Eighty-one percent of health care executives say their organizations have been compromised by at least one cyberattack during the past two years, and a little more than half feel they're adequately prepared to prevent attacks, according to a recent study by KPMG LLP.
A public employee’s work-related texts sent on a private cellphone while working are public records subject to disclosure, the Washington Supreme Court ruled Thursday, ordering a county prosecutor to produce text messages in response to a records request.
The California Supreme Court declined on Wednesday to respond to a question certified by the Ninth Circuit to clarify whether retailers in the state can request customers’ personal information because a state appellate has already ruled they can.
The Associated Press on Thursday hit the U.S. Department of Justice with a suit in D.C. federal court over the FBI’s failure to respond to a Freedom of Information request seeking information on the bureau’s creation of a fake AP story to trick a suspect into downloading surveillance software.
A former Ohio Assistant Attorney General was publicly reprimanded by the state's Supreme Court on Wednesday for looking up confidential information about people either she or her friends were dating in a private government agency database during her time in office.
Against the backdrop of a data breach affecting 4.5 million University of California Los Angeles Health System patients, the system’s privacy officer took the stand Wednesday in a suit brought by a woman whose ex-boyfriend accessed her medical records, facing questions about why available security measures weren’t used.
A federal Texas judge on Tuesday recommended dismissing a proposed class action accusing a former Florida-based marketing company of violating privacy laws by using personal information from motor vehicle records in Texas and Florida, saying the plaintiffs didn’t show how the Lone Star State had jurisdiction.
Litigation over the Ashley Madison data breach continues to mount as the extramarital dating site was hit with another putative class action in Alabama federal court on Wednesday that claims it failed to protect its customers' data or promptly alert them of the July hack that made 37 million members’ information public.
The Ninth Circuit on Tuesday largely upheld the convictions of former “private eye to the stars” Anthony Pellicano and his client, once-prominent attorney Terry Christensen, for conspiracy and illegal wiretapping of the enemies of Pellicano’s high-powered Hollywood clients, but overturned two computer fraud convictions for Pellicano.
Illinois Gov. Bruce Rauner has vetoed a data breach notification bill that would have updated the state’s laws protecting personal information to include consumer marketing data and geolocation information, saying the measure went too far.
A man claiming he is one of nearly 4 million Americans whose personal information was stolen in a cyberattack on Medical Informatics Engineering Inc. told the U.S. Judicial Panel on Multidistrict Litigation on Tuesday that claims against the company should be consolidated in Kansas, not California as another plaintiff had requested.
The U.S. Department of Defense unveiled new interim data breach notification reporting rules Wednesday for government contractors and subcontractors who have certain defense information passing through their information systems.
Rapper 50 Cent's attorneys on Tuesday urged a Connecticut bankruptcy judge to block the woman who successfully sued him for posting a sex tape online from obtaining additional information about his finances, painting her as a vengeful litigant out to further punish the entertainer.
In its quarterly earnings statement filed with the Securities and Exchange Commission on Tuesday, Target Corp. said the agency’s Enforcement Division does not intend to recommend enforcement action related to the 2013 data breach in which hackers stole payment card data of more than 40 million customers.
The Fifth Circuit on Tuesday upheld a Texas federal judge's decision to force several independent retail pharmacies to arbitrate their racketeering and trade secrets claims against CVS Caremark Corp. over the drug store giant's use of their customers' information, citing its own decision in a similar case last year.
Anonymous secret-sharing app maker WhisperText LLC urged a California federal judge on Tuesday to throw out a proposed class action that accuses the company of violating the Telephone Consumer Protection Act, arguing that text message invitations can only be sent through the app with the user’s permission.
The U.S. Department of Defense released an interim rule Tuesday tightening contractor requirements for cloud computing as well as reporting cyberhacks in response to recent high-profile attacks on servers possessing sensitive DOD personnel information.
A former deputy chief of the federal cybercrime unit at the U.S. Attorney's Office in the Eastern District of Virginia has joined Edelson PC in Chicago as a partner, where he will lead the firm's complex trial team.
A proposed class accusing the IRS of failing to prevent a massive data breach that affected some 330,000 taxpayers will face an uphill battle in adequately convincing the D.C. federal court that they suffered tangible damages, according to experts.
Sony Pictures Entertainment Inc. told a California federal judge on Monday that former employees suing it over a data breach related to its 2014 James Franco-Seth Rogen vehicle “The Interview” should be denied class certification because after nearly nine months, none of the named plaintiffs has been a victim of fraud.
Many of the issues facing health care companies under the Telephone Consumer Protection Act are similar to other industries — consent and the scope of that consent, reassigned numbers, opt-outs and large potential exposure to statutory damages. However, the Federal Communications Commission's recent TCPA order also holds a new exemption for the health care industry, say attorneys at Sutherland Asbill & Brennan LLP.
A subpoena from the Federal Trade Commission can be unnerving and may appear daunting in the scope of its requests. Negotiations with the FTC regarding scope of discovery, time frames and even format of production can assist in reducing the burden for companies, say Julie Flaming and Katie Smith of Nelson Mullins Riley & Scarborough LLP.
As the sophistication of cyber incidents increases and the security of government-protected data gains ever heightened stance, it is key that we continue to develop stronger regulations and protections. The U.S. Department of Defense interim rule relating to DOD-contracted cloud computing services is a good next step — but it is only a step on an undoubtedly long road, says Lawrence Prosen of Thompson Hine LLP.
The Third Circuit's analysis in Federal Trade Commission v. Wyndham Worldwide Corp. of applicable standards for Section 5 enforcement under the Federal Trade Commission Act and the court's discussion of specific shortcomings in Wyndham’s security safeguards create a road map for companies to assess their own practices in the face of mounting cybersecurity threats and clear affirmation of the FTC’s regulatory authority, say Tracy Mi... (continued)
The Texas Relationship Privacy Act — effective Sept. 1 — provides new relief for revenge porn victims and may help dissuade revenge pornographers’ mischief. Despite its strong language, however, this new law is not a panacea. The challenge in these cases, as in many Internet defamation cases, is to identify the wrongdoer, says Pierre Grosdidier of Haynes and Boone LLP.
Animal Legal Defense Fund v. Otter should be a cautionary warning to states beyond Idaho considering agricultural gag laws, especially since some legislatures were already wary of First Amendment challenges. Though ag gag laws have failed in several states, it is likely more legislatures will consider them given the growing scrutiny over factory farms, says the University of Montana's Stacey Gordon, secretary of the board for the H... (continued)
If Donald Sterling had come to me with the privacy lawsuit that he recently filed against TMZ Productions Inc. and V. Stiviano, I would have sent the beleaguered former Clippers owner off to the locker room, says Neville Johnson, a founding partner of Johnson & Johnson LLP.
Savvy franchisors can adopt certain strategies to ensure reasonable levels of data security by their franchisees, to maintain some level of protection from liability in the case of data breach of a franchisee system, and to retain effective control over the response to a breach, say Gavin George and Marc Legrand of Haynes and Boone LLP.
Nondisclosure or confidentiality agreements are usually based on a trusty template and executed quickly with very little discussion. But in light of heightened sensitivity around confidential information as well as the recent trend toward increased scrutiny of privacy law practices, parties in an M&A transaction must think beyond the “standard” template, say Glynna Christian and Nikki Mondschein of Kaye Scholer LLP.
It is the better part of judicial restraint for courts to defer currently to local privacy rules in cases like the Microsoft Ireland one. Leave it to lawmakers to decide whether and where U.S. prosecutors should be able to reach such user data stored overseas, without unduly tying Congress’ hands with constitutionalized privacy rules that might or might not apply in all cases, says Nathan Newman, director of the nonprofit Data Justice.