Skip to main content

Privacy & Cybersecurity

Viewpoints

Filter by:

Only One Left .....

April 2, 2018| Blog

Only one U.S. state without a data breach notification law, that is.
South Dakota as become the 49th state to enact a data breach notification law, which take effect on July 1. The South Dakota law follows the pattern of the most recent notification laws, including an expansive definition of "Personal Information".
The U.S. Supreme Court’s Spokeo v. Robins decision held that plaintiffs do not have standing to sue under Article III based solely on technical violations of the Fair Credit Reporting Act. Ever since the Supreme Court’s 2016 decision in Spokeo, Inc. v. Robins, 136 S. Ct. 1536, defendants have filed motions to dismiss putative TCPA class actions for lack of subject-matter jurisdiction.
The U.S. Court of Appeals for the District of Columbia released its long-awaited opinion on the Telephone Consumer Protection Act (“TCPA”), reversing in part and upholding in part the Federal Communications Commission (“FCC”) 2015 TCPA Declaratory Ruling and Order (“2015 R&O”).
On March 1, 2018, the Federal Communications Commission (“FCC” or “Commission”) released a draft Second Further Notice of Proposed Rulemaking (“FNPRM”) aimed at combatting illegal robocalls through use of a reassigned numbers database. The full Commission will vote on whether to adopt the FNPRM at its monthly meeting on March 22, 2018.

“May I have your zip code?” is an all-too-familiar question that may be going the way of the dinosaur in Massachusetts. Many retailers commonly ask customers for their zip codes when processing credit card transactions at, for example, a store check-out or a self-serve gas station.
Beware of March Madness! Scammers and phishers take advantage of increased web traffic by impersonating popular March Madness websites, including bracket sites and game live streams. Will your employees take the bait?
A circuit split on whether actual misuse of personal data is required to have standing to assert data breach claims remains unresolved. Last week the Supreme Court rejected a petition to review that issue in CareFirst v. Attias.
The Securities and Exchange Commission (“SEC”) released expansive interpretive guidance (“2018 Guidance”), posted February 21, 2018, further building upon its far-reaching cybersecurity guidance provided in 2011. Below are four key takeaways that will be essential in complying with federal securities laws going forward.
The Supreme Court on Tuesday will hear arguments in United States v. Microsoft Corp., in which the court will decide whether a US technology service provider, Microsoft, must obey a search warrant for data stored in a foreign country.
Mintz Levin Benefits attorney Patricia Moran recently authored an article for  the Society for Human Resources Management's latest publication describing the cybersecurity risks involved with 401(k) Plan sponsorship.
We've discussed privacy compliance with regulations, legal requirements, etc. in the space since this blog's inception. "Privacy by design" - while not a new concept - is certainly enjoying a new spot in the sunshine thanks to the European Union's General Data Protection Regulation ("GDPR") (93 days and counting...) and its codification of "privacy by design and default" in Article 25.
When a business is faced with a TCPA or a privacy class action, getting rid of the lawsuit is its number one priority. This is why it is important to entrust the case to highly experienced counsel, well versed in defending class actions. Together, the lawyers and the clients can work on developing the best approach for defending against TCPA allegations. The strategy varies widely, depending on the merits of the case and whether the plaintiff and their lawyers are open to an early and reasonable settlement. In many such cases, however, an early offer of judgment (a “Rule 68” offer) should continue to be a part of the case strategy from its early stage.

If your company is one of the broad group of businesses licensed by the New York Department of Financial Services (NY DFS), a very important deadline is bearing down on February 15. Regulated entities have under Thursday to attest to their compliance with the first-in-the-U.S. cybersecurity regulations (details and links are in blog post below). 
The Federal Communications Commission’s November 16, 2017 Report and Order aimed at combatting unlawful robocalls was published in the Federal Register on January 12, 2018 and becomes effective on February 12, 2018. More details on the Report and Order and Further Notice of Proposed Rulemaking (“FNPRM”) can be found in our November TCPA Digest.

In case you had not heard, the European Union is replacing its current privacy laws with a new, comprehensive General Data Protection Regulation (GDPR), which takes effect May 25, 2018.
The U.S. Supreme Court heard oral arguments in what may become one of the defining consumer privacy cases of our generation. The central question in Carpenter v. United States asks whether the government violates the Fourth Amendment by accessing an individual’s historical cell phone locations records without a warrant.
The European Commission has launched a new data protection website aimed at educating the public and helping businesses and other organizations comply with their new obligations under the General Data Protection Regulation.
Recently, there has been a lot of discussion regarding the Spectre and Meltdown vulnerabilities. This alert provides a simple overview of what these vulnerabilities are, what systems could be affected, as well as steps that companies can take to reduce the risks that these vulnerabilities create.
The European Union is replacing its current privacy laws with a new, comprehensive General Data Protection Regulation (GDPR), which takes effect May 25, 2018. The essential principles of the EU’s privacy laws are unchanged, but the new Regulation imposes many new obligations on many more entities – all backed up by fines modeled on European antitrust laws.
Kohl’s Department Stores Inc. was recently successful in obtaining dismissal of a Telephone Consumer Protection Act (TCPA) Class Action Complaint filed against it by Amy Viggiano. The reason? Because Ms. Viggiano failed to properly opt-out of receiving text messages.

Explore Other Viewpoints: