Data Breach

To stay up to date on the newest developments in data privacy, security and innovation, be sure to register for Team CPW’s speaking engagements in December.  Details for the events next month are available below.

December 2: Association of Corporate Counsel Just In Time CLE December 2

Ann LaFrance, Kyle Fath and Kristin Bryan

In case you missed it, below is a summary of recent posts from CPW.  Please feel free to reach out if you are interested in additional information on any of the developments covered.

US Banking Regulators Issue Final Rule Regarding Data Incident Reporting – Consumer Privacy World

Australia’s Online Privacy Bill and Privacy Act Discussion

On November 18, 2021, the Office of the Comptroller of the Currency (the “OCC”), the Board of Governors of the Federal Reserve System (the “Board”), and the Federal Deposit Insurance Corporation (the “FDIC”) issued a final rule (the “Final Rule”) that requires any financial institution subject to their respective jurisdictions to notify its primary federal

In case you missed it, below is a summary of recent posts from CPW.  Please feel free to reach out if you are interested in additional information on any of the developments covered.

Federal Court Partially Grants FTC Summary Judgment on Claims Brought Against MyLife for Alleged Privacy Violations, Awards Statutory Injunction and $34 Million

With Ransomware becoming a household term you know it’s getting bad when you uncle or aunt calls to complain about the increase in cyber-attacks. Ransomware is a lucrative cyber-attack option for hackers and rapidly becoming the weapon of choice by Threat actors.  During this session, we will explore methods and technologies to get ahead of

As covered in greater detail in an article by Bloomberg Law, “New York City’s novel mandate that apps like DoorDash share customer information with restaurants that cook the meals they deliver could help eateries devastated by Covid-19, but has set off alarm bells with privacy advocates.  Data-sharing runs counter to delivery apps’ efforts to protect

Citing “multiple unreported ramsomware attacks” targeting the healthcare sector, last month the California Attorney General (CA AG) issued guidance reminding healthcare entities of their requirements under state and federal health data privacy laws to implement adequate security measures and comply with breach notification requirements. Although the document does not provide any “new” guidance, it signals

Data ProtectionOver the past few years, there has been an increasing number of claims against businesses and public bodies for distress caused by data breaches. The pattern is, by now, a familiar one. A claimant will make a claim for breach of data protection legislation, seeking damages at a relatively low value for the distress and anxiety they say has been caused by the data breach. This claim will be accompanied by claims for one or more of: misuse of private information, breach of confidence and negligence. Added on to the damages claimed will be the legal costs of the claimant’s lawyers, together with the after-the-event (“ATE”) insurance premium for the policy the claimant will have procured to bring a privacy claim. As a result, the defendant is faced with a difficult decision – pay over the odds for a claim where the claimant has suffered no financial loss, or fight litigation with the risk of mounting costs on both sides if the decision goes against them.

Following a cyber-attack in 2017 and 2018, this is the situation that faced DSG Retail Limited (“DSG”), and which has led to an important judgment for these data breach claims, Warren v DSG Retail Ltd [2021] EWHC 2168 (QB).
Continue Reading Narrowing the Scope of Data Breach Claims? – Warren v DSG Retail Ltd

As reported on our sister blog Consumer Privacy World, Home Depot recently reached a settlement in a lawsuit related to a September 2014 data breach that affected the payment card information of nearly 40 million customers.

In addition to a financial settlement, Home Depot agreed to implement and maintain various cybersecurity protocols, including:
Continue Reading Home Depot’s Agrees to Multistate Settlement Related to 2014 Breach – The Cost: $17.5 Million and Updated Cybersecurity Requirements

Laptop Data TransferA financial institution has asked a Virginia federal court to overturn a magistrate judge’s order to disclose its forensic report, detailing its 2019 data breach.  If your company experiences a data breach, it is imperative to immediately retain outside counsel who understands the nuances of cybersecurity events and attorney work product privileges.  Here we provide the following practical takeaways:
Continue Reading Data Breach: Is Your Forensic Report Privileged?