Privacy & Security Law Blog

Privacy & Security Law Blog

Legal Commentary and Resources for the Payment Industry

Insight & Commentary on Information Management and Protection
California Attorney General Releases Breach Report with Key Findings and Recommendations for Retailers, Financial Institutions and Health Care Sectors
Posted 1 day ago

California Attorney General Kamala D. Harris has released a “California…

California Attorney General Releases Breach Report with Key Findings and Recommendations for Retaile…
Advisory Alert: CMS Reopens the Medicare Payment Adjustment Hardship Exception Application Submission Period for Certain Providers and Hospitals
Posted 1 day ago

Centers for Medicare & Medicaid Services (CMS) recently announced the reopening of…

Advisory Alert: CMS Reopens the Medicare Payment Adjustment Hardship Exception Application Submissio…
Improving Data Breach Security, from the Customer’s Wallet on Up: In Wake of Massive Breaches, It May be Time to Consider Enhancing Customer Security with Chip-Embedded Payment Cards
Posted 1 day ago

In early September, Home Depot announced that it had suffered…

Improving Data Breach Security, from the Customer’s Wallet on Up: In Wake of Massive Breaches, It Ma…
“Th-th-th-that’s All, Folks!” Federal Judge Dismisses Class Action against Cartoon Network, Finds Anonymous User IDs Don’t Qualify as Personal Information under VPPA
Posted 1 day ago

On October 8, Georgia Federal District Judge Thomas Thrash, Jr.,…

“Th-th-th-that’s All, Folks!” Federal Judge Dismisses Class Action against Cartoon Network, Finds An…
Second Circuit Adopts FCC’s Narrow Construction of “Implied” Express Consent for Autodialed Calls to Cell Phones
Posted 10 days ago

This updates our report last summer on a Federal Communications Commission (FCC) letter brief filed at the invitation of the U.S. Court of Appeals for the Second Circuit in Nigro v. Mercantile Adjustment Bureau, which observed the FCC taking a noticeably less generous view of its then-recent declaratory rulings on…

PreviousNext

Developments & Commentary

California Attorney General Releases Breach Report with Key Findings and Recommendations for Retailers, Financial Institutions and Health Care Sectors

California Attorney General Kamala D. Harris has released a “California Data Breach Report,” which presents a series of findings and recommendations based on a review of breaches reported to the Attorney General’s office in 2012 and 2013.  It should come as no surprise that breaches are on the rise, but ...

Advisory Alert: CMS Reopens the Medicare Payment Adjustment Hardship Exception Application Submission Period for Certain Providers and Hospitals

Centers for Medicare & Medicaid Services (CMS) recently announced the reopening of the submission period for hardship exception applications for eligible professionals and eligible hospitals that have been unable to fully implement 2014 Edition Certified Electronic Health Record Technology (CEHRT) due to availability delays. Qualified providers will now have until Nov. 30, ...

Improving Data Breach Security, from the Customer’s Wallet on Up: In Wake of Massive Breaches, It May be Time to Consider Enhancing Customer Security with Chip-Embedded Payment Cards

In early September, Home Depot announced that it had suffered a severe security incident, which resulted in a massive data breach that exposed the payment card information of Home Depot customers across the United States and Canada. The home improvement retailer later confirmed that the breach was the result of ...

“Th-th-th-that’s All, Folks!” Federal Judge Dismisses Class Action against Cartoon Network, Finds Anonymous User IDs Don’t Qualify as Personal Information under VPPA

On October 8, Georgia Federal District Judge Thomas Thrash, Jr., dismissed a putative class action against The Cartoon Network, Inc., where the plaintiff alleged that the animation company violated the Video Privacy Protection Act (“VPPA”) by sharing its mobile app users’ data with third parties without consent. Specifically, the plaintiff ...

Second Circuit Adopts FCC’s Narrow Construction of “Implied” Express Consent for Autodialed Calls to Cell Phones

This updates our report last summer on a Federal Communications Commission (FCC) letter brief filed at the invitation of the U.S. Court of Appeals for the Second Circuit in Nigro v. Mercantile Adjustment Bureau, which observed the FCC taking a noticeably less generous view of its then-recent declaratory rulings on ...

Resources & Updates

FACTA Class Actions

In the July 2014 issues of The Review of Banking & Financial Services, DWT payments team members Burt Braverman and Micah Ratner wrote about the truncation requirement of FACTA, which has spawned a wave of class action litigation with potentially ruinous damages for “willful” violations. The authors describe the court rulings ...

FTC Releases 2014 Privacy and Data Security Update, Touting Its Efforts and Achievements in Protecting Consumer Privacy

Last week, the Federal Trade Commission (FTC) released its 2014 Privacy and Data Security Update, summarizing the FTC’s major enforcement actions, policy initiatives, rules, reports, workshops, and outreach efforts in the privacy and data security arenas from approximately January 2013 until March 2014. In the 2014 Update, the FTC underscores ...

Department of Energy Invites Cybersecurity Comments

In a Federal Register notice to be officially published Friday, June 20, 2014, the Department of Energy (DOE) is inviting public participation in its efforts to develop a guidance document entitled “Energy Sector Framework Implementation Guidance.” The term “Framework” references the Framework for Improving Critical Infrastructure Cybersecurity which was released ...

Government Officials Continue to Reference NIST Framework

On Thursday, June 12, 2014, while delivering remarks on cybersecurity at the American Enterprise Institute in Washington, D.C., Federal Communications Commission Chairman Tom Wheeler challenged businesses to be more proactive in addressing increasingly prevalent threats to their cybersecurity, urging them to embrace a “new paradigm” in which the private sector ...

UPDATE on Breslow v. Wells Fargo – Same as the Old Boss: Eleventh Circuit Withdraws Opinion Just Four Days Later, But to Little Practical Effect

Just a few days ago, we reported on the Eleventh Circuit’s decision in Breslow v. Wells Fargo, which reaffirmed precedent that strict liability can arise in autodialer, prerecorded-message and texting suits under the Telephone Consumer Protection Act (TCPA), if a caller or texter obtained consent from the intended recipient, but ...