Privacy & Security Matters Mintz Levin : Data Compliance & Security, Employee Privacy Lawyer & Attorney

Monthly Archives: October 2011

First Circuit Finds that Fraud Mitigation Costs Can Constitute Cognizable Damages, Reinstates Some Previously Dismissed Claims in Hannaford Data Breach Litigation

Posted in Data Breach Notification, Privacy Litigation

 Written by Kevin McGinty In yet another privacy class action addressing the question of whether data breach claimants have suffered legally cognizable damages, the First Circuit’s ruling in Anderson v. Hannaford Bros. Co., Nos. 10-2384, 10-2450 (1st Cir. Oct. 20, 2011), reversed the trial court’s dismissal of negligence and implied contract claims arising from… Continue Reading

SEC Guidance to Public Companies: Evaluate and Disclose Cybersecurity Risks

Posted in Class Action Litigation, Data Breach, Data Compliance & Security, Privacy Litigation

The Securities and Exchange Commission (SEC) has issued guidance to public companies with respect to disclosure relating to cybersecurity and data breach risks.    This release is from the Commission’s Division of Corporation Finance and is not a rule or regulation — but it is clear that public companies that ignore the advice in the Disclosure… Continue Reading


Posted in Children

My colleagues, Robert Delahunt, Jr. and Matthew Levitt, have authored an excellent advisory on cyberbullying that should be required reading for every parent. Cyberbullying – Talking to Your Children About Responsibility Using Social Networking and Electronic Communications

Update on Patient Information Breaches

Posted in Class Action Litigation, Data Breach, Data Breach Notification, HIPAA/HITECH

Written by Dianne Bourque Nemours Children’s Health System has reported the loss of three, unencrypted computer backup takes containing patient billing and employee payroll data.  The tapes had been stored in a locked cabinet, and were reported missing on September 8th.  It is believed that they may have been removed in early August during a… Continue Reading

Recommended Reading: Privacy Policy Paper on Online Behavioral Advertising Issues

Posted in European Union, Legislation, Online Advertising, Privacy Regulation

Most of the legislative privacy buzz this session has centered around online behavioral advertising (OBA) — along with the Federal Trade Commission’s proposal for a universal “do-not-track.” The center of discussion for U.S. legislators and regulators has been clear and conspicuous disclosure to users about OBA and to allow opt-outs.    Regulators on the EU are… Continue Reading

Privacy & Security Bits and Bytes

Posted in Uncategorized

Here are some things to ponder during the Columbus Day weekend: My colleague, Dianne Bourque, has written an interesting piece about the new Texas health information law – combine this with the expanded breach notification laws that could impose Texas-style breach notification requirements on all 50 states, and we perhaps have a glimpse into Governor… Continue Reading

Cybersecurity and privacy expert joins ML Strategies

Posted in Data Compliance & Security, Legislation, Privacy Regulation

We have a new expert in the house for cybersecurity, privacy and technology issues.  Our government relations affiliate, ML Strategies has announced a new Manager of Government Relations,  Rachel Sanford.  Before coming aboard ML Strategies, Rachel served as a Senior Consultant on privacy and cybersecurity issues at IBM.  While at IBM, Ms. Sanford was a… Continue Reading

State Data Breach Notification Laws – The Mintz Matrix

Posted in Data Breach, Data Breach Notification, Data Compliance & Security

We update the myriad of state data breach notification laws on a quarterly basis in what we fondly call the Mintz Data Breach Matrix.   Hot off the presses is the version current as of October 1, 2011.   All the usual disclaimers apply:  in the event of a multi-state data breach, the matrix is not a… Continue Reading

Court: Protections of Electronic Communications Privacy Act Extend to Non-US Citizens

Posted in Privacy Litigation

Written by Julia Siripurapu In an important ruling for Internet service providers, the U.S. Court of Appeals for the Ninth Circuit has  unanimously affirmed the ruling of a district court that the provisions of the Electronic Communications Privacy Act of 1986 (ECPA) prohibiting internet service providers from disclosing the contents of stored communications protect the U.S.-stored… Continue Reading