Illinois Supreme Court Shifts BIPA Landscape with 5-Year Limitations Period Applicable to All Claims
2/7/23
By Pat Eckler, Amy Frantz, Glenn Klinger, Michael Sanders, and Jonathan Schwartz
Finding all claims under Illinois’ Biometric Information Privacy Act, 740 ILCS 14/1 (“BIPA”), subject to a five-year statute of limitations, the Illinois Supreme Court’s …
FCC Proposes new reporting rules for the telecom sector in response to increased data breaches
1/26/23
By Courtney M. Knight
On January 6, 2023, the Federal Communications Commission (“FCC”) proposed new rules for data breach reporting in the telecommunications industry.
The Notice of Proposed Rulemaking recognizes that “[i]n the telecommunications industry, the public has suffered an …
ChatGPT: Has Artificial Intelligence Finally Defeated Alan Turing?
1/24/23
By Alexia Roney
The year 2022 is the year of AI chatbot. News stories touted Meta’s chatbot Cicero when it defeated human players on the online game Diplomacy without tipping off its computer-generated origin. Media such as Scientific American published …
Geotracking Regulatory Trend is Expanding to Employers
1/17/23
By: Justin Boron
You probably already know that your apps know where you were last night. But did you know that employers might too?
It is all but accepted that our geolocations are being tracked, which is part and parcel …
Five States Set to Expand Data Privacy Rights in 2023
1/4/23
By: Amy C. Bender
As the landscape of data privacy regulation is ever-changing, five U.S. state statutes (in California, Virginia, Colorado, Connecticut, and Utah), passed to enhance the privacy rights of consumers in their respective states, go into effect in …
FTX’s collapse and the push for centralized regulation of digital assets in the U.S.
11/18/22
By: Luke Zavoli
In 2019, Sam Bankman-Fried launched FTX, a cryptocurrency exchange backed by marquee investors, and in three years, grew FTX into the third largest cryptocurrency exchange – valued at $32 billion. This past Friday, November 11, 2022, FTX …
ALL ABOARD: TSA ISSUES NEW SECURITY DIRECTIVE TO TRACK CYBERSECURITY EFFORTS BY THE RAIL INDUSTRY
10/25/22
By: Nicholas Jajko and Nicholas Hubner
SECURITY DIRECTIVE: 1580/82-2022-01
EFFECTIVE DATE: October 24, 2022
Working with the Cybersecurity and Infrastructure Security Agency (“CISA”), TSA issued a new Security Directive to protect against malicious cyber-intrusions affecting the nation’s railroads …
3rd Circuit finds data leaked on dark web “shaming” site inferred a “substantial risk” of imminent harm
9/13/22
By: Nicholas Jajko
The litigation battleground in class actions arising out of data breaches is almost always fought on Article III standing. Before any discovery is exchanged or fact depositions take place, claimants must allege they have standing to sue …
It’s Time to Makeup For Your Wrongs: California’s AG Declares First CCPA Enforcement Action Against Mega Retailer Sephora
9/1/22
By: Julia Bover
On August 24, 2022, California Attorney General Rob Bonta issued the first-ever enforcement action under the California Consumer Privacy Act (“CCPA”) against cosmetics retail chain Sephora.
The CCPA was signed into law in 2018 and went into …
Cyber insurance experiencing ‘Future Shock’
8/4/22
By: Barry M. Miller and Elisabeth Gentile
The idea of “Future Shock”—that an accelerated pace of change causes social and psychological disruptions—dates from Alvin Toffler’s 1970 book of the same name. As it copes with the mutable nature of cyber …
Elon Musk’s planned purchase of Twitter reignites questions of open source code security
4/29/22
By: Alexia Roney
On April 25, 2022, Elon Musk sealed the deal to buy Twitter, Inc., for $44 billion. Among the changes to the platform, Musk has floated making the algorithm that prioritizes tweets “open source,” so the public could …
Congress Imposes New 72-Hour Reporting Requirement for Cyber Security Incidents
3/28/22
By: David Cole and Heather Kuhn
President Biden’s promise to prioritize cybersecurity this year is beginning to take shape. On March 15, 2022, President Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act (“Cyber Incident Reporting Act”). …