Georgia High Court to Rule on Damages Required for Data Breach Claims
9/3/19
By: Amy Bender
The Georgia Supreme Court soon will weigh in on the ongoing debate within the courts of when individuals may bring claims based on data breaches involving their personal information when they have not suffered any actual financial …
Breaking – Eleventh Circuit Holds No TCPA Standing For Receipt of Single Unsolicited Text Message
8/29/19
By: Matthew Foree
In Salcedo v. Alex Hanna, the U.S. Court of Appeals for the Eleventh Circuit has just issued a major decision holding that receipt of a single unsolicited text message does not establish standing under the Telephone Consumer …
Connecticut and Delaware Enact New Data Security Laws for the Insurance Industry
8/8/19
By: Ben N. Dunlap
Connecticut and Delaware have enacted new laws imposing data security obligations on the insurance industry, joining New York, South Carolina, Ohio, Michigan, and Mississippi.
Connecticut’s Insurance Data Security Law, signed by the Governor on July 26, …
Malware Incident in Philly Court that Downed Online Filing Highlights Concerns for Court Systems and Legal Community in the Future
7/11/19
By: Justin Boron
It’s back-to-normal for tech-dependent, legal professionals in the Philadelphia legal community. After a month with no access to online filing due to a malware incident in Philadelphia Court of Common Pleas, attorneys like me—who never knew a …
The Standing Requirement Remains an Open Question But Still a Valid Defense to Cyber Claims
6/26/19
By: Jeff Alitz
In litigation proceeding in the Federal Courts, it has always been necessary for a successful plaintiff to in some manner establish that the harm sought to be remedied by a federal lawsuit falls within the authority of …
Currently pending in the Massachusetts legislature is Bill S.120 entitled “An Act Relative to Consumer Data Privacy”
4/25/19
By: Eric Martignetti
The proposed bill defines “personal information” as “information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or the consumer’s device.” “Personal information” …
Massachusetts' Will-o'-the-WISP
4/24/19
By: Zach Moura
Massachusetts revised its data breach notification law, effective April 10, 2019, to change the minimum standards for what companies should include in a Written Information Security Plan, or WISP. Companies that experience a data breach incident must …
SEC Issues Risk Alert Regarding Broker-Dealers and Investment Advisers’ Privacy Practices and Compliance with Regulation S-P
4/22/19
By: Jennifer Lee
On April 16, 2019, the U.S. Securities and Exchange Commission (“SEC”) issued a Risk Alert summarizing the findings from the examinations of broker-dealers and investment advisers’ privacy practices and compliance with Regulation S-P.
Regulation S-P, 17 C.F.R. …
Largest Jury Verdict in TCPA History: Defendant Faces $925 Million in Damages
4/18/19
By: Jennifer Lee
On Friday, April 12, 2019, a federal jury in Oregon rendered a verdict in a certified class action that could leave ViSalus, Inc. on the hook for $925 million for making more than 1.85 million unsolicited robocalls …
SEC Holds Public Forum as Part of Increasing Efforts to Regulate Digital Assets, Cryptocurrency Exchanges, and ICOs
3/28/19
By: Jennifer Lee
The Securities and Exchange Commission will be hosting a public forum on distributed ledger technology and digital assets in Washington DC on May 31, 2019. This is a part of the SEC’s increasing efforts to regulate cryptocurrency …
Bold New Changes to Massachusetts' Data Breach Notification Law
3/15/19
By: Michael Kouskoutis
Effective April 11, 2019, Massachusetts’ data breach notification law will compel notifying entities to follow several additional and unprecedented requirements when responding to a data breach.
First, the notifying entity must report to the state’s Attorney General …
What Constitutes a Reasonable and Defensible Process?
2/27/19
By: John Goselin
Society has coalesced around the general principle that businesses, governments or individuals in possession of personal confidential information (whether medical or financial) or personal identifiable information have a duty to protect that information from cyber bad guys …