Photo of James Brennan

James Brennan

CPW’s Kristin BryanScott Warren, and James Brennan will be key speakers at the Global Legal ConfEx on “GRC, Data Privacy & Cyber Security” on Thursday, November 17, 2022, in San Francisco.  

Continue Reading CPW’s Kristin Bryan, Scott Warren, and James Brennan to Speak at Conference on Data Privacy, Cybersecurity, and Governance, Risk & Compliance

Last week, the United States Court of Appeals for the Third Circuit denied rehearing en banc in a case about the application of Pennsylvania’s Wiretapping and Electronic Surveillance Control Act (“WESCA”), 18 Pa. C.S. § 5701 et seq., and issued an amended opinion to “clarify issues raised” by the defendants—an online retailer and an internet marketing company. The order leaves in place the Third Circuit’s August 2022 judgment in favor of the plaintiff consumer, which held that, dependent on further fact finding, defendants may be liable under WESCA for “intercepting” the consumer’s interactions with the retailer’s own website.

Continue Reading Third Circuit Denies Rehearing En Banc, Amends Opinion in Key Pennsylvania Wiretap Case Over Internet Third-Party Marketing

Last Friday, the Securities and Exchange Commission reopened the comment period on eleven of its pending rulemakings because of a technological error that caused the SEC not to receive all of the comments submitted during the original comment period.  One of the eleven proposals affected by the reopening is the SEC’s proposal from March

Last month, the United States Court of Appeals for the Third Circuit decided a set of consolidated appeals in Fair Credit Reporting Act (“FCRA”) actions brought by consumers against a credit reporting agency.  The consumers all alleged that a notation in their credit reports was misleading and inaccurate under the FCRA, which requires credit reporting

Thanks are owed to SPB summer associate Gabby Martin for her contributions to this article.

Last month, a Florida federal jury found in favor of a credit reporting agency (“CRA”) in a trial centering on whether the CRA took “reasonable” steps to assure the accuracy of a consumer’s credit report after a consumer dispute.  The

Last week, a California federal court held that a plaintiff lacked Article III standing to bring a putative class action in federal court for violations of the Fair and Accurate Credit Transactions Act (“FACTA”) amendments to the Fair Credit Reporting Act (“FCRA”), 15 U.S.C. § 1681 et. seq. As a result, the case was remanded back to the California state court where the plaintiff chose to file his complaint.

In Kamel v. Hibbett, Inc.No. 8:22-cv-01096-RGK-E, 2022 U.S. Dist. LEXIS 130753 (C.D. Cal. July 22, 2022), the plaintiff alleged that he made a purchase with his credit card at one of the defendants’ stores and received a receipt which contained ten digits of his credit card number. 

Continue Reading California Federal Court Grants Plaintiff’s Motion to Remand FACTA Class Action to State Court

2022 is not even halfway over, and the Securities and Exchange Commission (SEC) has already made it a banner year for the SEC’s efforts to shape cybersecurity policy.  This alert highlights this year’s cyber developments to date and the SEC’s likely future regulatory efforts in this space.

January: Chair Gensler Sets out Cyber Regulation Roadmap

Earlier this month, U.S. Securities and Exchange Commission (SEC) Chair Gary Gensler again described new cybersecurity regulations SEC staff are considering, this time in a speech before government organizations tasked with improving the security of financial sector infrastructure. In his remarks before a joint meeting of the Financial and Banking Information Infrastructure Committee (FBIIC)

As covered here at CPW, President Biden recently signed into law the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (the “Act”).  While the Act presents a plethora of issues for litigators and compliance professionals to consider, CPW has identified five key points that businesses should know about the Act:

  1. Many Critical Ambiguities

Today, as predicted here at CPW, a divided SEC voted to propose new rules that would require public companies to provide current reports of their material cybersecurity incidents and periodic disclosures about their cybersecurity policies and procedures.  Just a month after the SEC’s cybersecurity proposal for advisers and funds, the new proposed rules