
Privacy & Cybersecurity
Viewpoints
Filter by:
Uber and FTC Arrive at Settlement: Extensive Monitoring, but no FTC Fines Ahead
November 15, 2018 | Blog | By Cynthia Larose, Elana Safner
Recently, the Federal Trade Commission (“FTC”) announced that it has finalized its expanded settlement with ride-haling giant, Uber Technologies, Inc. (“Uber”) related to two major data breach incidents. The initial breach occurred in 2014 and led to an FTC investigation into Uber’s data storage practices for rider and driver data.
Read more
FDA Issues Draft Cybersecurity Guidance for Med Devices
October 22, 2018 | Blog | By Cynthia Larose
If you are a medical device manufacturer, the Food and Drug Administration (FDA) says that you should prepare a “cybersecurity bill of materials” before marketing your devices. As outlined in our sister blog’s post, the requirement would require manufacturers to produce a list of the components that could be susceptible to vulnerabilities.
Read more
“Hey Alexa – Tell Me About Your Security Measures”
October 4, 2018 | Blog | By Brian Lam, Cynthia Larose
California continues to lead the nation in cybersecurity and privacy legislation on the heels of the recent California Consumer Privacy Act of 2018 (“CCPA”). Governor Brown recently signed into law two nearly identical bills, Assembly Bill No. 1906 and Senate Bill No. 327 (the “Legislation”) each of which required the signing of the other to become law, on September 28th, 2018.
Read more
October Is National Cyber Security Awareness Month: NTIA Requests Comment on a Proposed Risk-Management Approach to Consumer Data Privacy
October 1, 2018 | Blog | By Ari Moskowitz, Christopher Harvie, Cynthia Larose
Welcome to October! October 2018 marks the 15th year of the observance of National Cyber Security Awareness Month, a joint effort of the U.S. Department of Homeland Security and the National Cyber Security Awareness Alliance. We’ll be keeping you updated on all things privacy and security throughout the month.
Read more
National Cyber Strategy Aims to Deter through Strength; Collaborate with Private Sector to Secure Cyberspace
September 28, 2018 | Blog | By Christopher Harvie, Cynthia Larose, Elana Safner
Late last week the White House released its National Cyber Strategy, setting forth its approach to protecting U.S. critical infrastructure from global cyber threats.
Read more
Court Rejects Neiman Marcus Data Breach Settlement Due To Injury-Based Class Conflicts
September 20, 2018 | Blog | By Kevin McGinty
As previously noted in this blog, the Neiman Marcus payment card data theft class action reflects a lenient approach to the issue of standing in data breach cases. In that case, the Seventh Circuit rejected arguments that customers claiming to have sustained only the theft of debit and credit card information had not alleged sufficient injury to have standing to sue.
Read more
More Privacy Legislative Activity in California
September 4, 2018 | Blog | By Cynthia Larose
Labor Day is passed, and the Privacy & Security Matters blog is back after a bit of a hiatus. The California State Legislature was busy up to the last day of the session working on privacy legislation.
Read more
European Parliament Sets a Deadline for Reforming Privacy Shield – But Don’t Panic (Yet)
July 5, 2018 | Blog | By Susan Foster
The European Parliament passed a resolution today strongly criticizing Privacy Shield and recommending that Privacy Shield be suspended as of September 1, 2018, if the US doesn’t shape up by that deadline. Should US companies that rely on Privacy Shield panic?
Read more
Narrow Ruling for Privacy at SCOTUS in Carpenter
July 3, 2018 | Blog | By Eoin Beirne
The Supreme Court ruled, at the end of June, that seizing cell-site location information—data that tracks cell phone users’ movements—constitutes a search under the Fourth Amendment.
Read more
HIPAA, Security Vulnerabilities and Patching
July 3, 2018 | Blog
In its most recent Cybersecurity Newsletter, OCR focuses on the intersection of HIPAA and information security. To be sure, HIPAA requires covered entities and business associates to address their organizations’ information security.
Read more
PRIVACY ALERT: California Leads the Privacy Parade Again with Groundbreaking Privacy Legislation
June 29, 2018 | Blog | By Cynthia Larose, Brian Lam
June 28, 2018 will be a watershed day in the history of U.S. data privacy legislation. California has become the first state to move away from the U.S. approach of legislating data privacy in slow bits.
Read more
Trump Administration Botnet Report Will Impact IoT Device Makers – Things You Should Know
June 25, 2018 | Blog | By Christopher Harvie, Cynthia Larose, Laura Stefani
Manufacturers of wireless devices used for Internet of Things (IoT) applications should take heed of new Trump Administration proposals aimed at reducing the cybersecurity threats from botnets and other automated and distributed attacks.
Read more
Fourth Circuit Decision Seizes Middle Ground on the Issue of Standing in Data Breach Cases
June 20, 2018 | Blog | By Kevin McGinty
In the latest decision concerning standing in data breach cases, the Fourth Circuit has vacated a district court’s dismissal and reinstated putative class action data breach litigation against the National Board of Examiners in Optometry Inc. (“NBEO”).
Read more
HIPAA Tips from the Trenches
June 14, 2018 | Blog
Earlier this week, I moderated a panel discussion at an event hosted by the New York chapter of the Health Information and Management Systems Society (HIMSS). The panel was comprised of private sector health information technology and security experts and was tasked with discussing challenges related to the interoperability and security of health information systems.
Read more
Colorado Passes Far Reaching New Privacy and Cybersecurity Law
June 6, 2018 | Blog | By Cynthia Larose, Brian Lam
Recently, a new bill was signed by Colorado Governor John Hickenlooper, creating far reaching new requirements for entities that collect or maintain personal identifying information of Colorado residents. These requirements, which will create one of the strictest state based privacy and data breach laws in the country, will go into effect September 1, 2018.
Read more
OCR Highlights Importance of Physical Safeguards to Protect PHI
May 31, 2018 | Blog | By Sarah Beth Kuyers
The May 2018 cyber security newsletter from the U.S. Department of Health and Human Services Office for Civil Rights (OCR) focused on a topic often overlooked by covered entities and their business associates: physical security.
Read more
HAPPY GDPR DAY!!
May 25, 2018 | Blog | By Cynthia Larose, Susan Foster
If you glance at the “countdown clock” in the left hand sidebar of our blog, you’ll see that it has reached 00:00:00. GDPR Day is here. But, unlike Y2K (for those of you old enough to remember the near-hysteria), 25 May 2018 is only the beginning of the GDPR compliance road and not a “completion date.”
Read more
Still Thinking about GDPR?
May 15, 2018 | Blog | By Cynthia Larose
We are now in the 10-day countdown to the GDPR enforcement date that we’ve been talking about since 2015. If you are a charter member of Procrastinators Anonymous, or just secretly hoped that this would all go away, the sands in the hourglass are running low.
Read more
FTC Puts Kids’ Smart Watch Companies in Time Out for COPPA Violation
May 7, 2018 | Blog | By Cynthia Larose, Elana Safner
Answering the centuries’ old question, it appears it is the Federal Trade Commission (“FTC”) that watches the watchmen. The FTC sent warning letters to a pair of foreign app developers cautioning them that their practices of collecting children’s geolocation data without parental consent may be in violation of the Children's Online Privacy Protection Act (“COPPA”).
Read more
Supreme Court to Review Use of Charitable Donation to Settle Privacy Claims Against Google
May 2, 2018 | Blog | By Kevin McGinty
A challenge to the use of a cy pres charitable donations to settle privacy claims against Google will be heard by the Supreme Court. In Frank v. Gaos, petitioners seek reversal of lower court decisions rejecting their objection to an $8.5 million settlement of claims arising from Google’s transmission of users’ search terms to third-party websites.
Read more
Explore Other Viewpoints:
- Antitrust
- Appellate
- Arbitration, Mediation & Alternate Dispute Resolution
- Awards
- Bankruptcy & Restructuring
- California Land Use
- Class Action
- Complex Commercial Litigation
- Construction
- Consumer Product Safety
- Cross-Border Asset Recovery
- Debt Financing
- Diversity
- EB-5 Financing
- Education & Nonprofits
- Employment, Labor & Benefits
- Energy & Sustainability
- Environmental Enforcement Defense
- Environmental Law
- FDA Regulatory
- Federal Circuit Appeals
- Financial Institution Litigation
- Government Law
- Health Care
- Health Care Compliance, Fraud and Abuse, & Regulatory Counseling
- Health Care Enforcement & Investigations
- Health Care Transactions
- Health Information Privacy & Security
- IP Due Diligence
- IPRs & Other Post Grant Proceedings
- Immigration
- Insolvency & Creditor Rights Litigation
- Institutional Investor Class Action Recovery
- Insurance & Financial Services
- Insurance Consulting & Risk Management
- Insurance and Reinsurance Problem-Solving & Dispute Resolution
- Intellectual Property
- Investment Funds
- Israel
- Licensing & Technology Transactions
- Life Sciences
- Litigation & Investigations
- M&A Litigation
- ML Strategies
- Medicare, Medicaid and Commercial Coverage & Reimbursement
- Mergers & Acquisitions
- Patent Litigation
- Patent Prosecution & Strategic Counseling
- Privacy & Cybersecurity
- Private Client
- Private Equity
- Pro Bono
- Products Liability & Complex Tort
- Project Development & Finance
- Public Finance
- Real Estate Litigation
- Real Estate Transactions
- Real Estate, Construction & Infrastructure
- Retail & Consumer Products
- Securities & Capital Markets
- Securities Litigation
- Sports & Entertainment
- Strategic IP Monetization & Licensing
- Tax
- Technology
- Technology, Communications & Media
- Trade Secrets
- Trademark & Copyright
- Trademark Litigation
- Venture Capital & Emerging Companies
- White Collar Defense & Government Investigations