Data Privacy Posts
Data Breach Class Action Case Dismissed Against Barnes & Noble
A federal judge in Illinois dismissed the class action lawsuit filed against Barnes & Noble stemming from a data breach in 2013. The breach occurred when credit and debit card PIN pads were compromised at 63 Barnes & Noble stores.
Security Vulnerabilities: You Don’t Need a Breach to Face Regulatory Scrutiny
Those who track newsworthy data breaches and other cybersecurity incidents know what type of fallout to expect from these events. Class action lawsuits from consumers, shareholders and financial institutions are now not an exception, but are increasingly becoming expected.
Bill Proposes Tax Incentives For Data Breach Insurance
On September 14, 2016, U.S. Representative Ed Perlmutter introduced the “Data Breach Insurance Act,” which would incentivize private industry to enhance its cybersecurity posture by providing federal income tax credits.
J&J Warns Patients of Cybersecurity Risk Involving Insulin Pump
Johnson & Johnson recently warned its patients in a letter that it has been notified that the OneTouch Ping Insulin Pump System has a cybersecurity issue involving the possibility of a third party gaining unauthorized access to the pump.
6th Circuit Finds Breach Victims’ Heightened Risk of Harm Establishes Standing
The Sixth Circuit has made it easier for victims of a data breach to proceed in court. In a case involving alleged victims of a data breach at Nationwide Mutual Insurance Company, the appellate court ruled that fear of future harm following a data breach is sufficient to establish Article III standing.
What You Need To Know About Tennessee’s Data Breach Notification Law
On July 1, 2016, important changes to Tennessee’s data breach notification law went into effect, which concerns all employers. Tennessee removed the encryption safe harbor, requires notice for employee data breach incidents, and changes when organizations must send notices to affected individuals. Here’s what you need to know.
NJ Moves Forward With Shopper Privacy Bill
On September 15, 2016, the New Jersey Senate unanimously approved a bill that seeks to limit retailers’ ability to collect and use personal data contained on consumers’ driver and non-driver identification cards.
Consumer Protection in an Era of Big Data Analytics
For most of human history, the idea that machines would evolve to the point that they would assist humans in decision-making was the stuff of science fiction. Science fiction writers have long been of two minds about what might happen to humans if machines could actually “think.” One vision was decidedly Utopian.
NYDFS Proposes Cybersecurity Requirements for Financial Services Companies
On September 9, 2016, the New York Department of Financial Services (NYDFS) proposed a long-awaited regulation setting out cybersecurity requirements for financial services companies, including any company authorized to operate pursuant to a “license, registration, charter, certificate, permit, accreditation or similar authorization” under the insurance law.