A Kansas federal court on Monday sentenced a Wisconsin man who admitted to taking part in a cyberattack against Koch Industries Inc. that was organized by the hacking group Anonymous to two years probation and ordered him to pay the company the costs of responding to the breach.
A lawsuit filed Friday in Florida federal court accuses the city of Miami Gardens, its mayor and its police department of repeated civil rights violations for allegedly unconstitutional and abusive practices including stop-and-frisk searches, arrests and prosecutions targeting primarily young, black men.
The agency that enforces privacy provisions of the Health Insurance Portability and Accountability Act hasn’t performed required audits of how corporations handle patient information and failed to guarantee the security of its own records, according to an inspector general’s report released Wednesday.
The Texas Department of Insurance on Wednesday proposed rules subjecting individuals who provide public outreach and advice about the Affordable Care Act to criminal and financial screenings and prohibiting them from dispensing advice on specific insurance plans, the latest state to brand federal standards covering the so-called navigators inadequate.
A New York City woman who claims Macy's Inc. falsely accused her of shoplifting cannot convert her case into a class action because such incidents, which have attracted the attention of state law enforcement officials, differ too widely from each other, a state judge ruled Wednesday.
Maxum Indemnity Co. told an Illinois federal judge on Tuesday that it had no duty to indemnify a $6 million fax-blast settlement, arguing the claims in the underlying class action weren't for coverage-triggering privacy violations, but rather were property damage claims.
European Union privacy regulators on Wednesday pushed for the adoption of a sweeping data-protection reform proposal before the May 2014 parliamentary elections, as EU justice ministers prepare to meet Friday to hold discussions that will likely determine if the deadline can be met.
The women who make partner have already established themselves as superstars, but many of the men who make partner are viewed as "future superstars." Men are given the benefit of the doubt more so than women, says Lisa Sotto, managing partner of Hunton & Williams LLP's New York office and head of the firm's privacy practice.
A California federal judge on Tuesday axed for the second time a proposed class action accusing Google Inc. of violating privacy laws by aggregating users’ data across its platforms, but gave the plaintiffs one more chance to fix their complaint.
A California federal judge refused Tuesday to release outdoor gear retailer Sierra Trading Post Inc. from a putative class action accusing it of covertly wiretapping calls to and from its representatives, ruling that recorded customer service calls don’t fall under an exemption to the state Privacy Act.
The National Telecommunications and Information Administration said Tuesday that it has selected the commercial use of facial recognition technology as the next topic for industry groups, privacy advocates and others to tackle as part of a White House-led effort to craft voluntary privacy codes of conduct.
The Federal Trade Commission said Monday it will soon hold a series of seminars to probe the privacy implications of issues ranging from mobile device tracking to the security of consumer health data, a move attorneys say advances the commission's hotly contested bid to establish itself as the leading authority on privacy matters.
Federal Trade Commission chairwoman Edith Ramirez on Tuesday defended the FTC's decision to approve the massive $29.1 billion merger of Express Scripts Inc. and Medco Health Solutions Inc. but told Congress the antitrust agency would monitor further consolidation of the pharmacy benefits management market.
The Second Circuit on Tuesday revived a proposed Telephone Consumer Protection Act class action against an energy supply firm, ruling that a U.S. Supreme Court decision from January 2012 allows such suits to be brought in New York federal court.
Munger Tolles & Olson LLP said Tuesday it has beefed up its privacy and data security, investigations and trade and cross-border disputes practice areas with the addition of the last U.S. ambassador to Australia, who returned to the firm after four years abroad.
New York regulators have expanded their investigation into illegal payday loans by issuing subpoenas to 16 Internet-based companies they say may be ensnaring consumers in fraud schemes by marketing illegal financing agreements and subjecting them to privacy breaches, the Cuomo administration said Tuesday.
The Federal Trade Commission on Monday unveiled a spring 2014 agenda aimed at tackling emerging consumer privacy issues, revealing an increased agency focus on mobile device tracking, predictive behavioral modeling practices and the security of consumer health information.
Sen. Ed Markey, D-Mass., on Monday continued his privacy crusade against the expanding domain of drones, this time taking aim at Amazon.com Inc. founder Jeffrey Bezos' controversial announcement Sunday that the online retail giant may use drones to deliver packages.
Google Inc. has violated Dutch data protection law by failing to give consumers adequate notice or to obtain proper consent before combining their personal data from various Google services to create detailed data profiles, the country’s privacy regulator said Thursday.
The European Commission last week pushed for the tightening of transparency and oversight mechanisms in the safe harbor agreement that governs the transfer of data between the U.S. and European Union, a move attorneys say will prompt U.S. regulators to step up their scrutiny of the way multinational companies handle users' data.
A Georgia federal court recently ruled in Metro Brokers Inc. v. Transportation Insurance Co. that an all-risk insurance policy did not provide coverage for online fraudulent withdrawals from the company’s bank account. This decision offers guidance as to how a court may treat a policyholder’s claim under a traditional all-risk policy and the effect of broad computer fraud exclusions, says James Kitces at Robins Kaplan Miller & Ciresi LLP.
Given the dim prospects for enactment of comprehensive cybersecurity legislation in the current political environment, the U.S. Department of Defense's new requirements for contractors are an important part of the Obama administration’s efforts to use the government’s procurement power and existing regulatory authorities to increase the cybersecurity of the companies on which the U.S. government relies, say attorneys with Arnold & Porter LLP.
What is the thinking as to whether leaky air conditioner cases warrant multidistrict litigation treatment? On Dec. 5, the Judicial Panel on Multidistrict Litigation heads to Vegas to find out. This will bring a temperature shift in more ways than one from the September hearing, where the panel considered a potential MDL proceeding arising from allegedly defective clothes dryers, says Alan Rothman of Kaye Scholer LLP.
With federal agencies’ increased focus on data breaches, hospitality organizations don’t want to be the last to know how their protected data is being compromised. Even collaborative efforts with agencies such as the FBI to address cybersecurity threats could lead to increased scrutiny and bad reputation among patrons, say Alaap Shah and Marshall Jackson of Epstein Becker & Green PC.
A recent California appeals court decision provides a benchmark for plaintiffs to plead and prove claims under the California Medical Information Act that is consistent with prior nonhealth-care decisions. Plaintiffs must do more than plead mere loss of data, say attorneys with Morrison & Foerster LLP.
The flagship federal website HealthCare.gov has reportedly been subject to 16 potential website breaches. However, HealthCare.gov is only one piece of the website and data network designed to facilitate health plan enrollment under the Affordable Care Act. And, as it turns out, the state-level exchanges may be of greater concern, say David Tolley and Timothy McCrystal of Ropes & Gray LLP.
The New York State Department of Financial Services is “requiring” about 200 banks “to answer questions in real time on Dec. 12 to assess their cybersecurity policies and processes.” But the DFS will not necessarily learn anything new from the Web-based, real-time surveys, nor is that the stated intent, say Ronald Sarachan and Zoe Wilhelm of Drinker Biddle & Reath LLP.
A fierce debate has now emerged over whether the phrase "exceeds authorized access" in the Computer Fraud and Abuse Act applies to violations of internal computer use policies. With circuits lining up on both sides of the argument, it appears that this issue may be ripe for a decision by the U.S. Supreme Court, say Brandon Krajewski and Steven Berryman of Quarles & Brady LLP.
Although the U.S. Department of Defense's recently issued final rule addressing how DOD contractors and subcontractors must safeguard unclassified technical information on their corporate information systems narrows a 2011 proposed rule, it still has wide applicability to private sector information systems where DOD technical information is stored or transmitted, say attorneys with WilmerHale.
Organizations that handle personal information have an overwhelming need to screen out untrustworthy job applicants. However, a legislative trend aimed at reintegrating millions of ex-offenders into the workforce has picked up so much steam that this practice is now illegal in some jurisdictions, forcing employers to rethink whether they should ask the question at all, says Philip Gordon of Littler Mendelson PC.