Data Breach

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

Biden Budget Proposal Advances AI Priorities | Privacy World

US Regulators Lift the Curtain on Data Practices With Assessment, Reporting

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

In Narrow Vote California Moves Next Generation Privacy Regs Forward | Privacy World

EDPB Versus Ireland? Does the Opinion on

Earlier this fall, the Fourth Circuit vacated the district court’s class certification order in the Marriott data breach MDL because of the potential applicability of a class action waiver defense. See In re Marriott Int’l Consumer Data Security Breach Litig., 78 F.4th 677 (4th Cir. 2023). Our post on this decision can be found here. On remand, the district court took little time to conclude that Marriott had waived the class action waiver in the Choice of Law and Venue provision of the putative class members’ contracts and that regardless “the adhesive provision, buried on the last page of the Terms cannot direct this Court to ignore the provisions of Rule 23 of the Federal Rules of Civil Procedure.”  In re Marriott Int’l Consumer Data Security Breach Litig., 2023 WL 8247865 (D. Md. Nov. 29, 2023). The district court thus reinstated the classes as earlier certified.Continue Reading District Court Quickly Reinstates Class Certification in Marriott Data Breach Litigation

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

FCC Acts to Protect Consumer Data by Strengthening Customer Proprietary Network Information and Number Porting Rules | Privacy World

Considering

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

India Welcomes Landmark Data Protection Law | Privacy World

Join Us Live in Washington DC on September 19: Avoiding Litigation

On June 7, 2023, New Zealand’s Office of the Privacy Commissioner (OPC) issued a statement [1] encouraging all businesses to adopt two-factor authentication (2FA) to protect information that they hold. In her remarks, Deputy Commissioner Liz MacPherson highlighted that this should be the case regardless of the size of the organisation. She referenced the OPC’s latest small businesses insights report, and opined that:

“When a cyber… breach occurs, the question [that will be asked] … is ‘have you taken reasonable cybersecurity steps to protect the personal data you hold?’ Not to have taken reasonable steps is a breach of the Privacy Act… What is reasonable depends on the size of the organisation and the scale and sensitivity of the personal information they hold.
Continue Reading New Zealand Urges All Businesses To Adopt 2FA

This week a federal court in the Southern District of New York dismissed a privacy litigation brought against a website operator for claims under the federal Video Privacy Protection Act (“VPPA”), holding the allegation that plaintiffs had electronically subscribed to defendant’s newsletter was not sufficient for them to qualify as “subscribers” under the VPPA.  Carter v. Scripps Network LLC, Case No. 1:22-cv-02031 (S.D.N.Y.)

As Privacy World has previously covered, dozens of website operators have been named as defendants recently in putative class actions, with claims also being filed in arbitration, for alleged violation of the VPPA.  In many circumstances, plaintiff in such cases allege that the defendant improperly disclosed their video viewing history to social media companies for advertising purposes.  Because this ruling limits the scope of claims that can be brought under the VPPA and is persuasive authority in other pending cases, it will likely be relied upon by defendants going forward.Continue Reading Federal Court Dismisses Privacy Claims Brought Against Website Operator, Finding Online Subscriptions for Electronic Newsletter Insufficient To Impose Liability Under Federal Video Privacy Protection Act

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

Divided SEC Proposes Slew of Cybersecurity Regulations for Securities Market Entities | Privacy World

Utah’s Social Media Regulation Act Signed

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

2023 State Privacy Laws and Regulations Bring Extensive Data Protection Assessment Requirements | Privacy World

Priority Topics for French CNIL