Privacy & Security Matters Mintz Levin : Data Compliance & Security, Employee Privacy Lawyer & Attorney

Monthly Archives: January 2014

Federal IT Acquisition Policy Recommendations Focus on Cybersecurity

Posted in Cybersecurity, Data Compliance & Security

The Department of Defense and the General Services Administration, which together spend more than $500 billion annually on information technology, have released a joint report to the White House recommending steps to upgrade the cybersecurity requirements of acquisitions of information technology and services throughout the federal government.  These recommendations will affect not only suppliers to… Continue Reading

New Timeline for Adoption of Definitive EU Data Protection Regulation

Posted in European Union, Legislation, Privacy Regulation

Written by Susan Foster, Solicitor England & Wales/Admitted in California (LONDON) The European Commission announced yesterday that it is working towards a revised timeline for the adoption of a definitive Data Protection Regulation by the end of 2014. While Commissioner Viviane Reding’s press release about finalizing the Regulation by the end of 2014 has been… Continue Reading

Data Privacy Day 2014

Posted in Uncategorized

The “observance” of Data Privacy Day annually on January began in 2008.     The National Cyber Security Alliance (NCSA) will be kicking off today’s events with a live stream of its press conference in Washington, DC.   You can access the stream at the NCSA’s Facebook page here. Data privacy — and data security —… Continue Reading

Retailers Ask FCC to Clarify that Text Message Responses Are OK

Posted in Privacy Regulation, Uncategorized

Written by Ernest C. Cooper Should retailers be required to obtain written consent before sending a consumer a text message with information or a coupon that was specifically requested?  The Retail Industry Leaders Association (RILA) thinks not, and has filed a petition asking the Federal Communications Commission to clarify that sending a one-time text message… Continue Reading

Damages Issues Again Thwart the Bulk of Plaintiffs’ Claims in the PlayStation Network Data Breach Class Action

Posted in Class Action Litigation, Data Breach

Written by Kevin McGinty In the latest chapter in the Sony PlayStation Network (“PSN”) data breach saga, a decision that issued on January 21, 2014 permanently dismissed all but a handful of the class action claims advanced in a 51 count complaint.  Plaintiffs, representing a putative nationwide class of PSN users, asserted dozens of state… Continue Reading

Look North, Marketers – Canadian Anti-Spam Law is Coming

Posted in Data Compliance & Security, Privacy Regulation

Written by Cynthia Larose The US CAN-SPAM Act is old hat for marketers in the US.    But it is time to revisit email marketing compliance programs if you send email north of the US border.  Canada’s anti-spam law (known as “CASL”) has been debated for years but is finally coming into effect.   Industry Canada released its… Continue Reading

To 8-K, or not to 8-K? For Target, that is indeed the question.

Posted in Data Breach, Data Breach Notification

Written by Adam Veness and Cynthia Larose As anyone with a pulse and a computer, television or carrier pigeon knows, Target Corporation (NYSE: TGT) suffered a major data breach in December – the extent of which is still being uncovered – and pegs the latest number of customers that have had their personal information stolen anywhere… Continue Reading

BREAKING NEWS: FTC Announces Major Settlement with Apple

Posted in Children, Federal Trade Commission

Written by Julia Siripurapu and Cynthia Larose Apple Agrees to Pay Consumers At Least $32.5 Million to Settle Complaint of Unfair Billing Related to Children’s In-App Charges FTC Chairwoman Edith Ramirez just announced (press conference) that Apple, Inc. (“Apple”) has agreed to provide consumers full refunds of at least  $32.5 Million Dollars to settle the… Continue Reading

Privacy Monday – January 13, 2014

Posted in Privacy Monday

These are busy times in the data privacy/security world. If Misery Loves Company, Target Has Friends Target was not the only target of data thieves this holiday season.  Reports over the weekend revealed that Neiman Marcus was attacked – during the same relative time period.    Details regarding number of affected cards were not available.   Other… Continue Reading

The Number of The Day: 70 Million (at least)

Posted in Data Breach, Data Breach Notification

The Target data breach story keeps getting worse.   The December pre-Christmas disclosure was the theft of up to 40 million Target shoppers’ credit and debit card information in what appeared to have been a hack of the Target point-of-sale system that allowed the thieves to swipe magnetic card data as customers checked out.  … Continue Reading

COPPA: New Year, New Requests to FTC For Investigation of Violations

Posted in Children, Federal Trade Commission, Privacy Regulation

Written by Julia Siripurapu As we predicted in our prior blog post reviewing the key children’s privacy developments of the past year, 2014 is turning out to be the year of enforcement of children’s privacy regulations! The first two requests for investigation under the Amended COPPA Rule have been filed with the FTC by the Center… Continue Reading

Social Media for Financial Institutions – Final Guidance

Posted in Privacy Regulation, Uncategorized

Written by Amy Malone At the end of 2013,  the Federal Financial Institutions Examination Council (FFIEC) became the latest regulator to weigh in on social media and offered their final social media guidance.  The proposed regulation was released last January (mentioned in our post here.) The final guidance is much like the original proposal with… Continue Reading

COPPA: “Knowledge-Based Authentication” Method Approved by Federal Trade Commission

Posted in Children, Federal Trade Commission

Written by Julia Siripurapu The FTC has announced (press release) that it has unanimously approved the knowledge-based authentication method proposed by Imperium, LLC (“Imperium”) as a COPPA-compliant method of obtaining verifiable parental consent (“VPC”). Knowledge-based authentication has been used by entities in the financial services industry to authenticate users for several years. For more information… Continue Reading

Happy 2014!

Posted in Data Breach

After a brief hiatus for the holidays and our “12 Days of Privacy” series, we are back. We have had a series of late year — and new year — data breaches in the news.   These latest incidents should prompt New Year’s resolutions to undertake risk assessments and internal reviews of data security practices… Continue Reading