The U.K. Information Commissioner’s Office reported Monday it fined the government’s Serious Fraud Office £180,000 (about $266,000) after the fraud office misplaced hundreds of sensitive files with personal information from a long-dead bribery and corruption investigation into a BAE Systems PLC arms deal with Saudi Arabia.
A New Jersey federal judge granted summary judgment Friday to a class led by City Select Auto Sales Inc. alleging a roofing company violated the Telephone Consumer Protection Act by sending junk faxes through a third-party vendor, though he withheld judgment on the company’s president.
Law360's Rising Stars recognizes attorneys under 40 who have demonstrated outstanding career accomplishments. This year, King & Spalding LLP and Sidley Austin LLP led the pack with seven Rising Stars each, followed by Gibson Dunn and Sullivan & Cromwell LLP with six Rising Stars each, and Jones Day and Kirkland & Ellis LLP with five Rising Stars apiece.
A Florida federal judge on Monday refused to dismiss a proposed class action accusing Whole Foods Market Group Inc. of violating the Fair Credit Reporting Act with its employee background check notification methods, ruling the suit alleged Whole Foods’ liability release was included in a disclosure document.
The Federal Trade Commission and Wyndham Worldwide Corp. on Friday presented their arguments to the Third Circuit over whether a federal court can hear a data security challenge brought by the agency without it first declaring that unreasonable cybersecurity practices are unfair under the FTC Act.
The European Union on Monday moved to assuage concerns about the scope of the ongoing Transatlantic Trade and Investment Partnership talks with the U.S., vowing that a final deal will not alter the government's data laws or its ability to provide public services such as health care and education.
A debt collector’s accepted then appealed offer to settle Telephone Consumer Protection Act allegations for more money than the plaintiff requested doesn’t prevent the suit from moving forward, the Eleventh Circuit ruled Friday, reversing a lower court.
At least five proposed class action lawsuits have been filed by Premera Blue Cross customers in federal court in Washington state following the health insurance company’s recent announcement of a data breach affecting about 11 million people.
A Washington federal judge on Friday tossed a proposed class action alleging P.F. Chang’s China Bistro Inc. failed to prevent a data breach that compromised customers’ personal financial data, saying there’s no indication the plaintiff has yet suffered any harm, following the nixing of a similar suit in Illinois.
The Ninth Circuit on Friday refused to revive a case accusing IMDb.com of breaching its subscriber agreement by publishing the age of an actress on her profile page, despite the plaintiff’s argument that she didn’t get a fair trial.
The telephone company that was caught up in a proposed class action alleging a Las Vegas strip club peppered consumers with spam text messages has escaped the suit via a settlement, but Sapphire Gentlemen’s Club is still on blast.
Paramount Pictures Corp. escaped a putative class action when a California federal judge ruled it hadn’t violated the Fair Credit Reporting Act by getting credit reports on current and prospective employees without providing a separate release form, according to an order issued Thursday.
The New Jersey General Assembly unanimously approved a bill Thursday 73-0 that would limit access to data from recording devices in automobiles that capture information about the driver's activity to car owners and certain qualified individuals and officials.
A British appellate court affirmed Friday that Google Inc. harmed users of Apple Inc.'s Safari browser by collecting their information without permission and selling it to advertisers, rejecting Google's claims that English courts lacked jurisdiction.
After an 11-year legal battle waged by the American Civil Liberties Union, the U.S. government will hand over photos relating to prisoner abuse in U.S. facilities in Iraq and Afghanistan following a New York federal judge’s order for their release, the U.S. Attorney’s Office said Friday.
The Australian Parliament on Thursday passed a data retention bill that will require telecommunications providers to retain certain types of metadata for two years, amid heavy criticism from opposition parties and privacy hawks that the legislation oversteps the mark by "entrenching" mass surveillance.
A Wisconsin judge on Thursday dismissed a proposed class action accusing Kohl's Corp. of violating federal law that prohibits businesses from sending unsolicited phone calls, saying the customer who brought the complaint must arbitrate her claims individually per the terms of the store credit card she signed up for.
Walgreen Co. has agreed to pay $11 million to end a class suit accusing it of violating the Telephone Consumer Protection Act by placing robocalls to customers' cellphones with prerecorded prescription reminder messages, according to documents filed Thursday in Illinois federal court.
Premera Blue Cross, one of the largest health insurers in the Pacific Northwest, was hit with a proposed class action Thursday in Washington federal court accusing it of negligence after a data breach potentially exposed the personal data of 11 million customers.
Arkansas legislation that would have allowed some employers to force workers to add them on social media accounts died in a state Senate committee on Wednesday, after it had passed the Arkansas House of Representatives by an overwhelming majority in February.
While the Federal Communications Commission's guidance in the Communications Security Reliability and Interoperability Council's report is vitally important for communications companies, it will also prove relevant for any company making use of the National Institute of Standards and Technology's Framework for Improving Critical Infrastructure Cybersecurity to help manage cybersecurity risks, say attorneys at Akin Gump Strauss Hauer & Feld LLP.
Many mediation orders state that attendees must have “full settlement authority” without providing clarity as to what that term actually means. Attendance by just outside counsel or a corporate spokesperson is not enough, even if someone else with full settlement authority is just a phone call or keystroke away, say Douglas Flaum and Kevin Broughel of Paul Hastings LLP.
For reliance material that is not admitted on the stand, consider bolstering the testimony by having the expert describe the evidence generally, but in a way that signals to the jury that the expert has a strong foundation of supporting facts and data. If done well, such testimony can open the door to admitting the evidence, say Jason McDonell and Heather Fugitt of Jones Day.
Privacy and security are closely intertwined, but securing information from outside intrusion may not provide the privacy protections you need, say Adam Solander and Patricia Wagner of Epstein Becker & Green PC.
The Connecticut Supreme Court's decision in Byrne v. Avery Center is getting a lot of attention for allowing state negligence claims based on noncompliance with Health Insurance Portability and Accountability Act standards. For health information management professionals, however, the case underscores the need to resist releasing clinical information merely on the basis of a subpoena or at the insistence of an attorney, says Susan ... (continued)
Until Congress agrees on uniform responsibilities and liabilities for data breaches, companies operating in the U.S. must traverse a patchwork of laws in 47 states and the District of Columbia. Still, firms can and should develop a written information security response plan and maintain relationships with breach response vendors, say Elizabeth Rogers and Alan Sutin of Greenberg Traurig LLP.
Although no court has fully addressed the lawfulness of employers using voice over Internet protocol services to record all employee phone calls under federal and state laws, courts will likely apply the same framework used to examine the lawfulness of traditional telephone recordings, says James McCabe of Troutman Sanders LLP.
The Centers for Medicare and Medicaid Services' dual and equivalent goals of data protection and data use promotion are to be applauded, but several concerns remain over how to effectively leverage federally sourced health data, say Jennifer Geetter and Ariane Tschumi of McDermott Will & Emery LLP.
Cybersecurity is the ultimate team sport and every person in a company — from a corporate director all the way down to an entry-level employee — needs to be aware of spear phishing, which is often the easiest route into a sophisticated computer network, say Paul Ferrillo and Randi Singer of Weil Gotshal & Manges LLP.
Insider threats may be the most grievous of threats companies face because they always come from a trusted individual. But not all trusted individuals should be subject to scrutiny all the time. Instead of creating a culture of security, it causes a culture of fear, say Thomas Ottoson and Nicholas Metzgar, founders of LemonFish Technologies LLC and former technical directors in the Office of the Director of National Intelligence.