Recently the state of New Mexico enacted the Data Breach Notification Act, making it the 48th state in the United States to enact a statute requiring notice to individuals impacted by a data breach. In doing so, New Mexico follows some trends we’ve been predicting at the state level. These trends include covering encrypted data … Continue reading
By Bill Butler In August 2016, the Federal Trade Commission (“FTC”) addressed the effect of the Cybersecurity Framework (“NIST Framework”) issued by the National Institute of Standards and Technology on FTC enforcement actions under Section 5 of the FTC Act. While there have been few enforcement actions to gauge the actual impact of the NIST … Continue reading
We don’t see a lot of data breach litigation here in the Fourth Circuit, so it is notable that the Fourth Circuit Court of Appeals issued an opinion recently that weighs in on the standing debate (For more on the debate: Constitutional Standing Provides Fertile Battleground In Data Breach Litigation). In Beck v. McDonald, the plaintiffs in … Continue reading
By Tandy Mathis, Elena Mitchell, and Mindy Vervais Did you know that if you’ve taken a New York City taxi since 2009, your pick-up and drop-off locations were recorded and published (through June of 2016) on the internet for anyone to find? Now, New York City officials want ride-sharing companies like Uber and Lyft to start … Continue reading
Saturday January 28, 2017 is Data Privacy Day. The Moore & Van Allen Privacy and Data Security group took a break from the pre-holiday revelries to put together some thoughts and tips for DataPoints. So hoist a glass and enjoy this read, and try not to ponder too long the irony that Data Privacy Day … Continue reading
By Leslie Pedernales A professional football team clinches their playoff spot in an upset game, then hits the locker room for a celebration and an inspirational pep talk from their winning coach. The perfect application for livestreaming, one might think. Opening a window into this mysterious world for all the rest of us to see and … Continue reading
A common and understandable concern of companies that suffer a data breach is whether the victims can sue the company. It is tempting to assume that the victims won’t sue if they do not suffer identity theft or monetary loss through misuse of the data. Not all victims, or courts, agree. As a result, standing, … Continue reading
On November 10th, the Eleventh Circuit Court of Appeals handed an embarrassing defeat to the Federal Trade Commission and an early Christmas present to LabMD, Inc. in the ongoing David and Goliath battle between the government agency and the new-defunct clinical lab.
By Leslie Pedernales The upcoming presidential election between two larger-than-life characters, each capable of stirring intense emotional reactions from both sides, is sure to produce some spirited debate around the water cooler this fall. Many employees mistakenly assume that their expression of political speech (including nonverbal expression such as buttons or signs) is protected by … Continue reading
On August 1, 2016, the U.S. Department of Commerce began accepting self-certification applications for the new EU-U.S. Privacy Shield Framework. In the month that has followed over 100 companies (including Microsoft, Oracle and Salesforce, among others) have self-certified that they are in compliance with the EU-U.S. Privacy Shield.