• September 27, 2016

    DOJ's National Security Head To Step Down, Agency Says

    John P. Carlin, the head of the U.S. Department of Justice’s National Security Division who oversaw handling of terrorism cases ranging from the Boston Marathon bombing to the recent explosions in New York and New Jersey, will be stepping down from his position effective Oct. 15, the agency said Tuesday.

  • September 27, 2016

    Facebook Can't Collect WhatsApp Data: German Regulator

    A German data protection regulator on Tuesday ordered Facebook to stop using and immediately destroy any data on German users that it had obtained from its subsidiary WhatsApp, saying that the new data-sharing arrangement flies in the face of the duo's earlier promises to keep the information separate.

  • September 27, 2016

    FTC Heads Face Senate Scrutiny Over Data Security Approach

    The heads of the Federal Trade Commission on Tuesday defended their recent decision to continue to press data security claims in a case where no consumers suffered financial harm, although they did push U.S. Senate lawmakers for additional powers to close gaps in their ability to regulate privacy issues.

  • September 27, 2016

    Hartford, Cincinnati Beat Doc's TCPA Coverage Bid

    A Missouri federal judge has ruled that a Hartford unit and Cincinnati insurance Co. don't have to defend a Chicago-area medical office against proposed class claims that it violated the Telephone Consumer Protection Act by sending unsolicited faxes, saying the underlying allegations fall squarely within TCPA exclusions in the insurers' policies.

  • September 27, 2016

    Insurers Say Cancer Center On Its Own In Data Breach Suits

    Charter Oak Fire Insurance Co. and Travelers Property Casualty Co. of America asked a Florida federal court Monday to rule that they have no duty to defend 21st Century Oncology cancer centers in suits stemming from a September 2015 data breach that affected nearly 2 million clients.

  • September 27, 2016

    Commerce Secretary Wants To Talk About Cyber Threats

    U.S. Secretary of Commerce Penny Pritzker wants business and government to talk more candidly about cybersecurity threats by making it easier for companies and institutions to acknowledge emerging cyber attacks without being reprimanded, the commerce secretary said on Tuesday.

  • September 27, 2016

    Viacom Says It Told Parents Truth About Child Tracking

    Viacom Inc. asked for summary judgment Monday in a putative class action over Nickelodeon’s alleged internet tracking of children under 13, telling a New Jersey federal court there's no evidence to support claims that Viacom misled parents as to its privacy practices.

  • September 27, 2016

    Groups Blast 'Intrusive' TSA Body Scanner Rule At DC Circ.

    The Competitive Enterprise Institute and the Electronic Privacy Information Center both told the D.C. Circuit on Monday that the Transportation Security Administration's recent final rule on airport body scanners downplays the technology's intrusiveness and has actually heightened travel risks by inducing people to drive instead of fly.

  • September 27, 2016

    Nationwide Asks 6th Circ. To Rethink Hacking Suit Revival

    Nationwide Mutual Insurance Co. asked the Sixth Circuit on Monday to rethink its ruling that revived a putative class action over a 2012 data breach, saying the panel majority's decision conflicts with past circuit and high court rulings.

  • September 27, 2016

    Sens. Demand Answers From Yahoo Chief On Breach

    Six U.S. senators demanded Tuesday that Yahoo chief Marissa Mayer share her plans for preventing another data breach like the 500-million-account hack disclosed last week and brief them on any warnings received from U.S. officials during the two years the intrusion went unrevealed.

  • September 27, 2016

    2nd Circ. Won't Take NYC GPS Taxi Ruling For Another Ride

    The Second Circuit on Monday refused to reconsider its recent ruling that a cab driver couldn’t assert a Fourth Amendment challenge to New York City’s mandate that all taxicabs be equipped with GPS tracking devices because he didn’t have a protectable privacy or property interest in any particular cab.

  • September 27, 2016

    Coca-Cola Fights Ex-Worker's Data Breach Certification Bid

    Coca-Cola Co. hit back at a former employee’s bid to certify class in a suit accusing the company of exposing him and fellow staff to identity theft after several dozen company laptops were stolen, telling a Pennsylvania federal judge on Monday the ex-worker has not defined a common class.

  • September 27, 2016

    Canadian Regulators Target Cybersecurity Disclosures

    Canadian securities regulators plan to increase scrutiny of public companies’ cybersecurity disclosures, saying Tuesday that threats have grown significantly since the body first provided guidance in 2013, but many issuers continue to release boilerplate or skimpy disclosures.

  • September 27, 2016

    Whistleblower Says Feds Based Sprint Probe On His Suit

    A former federal prosecutor-turned-whistleblower again told the Ninth Circuit on Monday that new evidence points to the government's “effective intervention” in his dismissed suit accusing AT&T, Sprint and other telecoms of overcharging the government for wiretapping services, despite Sprint's arguments otherwise.

  • September 27, 2016

    Consumer Reports Publisher Presses To Nix Data-Selling Suit

    The publisher of Consumer Reports magazine continued its push to dismiss class allegations that the company violated Michigan privacy law by selling a reader's subscription data, reiterating to a New York federal court Monday that no actual injury was suffered.

  • September 27, 2016

    Hacker Admits To Looting Nude Photos In Celebrity Scandal

    A Chicago-based hacker on Tuesday pled guilty to using a phishing scam to gain access to the email and online photo storage accounts of at least 30 celebrities, telling an Illinois federal judge that he specifically targeted the movie stars whose nude photos leaked in 2014.

  • September 27, 2016

    T-Mobile Says Consumer Lacks Standing Under Spokeo

    T-Mobile USA Inc. urged a California federal judge Monday to toss a proposed class action accusing the company of running credit checks without permission, contending that a consumer lacks standing under the U.S. Supreme Court’s landmark Spokeo ruling because he doesn’t show a concrete injury.

  • September 26, 2016

    Clinton, Trump Pledge Hard Line On Fighting Cyberattacks

    Presidential candidates Hillary Clinton and Donald Trump on Monday vowed to combat cyberattacks that have plagued private companies and the federal government in recent years, with Clinton demanding action be taken against suspected state hackers like Russia and Trump pushing for the U.S. to regain control of the internet.

  • September 26, 2016

    HHS Health Info Protection Rules, Oversight Are Lacking: GAO

    The U.S. Department of Health and Human Services needs to improve its security and privacy guidance and oversight, the U.S. Government Accountability Office said in a report released Monday, saying the steps the agency has taken to protect health information don’t go far enough.

  • September 26, 2016

    Consumers Seek Class Cert. In Kohl's Autodial Suit

    A man accusing Kohl's of using an autodialing system to spam call customers asked an Illinois federal judge on Monday to certify a proposed class of tens of thousands of fellow mobile phone users.

Expert Analysis

  • Why Have Lawyers Forgotten About The Middle Class?


    Sorry, fellow lawyers, judges and legislators, but the jig is up. It’s time to show the public the cards up our sleeves and give them a chance to weigh in on the fairness of a system that touches so many aspects of their everyday lives, says Chas Rampenthal, general counsel of LegalZoom.

  • Small-Breach Focus Shows Growing Scope Of HIPAA Probes

    Joanna Bergmann

    Flexing more enforcement muscle, the U.S. Department of Health and Human Services recently announced it will more widely investigate breaches of protected health information affecting fewer than 500 individuals. As a result, health care providers and other covered entities and their business associates should expect an uptick in the volume of enforcement actions triggered by small-scale breaches, say attorneys with Ropes & Gray LLP.

  • You Don’t Need A Data Breach To Face Regulatory Scrutiny

    Kim Peretti

    One side effect of the rise in bug bounty programs, and disclosures by security researchers and others, is a commensurate increase in publicly known security vulnerabilities that can lead to increased scrutiny from regulators and the plaintiffs bar, says Kim Peretti, co-leader of Alston & Bird LLP's cybersecurity preparedness and response team.

  • 9th Circ. Limits CDA Immunity From Failure-To Warn-Cases

    Tyler Newby

    Although the Ninth Circuit's recent opinion in Beckman v. is unpublished, it creates a potentially troubling gap in the Communications Decency Act immunity protecting online services from suits based on the conduct of their users, say Tyler Newby and Hanley Chew of Fenwick & West LLP.

  • OPINION: Trump Wrong But Stop-And-Frisk Still Constitutional

    Katherine A. Macfarlane

    Republican presidential candidate Donald Trump said he would reduce crime in black communities by implementing stop-and-frisk practices nationwide, claiming that they worked “incredibly well” in New York. It's almost too easy to point out why he is wrong, but criticism that stop-and-frisk is unconstitutional misses its mark. The practice was legitimized 50 years ago by the U.S. Supreme Court, says Katherine Macfarlane, a professor ... (continued)

  • Wearable Device Data As Evidence In Employment Cases

    Karla Grossenbacher

    Wearable device data may be the next big thing in the world of evidence for employment cases. Given the nature of the information captured, it is easy to see how this type of data may be relevant to claims of disability discrimination, workers’ compensation and even harassment, say Karla Grossenbacher and Selyn Hong of Seyfarth Shaw LLP.

  • How Tribes Can Avoid Gambling With Casino Patrons' Data

    Erica J. Dominitz

    While all organizations, regardless of size, are vulnerable to data breaches, casinos are particularly attractive targets for cybercriminals for obvious reasons. Erica Dominitz and Venus Prince of Kilpatrick Townsend & Stockton LLP outline the steps that casinos should take in order to secure adequate cyberinsurance and protect themselves from cyberlosses.

  • FTC's Indirectly Set Standard For Mobile Location Tracking

    Mark Sableman

    The Federal Trade Commission recently rebuked the mobile app company InMobi for sneakily tracking the locations of app users who did not consent to revealing their location. This case of indirect geolocation determination and indirect misleading of mobile app users has indirectly set broad new responsibilities for app providers, ad networks and analytic firms, says Mark Sableman of Thompson Coburn LLP.

  • Overhauling Law Firm Records Departments For A New Reality

    Raymond Fashola

    As automation increases, so do business challenges that impact overall law firm operations. Records departments are facing roadblocks associated with antiquated processes, ever-changing regulatory requirements, and emerging technologies. As a result, firms are reassessing the needs of their records department staffing models, says Raymond Fashola of HBR Consulting.

  • New York Sets Uncomfortable Cybersecurity Precedent

    Brian E. Finch

    New York's recently proposed cybersecurity regulations for financial institutions are very broad and expose senior officers and board members to all manner of penalties. One can expect that other states will follow with similar regulations, says Brian Finch, co-chairman of Pillsbury Winthrop Shaw Pittman LLP's privacy practice.