The U.S. General Services Administration has awarded 61 companies a place on the latest iteration of its Alliant multiaward information technology services contract, a massive deal worth up to $50 billion, it announced Monday.
Car rental company Avis has agreed to pay about $2.7 million to resolve Fair Credit Reporting Act claims that it improperly acquired and used background checks to reject job applications, according to documents filed in New Jersey federal court on Friday.
Planned Parenthood failed to properly fight off a free speech challenge to its suit over secretly recorded videos purporting to show the improper sale of fetal tissue, anti-abortion activists told a Ninth Circuit panel Friday, saying a lower court erred in finding in favor of the health care provider.
A slew of tech experts and civil rights groups are raising the alarm over the Trump administration's proposed “extreme vetting initiative” for immigrants, sending letters to the Department of Homeland Security on Thursday arguing the program would likely be discriminatory.
A California federal judge on Friday tossed for the third and final time sprawling multidistrict litigation accusing Facebook of unlawfully tracking users' browsing activity after they signed off, ruling that plaintiffs had failed to identify an actual contract that prohibited the social media site's behavior.
A former executive at Virginia Commerce Bank and Fulton Bank who admitted to forging signatures and stealing identities to get millions of dollars in loans and other financing approved has been ordered to serve 6 1/2 years in prison, the U.S. Attorney’s Office for the Eastern District of Virginia said Friday.
Crowell & Moring LLP has picked up Orrick Herrington & Sutcliffe LLP’s leading cybersecurity and data privacy attorney, who has experience representing major tech companies including Facebook and Microsoft, to serve as a partner in its San Francisco office.
Senate Minority Whip Dick Durbin, D-Ill., ranking member of the immigration subcommittee, and 19 other Senate Democrats sent a letter Thursday to Secretary of Homeland Security nominee Kirstjen Nielsen asking if she’d advocate for legislation that protects young immigrants living in the country illegally from deportation.
The Hanover Insurance Co. doesn't have to defend Innovak International Inc. in a proposed class action claiming the information technology company failed to prevent a 2016 data breach that compromised users' personal information, a Florida federal judge ruled Friday, saying coverage doesn't exist because the data wasn't allegedly published by Innovak.
House Energy and Commerce Committee leaders on Friday dialed up the heat on Equifax over a massive data breach that compromised 145.5 million Americans' personal and financial records, demanding more answers to questions related to the software vulnerability that was exploited, the credit bureau's response to the incident and a potential second compromise in mid-October.
A pair of senior House Democrats urged President Donald Trump Friday to reverse a U.S. Department of Defense policy to classify previously public information on the performance and strength of Afghanistan’s armed forces, saying it will harm the ability of Congress to properly oversee U.S. operations in Afghanistan.
A New Jersey federal judge granted class certification Thursday in litigation alleging that Avis secretly charged car renters for an electronic toll-payment service, noting that the requirements were clearly met by the class of nearly 18 million people united by common questions surrounding whether the fees were properly disclosed.
Google urged a California federal judge Friday to permanently stop enforcement of an order from Canada’s highest court that would compel the tech titan to scrub worldwide searches of results from a company accused of selling products containing stolen trade secrets.
The Financial Conduct Authority warned banks and insurance firms on Friday that they will still face regulatory punishment for cybersecurity failures in their supply chain and that outsourcing compliance is not a credible defense.
Forever 21 customers who swiped their payment cards between March and October at certain retail locations that weren’t using encryption and tokenization methods that the company rolled out two years ago may have had their personal information compromised in a recently discovered data breach, the apparel retailer said Tuesday.
Federal regulators have so-called initial coin offerings — cryptocurrency fundraising methods that have ballooned in popularity — squarely in their sights, the head of the U.S. Securities and Exchange Commission said Thursday.
A California federal judge on Thursday preliminarily approved a deal settling putative class claims for 8,313 car dealership customers accusing the business and its marketer of violating the Telephone Consumer Protection Act, an agreement reached after the case was revived based on a recent Ninth Circuit ruling.
The Seventh Circuit agreed Thursday with a lower court's decision that the claims of class members are no longer tolled once a suit is dismissed with prejudice, confirming that an Illinois motorist's proposed privacy class action claims against a Chicago suburb were time-barred.
Armstrong Teasdale attorneys for a proposed class of Jeep owners suing Fiat Chrysler over hacking concerns on Wednesday escaped sanctions that had been imposed on them for revealing confidential information, when the Illinois federal judge overseeing the suit found a magistrate judge lacked authority to level the penalties.
AO Kaspersky Lab in a Thursday report fleshed out its recent admission that it had uploaded purportedly classified information and hacking software from a National Security Agency worker’s personal computer, continuing to argue that the upload was inadvertent and happened because the computer appeared to be compromised by “malware."
The mutual fund industry has expressed concerns about troves of new data being filed on EDGAR starting in June 2018 as part of the U.S. Securities and Exchange Commission’s new reporting requirements. The recent disclosure of an SEC breach perfectly illustrates those concerns and adds to the clamor to delay or revise the requirements, says Jeanette Turner, managing director and chief regulatory officer at Advise Technologies.
Recent rulings from a New York federal court in Wey and the D.C. Circuit in Griffith represent a serious pushback to government efforts to write boundless warrants and to seize phones and computers without a sufficiently particularized showing of probable cause, say Henry Hockeimer and Thomas Burke of Ballard Spahr LLP.
Chairman Jay Clayton of the U.S. Securities and Exchange Commission recently made the surprising announcement that the SEC’s EDGAR database had been hacked. The chairman’s statement and subsequent testimony leave a number of critical questions unanswered, says Scott Kimpel of Hunton & Williams LLP.
The prosecution of Martin Shkreli reveals some important lessons about the Fourth Amendment protections against search and seizure in the digital corporate context: Physical access to documents on a server may trump actual ownership of records, say Claire Johnson and Douglas Young of Farella Braun & Martel LLP.
In the wake of the Equifax data breach, consumer lenders can reasonably expect to see a significant increase in the number of loan applications where a credit report contains a fraud alert or where the report is unavailable due to a security freeze. It's important to understand the laws that apply when evaluating such applications, says consumer financial services attorney Jonathan Joshua.
The Second Circuit's decision last week in Katz v. Donna Karan is significant in that it permits parties to introduce extrinsic evidence in statutory violation cases when the district court is making a determination on standing, say Hanley Chew and Tyler Newby of Fenwick & West LLP.
Combining the strict verbiage of the Defense Federal Acquisition Regulation Supplement cyber regulations with the comprehensive nature of the National Institute of Standards and Technology "controlled unclassified information" requirements creates a formidable compliance challenge for any contractor and its subcontractors, says Steven Snyder of Smith Moore Leatherwood LLP.
As European regulators are still producing guidance on the General Data Protection Regulation and member states are still adopting related legislation, it is unclear how to prepare for the GDPR in relation to some issues. For other issues, however, companies can confidently act now. Privacy statements are a great example, says Glory Francke of Davis Wright Tremaine LLP.
There is no dispute about the importance of protecting patient information, and health care providers are spending significant portions of their precious resources to comply with the rigorous requirements of the Health Insurance Portability and Accountability Act. But there is one group that has received a pass when it comes to protecting patient privacy, say Steve Sozio and Katie Miler Schilling of Jones Day.
We know internet-of-things devices are unsecure. Some say they are likely to remain unsecure. But given the increasing risk and seriousness of IoT-based attacks, manufacturers should take proactive measures to bring to market IoT devices that contain standard security protocols, says Aristedes Mahairas, special agent-in-charge of the FBI’s New York Special Operations/Cyber Division.