Lessons Learned from the SEC’s Order in the Yahoo! Data Breach Enforcement Action
5/22/18
By: Jennifer Lee
On April 24, 2018, the SEC issued an order in the enforcement action against Altaba Inc., formerly Yahoo! Inc., and imposed a $35 million fine relating to the 2014 data breach which affected more than 500 million …
Cybersecurity in Georgia Hits a Roadblock
5/14/18
By: Ze’eva Kushner
On May 8, 2018, Georgia’s Governor Nathan Deal made a controversial decision to veto a cybersecurity bill. Issued in the wake of the massive data breach of Atlanta-based Equifax, among other data breaches across the country, the …
Alabama Becomes Last of the Fifty Nifty United States (and D.C., Guam, Puerto Rico, and the Virgin Islands) to Pass a Data Breach Law
5/7/18
By: Robyn Flegal
Alabama has officially become the last of the 50 States to pass a data breach notification statute, which will go into effect on June 1, 2018. The Alabama Data Breach Notification Act of 2018 requires that covered …
Countries Around the World Are Investigating Facebook’s Cambridge Analytica Event
4/26/18
By: Allen E. Sattler
On March 18, 2018, news broke of the Cambridge Analytica event where the data of an estimated 87 million Facebook users was disclosed to the UK-based political consulting firm. The breach of user data resulted in …
Head In the Cloud – United States Supreme Court Takes On Application of Domestic Warrant To Information Stored Internationally
3/9/18
By: Glenn M. Kenna
The Supreme Court is set to decide a vital question this term – Can the government use a warrant served in the United States to obtain emails stored abroad? The United States Government says it can, …
Supreme Court Declines to Hear Data Breach Standing Case
2/23/18
By: Amy C. Bender
The ongoing issue of when a plaintiff has grounds (“standing”) in data breach cases saw another development this week when the U.S. Supreme Court declined to weigh in on the debate.
CareFirst, a BlueCross BlueShield health …
South Dakota Introduces Data Breach Notification Legislation
2/14/18
By: Kacie L. Manisco
On January 23, 2018, South Dakota’s Senate Attorney Judicial Committee unanimously voted in favor of introducing data breach notification legislation. Senate Bill 62 would require an “Information Holder,” i.e., a person or business conducting business in …
Cybersecurity Deadlines Approaching for Banking, Insurance, and Financial Services Companies
2/8/18
By: David A. Cole
Businesses that are subject to the New York Department of Financial Services (“DFS”) cybersecurity regulations should be aware of upcoming compliance deadlines. Don’t be fooled—these regulations may apply to your business even if you’re not located …
Enhanced Privacy and Data Security Law on Tap for North Carolina
2/8/18
By: Paul H. Derrick
A bi-partisan privacy and data security bill will soon be rolled out in North Carolina, and its impact will be significant. North Carolina Attorney General Josh Stein and State Representative Jason Saine are co-authoring “The Act …
HBd BTC!
1/3/18
By: Daniel C. Walsh
Happy 9th Birthday to bitcoin (“BTC”), easily one of the most controversial topics of 2017 that will surely continue to inspire debate through 2018. Nine years ago today, the very first block on the bitcoin …
What Does Your Video Watching Behavior Say About You?
12/18/17
By: Jonathan Romvary
A federal court recently determined that the sharing of an individual’s device identification number and the videos watched does not violate federal privacy laws. In Eichenberger v. ESPN, Inc. , 2017 BL 427074, 9th Cir., No. 15-35449 …
From the CFPB: 9 Principles for Safer Third-Party Access to Financial Data
11/2/17
By: Zach Moura
The Consumer Financial Protection Bureau (CFPB) is a federal agency that was created to ensure consumer protection in the financial sector. On October 18, it released a set of nine principles intended to help protect consumers who …