Have you started auditing your contracts with your service providers that handle EU personal data? UK Information Commissioner’s Office issues draft guidance for compliance with the GDPR’s contracting requirements.
September 14, 2017 | Blog | By Susan Foster
Many companies have started the potentially lengthy process of auditing their service provider contracts to make sure that they comply with the requirements of the General Data Protection Regulation, which comes into force on May 25, 2018.
September 14, 2017 | Blog | By Cynthia Larose, Michael Katz
As data breaches dominate national headlines it remains important as ever for businesses to invest in security and to be ready to respond if a breach occurs.
September 13, 2017 | Blog | By Cynthia Larose
The Equifax breach continues to evolve.
September 6, 2017 | Blog | By Cynthia Larose
In the absence of federal action on the Cybersecurity front, states are continuing to focus on cyber-readiness. Our government affairs affiliate, ML Strategies, has prepared an overview of what Massachusetts lawmakers are doing.
D.C. Circuit Holds Cyber-Theft of Customers’ Medical Identifying Information Created Sufficient Increased Risk of Harm to Establish Standing
September 1, 2017 | Blog | By Patrick E. McDonough
Earlier this month, an appellate panel of the federal DC Circuit unanimously held that individuals affected by a healthcare insurer’s data breach in 2014 could pursue claims against the insurer stemming from the cyberattack.
August 29, 2017 | Blog | By Cynthia Larose
As if the devastating effects of Hurricane Harvey are not bad enough, the United States Computer Emergency Readiness Team (US-CERT) of the Department of Homeland Security is warning of a different threat: falling victim (or exposing your entire company) to Harvey-related phishing schemes.
August 29, 2017 | Blog | By Cynthia Larose
Uber failed consumers in two key ways: First by misrepresenting the extent to which it monitored its employees’ access to personal information about users and drivers, and second by misrepresenting that it took reasonable steps to secure that data....This case shows that, even if you’re a fast growing company, you can’t leave consumers behind: you must honor your privacy and security promises.
August 22, 2017 | Blog | By John Koss
The law firm that inadvertently produced records containing personally-identifying information (“PII”) relating to 50,000 Wells Fargo customers in response to a third-party subpoena, which we first reported on here, went before a judge earlier this month, seeking to permanently bar the recipient and his counsel from further exploitation of the documents and their customer-identifying contents.
August 21, 2017 | Blog | By Cynthia Larose
Mintz Levin continues to be at the forefront of issues related to contractual arbitration provisions, helping clients optimize their dispute resolution and risk mitigation processes.
August 14, 2017 | Blog | By Cynthia Larose
If you are one of the many businesses licensed by the New York Department of Financial Services (DFS), and cannot avail yourself of the (very) limited exemptions, you must be ready for the first compliance transition date for the stringent DFS cybersecurity regulations – August 28, 2017.
August 8, 2017 | Blog | By Cynthia Larose
Recently, the Electronic Privacy Information Center (“EPIC”) asked the FTC to begin an investigation into a Google program called “Store Sales Management.” The purpose of Store Sales Management is to allow for the matching goods purchased in physical brick and mortar stores to the clicking of online ads, or as we refer to the practice, "Bricks to Clicks."
July 28, 2017 | Blog | By John Koss
Wells Fargo’s inadvertent production of personal identifying information ("PII") in a case involving a former employee became national news when the New York Times broke the story late last week.
July 26, 2017 | Blog | By Cynthia Larose
New Jersey Governor Chris Christie has signed the Personal Information Privacy and Protection Act (we can now add #PIPPA to the alphabet soup of privacy acronyms.....), which limits the ability of retailers to collect PII scanned from customer driver's licenses and identification cards and restricts the usage of any PII collected for the purposes identified in the Act.
July 24, 2017 | Blog | By Nancy Adams, Cynthia Larose
The "business compromise email" is what the FBI calls the "$5 billion scam," but apparently an insurance company did not agree with an insured company that they had been the victim of a crime.
July 20, 2017 | Blog
The Internet of Things (“IoT”) can be thought of as a group of different devices that can communicate with each other, perhaps over a network such as the internet. We have written extensively about many of the privacy challenges that IoT devices can create.
July 11, 2017 | Blog | By Cynthia Larose
Decisions you make when founding and/or investing in an insurtech venture can dictate your regulatory obligations, tax liability, operational structure and, ultimately, profitability.
July 6, 2017 | Blog | By John Koss
In a decision sure to have wide-ranging implications for cross-border discovery and governing privacy regimes, the Supreme Court recently held in Water Splash, Inc. v. Menon, that the Convention on the Service Abroad of Judicial and Extrajudicial Documents in Civil and Commercial Matters (the “Hague Service Convention” or the “Convention”) does not prohibit service by mail.
June 28, 2017 | Blog | By Cynthia Larose, Rithika Kulathila
Oregon’s legislature recently expanded the scope of statutory consumer protections by passing a bill to amend the state’s Unlawful Trade Practices Act (the “Act”). Recently, Oregon’s Governor Kate Brown signed H.B. 2090 into law after near unanimous passage by state lawmakers.
Going Down For A Third Time – Barnes & Noble Consumer Data Breach Claims Are Dismissed Again for Lack of Injury
June 16, 2017 | Blog | By Kevin McGinty
Despite some courts’ evident confusion about the impact of payment card theft on consumer cardholders, other courts are getting it right. Just this week, a judge in the Northern District of Illinois issued an order dismissing the second amended complaint filed by consumer cardholders in In re Barnes & Noble Pin Pad Litig. (N.D. Ill.).
June 2, 2017 | Blog
Recently the United States Computer Emergency Readiness Team (US-CERT), an organization within the Department of Homeland Security’s (DHS) National Protection and Programs Directorate (NPPD) and a branch of the Office of Cybersecurity and Communications’ (CS&C) National Cybersecurity and Communications Integration Center (NCCIC), encouraged users and administrators to review a recent article from the Federal Bureau of Investigation (FBI) regarding Building a Digital Defense with an Email Fortress.
Explore Other Viewpoints:
- Arbitration, Mediation & Alternate Dispute Resolution
- Bankruptcy & Restructuring
- Class Action
- Complex Commercial Litigation
- Consumer Product Safety
- Debt Financing
- EB-5 Financing
- Education & Nonprofits
- Employment, Labor & Benefits
- Energy & Sustainability
- Environmental Enforcement Defense
- Environmental Law
- FDA Regulatory
- Federal Circuit Appeals
- Financial Institution Litigation
- Government Law
- Health Care
- Health Care Compliance, Fraud and Abuse, & Regulatory Counseling
- Health Care Enforcement & Investigations
- Health Care Transactions
- Health Information Privacy & Security
- IP Due Diligence
- IPRs & Other Post Grant Proceedings
- Insolvency & Creditor Rights Litigation
- Institutional Investor Class Action Recovery
- Insurance & Financial Services
- Insurance Consulting & Risk Management
- Insurance and Reinsurance Problem-Solving & Dispute Resolution
- Intellectual Property
- Investment Funds
- Licensing & Technology Transactions
- Life Sciences
- Litigation & Investigations
- M&A Litigation
- ML Strategies
- Medicare, Medicaid and Commercial Coverage & Reimbursement
- Mergers & Acquisitions
- Patent Litigation
- Patent Prosecution & Strategic Counseling
- Privacy & Cybersecurity
- Private Client
- Private Equity
- Products Liability & Complex Tort
- Project Development & Finance
- Public Finance
- Real Estate Litigation
- Real Estate Transactions
- Real Estate, Construction & Infrastructure
- Retail & Consumer Products
- Securities & Capital Markets
- Securities Litigation
- Sports & Entertainment
- Strategic IP Monetization & Licensing
- Trade Secrets
- Trademark & Copyright
- Trademark Litigation
- Venture Capital & Emerging Companies
- White Collar Defense & Government Investigations