second Further Notice of Proposed Rulemaking (“FNPRM”) aimed at combatting illegal robocalls through use of a reassigned numbers database. The full Commission will vote on whether to adopt the FNPRM at its monthly meeting on March 22, 2018.

“May I have your zip code?” is an all-too-familiar question that may be going the way of the dinosaur in Massachusetts. Many retailers commonly ask customers for their zip codes when processing credit card transactions at, for example, a store check-out or a self-serve gas station.
Beware of March Madness! Scammers and phishers take advantage of increased web traffic by impersonating popular March Madness websites, including bracket sites and game live streams. Will your employees take the bait?
A circuit split on whether actual misuse of personal data is required to have standing to assert data breach claims remains unresolved. Last week the Supreme Court rejected a petition to review that issue in CareFirst v. Attias.
The Supreme Court on Tuesday will hear arguments in United States v. Microsoft Corp., in which the court will decide whether a US technology service provider, Microsoft, must obey a search warrant for data stored in a foreign country.
The Securities and Exchange Commission (“SEC”) released expansive interpretive guidance (“2018 Guidance”), posted February 21, 2018, further building upon its far-reaching cybersecurity guidance provided in 2011. Below are four key takeaways that will be essential in complying with federal securities laws going forward.
Mintz Levin Benefits attorney Patricia Moran recently authored an article for  the Society for Human Resources Management's latest publication describing the cybersecurity risks involved with 401(k) Plan sponsorship.
When a business is faced with a TCPA or a privacy class action, getting rid of the lawsuit is its number one priority. This is why it is important to entrust the case to highly experienced counsel, well versed in defending class actions. Together, the lawyers and the clients can work on developing the best approach for defending against TCPA allegations. The strategy varies widely, depending on the merits of the case and whether the plaintiff and their lawyers are open to an early and reasonable settlement. In many such cases, however, an early offer of judgment (a “Rule 68” offer) should continue to be a part of the case strategy from its early stage.

Explore Other Viewpoints: