Privacy & Security Law Blog

Privacy & Security Law Blog

Legal Commentary and Resources for the Payment Industry

Insight & Commentary on Information Management and Protection

Monthly Archives: September 2005

California Court Orders Discovery To Determine Whether Visa and MasterCard Fall Under California’s Data Breach Notification Statute

Posted in Litigation, Policy and Regulatory Positioning

Posted by Min Lee San Francisco Superior Court Judge Richard Kramer has ordered Visa and MasterCard to disclose the nature of their relationship with CardSystems, the payment processor whose computer systems were breached sometime between August 2004 and May of this year, exposing about 40 million credit and debit accounts to potential abuse. The Judge … Continue Reading

The Federal Government Updates its Guide to Federal Privacy Act — and Its Free!

Posted in Policy and Regulatory Positioning

Posted by Tom Burke

Said to be “one of the most widely read congressional committee reports in history,” this manual explains how to use the federal Freedom of Information Act and the federal Privacy Act of 1974 to request records from the federal government. It includes practical forms. One of the most useful items the federal government publ… Continue Reading

Stalemate in the Battle to Protect Against Internet Credit Card Fraud

Posted in Cyber and National Security, Data Protection

Posted by Peter Mucklestone and Stuart Louie

High ranking security experts at both Visa USA Inc. and MasterCard International Inc., two of the world’s largest credit-card associations, have suggested that the struggle to protect against the fraudulent use of credit card and accountholder information has reached a stalemate, and those tasked wi… Continue Reading

California Court Rules that Personal Notification Not Required in CardSystems Data Breach Case

Posted in Data Protection, Policy and Regulatory Positioning

Posted by K.M. Das

In one of the first tests of the notice provisions of California’s data breach statute ‚Äî Senate Bill 1386 (codified at California Civil Code ¬ß 1798.82) ‚Äî San Francisco Superior Court Judge Richard Kramer ruled that Visa and MasterCard do not have to send individual notices to thousands of their customers in Californi… Continue Reading

Credit Reporting Companies to Use Coordinated Encryption Standard

Posted in Cyber and National Security

Posted by Lance Koonce

Equifax, Experian and TransUnion announced today that they will each adopt a single standard for protection of data provided to them by financial institutions and merchants, in order to protect the massive quantity of sensitive data that the three companies maintain. Published reports on the coordinated effort state that it will i… Continue Reading

Court of Appeals Suspends Injunction Lifting Gag Order in National Security Letter Case

Posted in Cyber and National Security

Posted by Randy Gainer The Hartford Courant reports that The Second Circuit has stayed temporarily the injunction issued by U.S. District Court Judge Janet C. Hall granting a Connecticut library’s motion to enjoin the government from enforcing a gag order permitted under the Patriot Act in conncection with National Security Letters. Prior repor… Continue Reading

Cops get ChoicePoint Data?

Posted in Cyber and National Security, Data Protection, Marketing and Consumer Privacy

SiliconValley.com reports that a Miami-Dade County police officer has been relieved of duty and is under investigation for allegedly obtaining unauthorized access to Social Security numbers and other personal data on 4,689 people maintained by ChoicePoint Inc. The company reported that the Secret Service was investigating the matter — at this … Continue Reading

Judge Roberts’ Views on Government Searches & Privacy of Records Issues Are Unknown

Posted in Marketing and Consumer Privacy

Judge Roberts’ impressive performance answering the questions of Senate Judiciary Committee members has left little doubt that he will be confirmed as the next Chief Justice. As one commentator noted, “The only real question about his prospects, it appears, is how many votes he will get from the Democratic senators.”

Much attention … Continue Reading

Wireless Provider Sues Telemarketing Firms

Posted in Litigation, Marketing and Consumer Privacy, Policy and Regulatory Positioning

What can a wireless provider do to stop telemarketers from illegally soliciting their customers? By bringing suit against the telemarking firms for an injunction and monetary damages in the Superior Court in Sacramento, CA and the Superior Court in Somerville, NJ, Verizon Wireless claims that it is “standing up once again for customer privacy rig… Continue Reading

Caveat Inventor

Posted in Marketing and Consumer Privacy

Note to all US patent holders: pay your maintenance fees if you value the privacy of your financial information. A recent investigative report (Patent Office Rules Allow Simple Access to Tax, Financial Data, 108 Tax Notes 1079 (Sept. 5, 2005)) reveals that patent holders who fall behind on fee payments with the U.S. Patent and Trademark Office (PTO), and th… Continue Reading

What Does Sarbanes-Oxley Have To Do With Information Security?

Posted in Cyber and National Security, Policy and Regulatory Positioning

Although it has a high profile in corporate America, the Sarbanes-Oxley Act has not been at the center of discussions about the need for corporations to adopt appropriate information security measures. However, a recent article in the August 29th, 2005 issue of the National Law Journal by well-known Chicago trade secrets lawyer R. Mark Halligan persuasi… Continue Reading