Perspectives on Privacy, Data Protection & Data Security

At its monthly Open Meeting on October 27, the Federal Communications Commission adopted, but has not yet released, new privacy rules requiring retail broadband providers to offer consumers more choice over how their personal information is used.

While autonomous car technology currently dominates privacy and security headlines in the automotive sector, cybersecurity should be top of mind for all players in our industry, including retail automotive dealerships.

Cybersecurity and data intrustions have dominated business headlines this year, ranging from the rise of ransomware to international hacking of US political parties.

The enactment of new Federal Aviation Administration (FAA) regulations governing unmanned aircraft systems – or “drones” – has companies and consumers alike dreaming of the stuff of science fiction, but if the new regulations are any indication, the FAA is in no rush to see those dreams become reali

The Supreme Court case involving Spokeo and Thomas Robins, a consumer whose information was included in the search engine’s reports, highlights the limitations to a consumer’s ability to enforce their rights under the Fair Credit Reporting Act (FCRA).

This survey focuses on the data breach notification statutes of the states and territories within the US, and should be a useful tool and guide for data security planning and response purposes.

The Federal Trade Commission recently asserted its data security authority in two recent back-to-back enforcement actions, only a day apart from each other.

On June 24, 2016, the non-profit Catholic Health Care Services of the Archdiocese of Philadelphia (CHCS) agreed to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule with the U.S. Department of Health and Human Services (HHS).

Ransomware is old news – it has been around at least since 1989 – but it has only now started to attract widespread attention.

The GDPR lays out requirements for organizations that process EU residents’ data and generally provides people increased control over their personal data.

After months of negotiations, it’s official: the EU-US Privacy Shield has been formally approved on both sides of the Atlantic, by the EU Commission and the US Commerce Department, despite concerns surrounding the adequacy of its earlier version.

Recent reports indicate that advertising fraud is not only increasing but is now being run by groups alongside otherwise legitimate advertising businesses. 

On Monday, July 11, 2016, the Office for Civil Rights (OCR) released a fact sheet with guidance for covered entities and business associates on HIPAA and ransomware.

Mobile advertising company InMobi, whose advertising network reaches more than one billion devices worldwide through thousands of apps, has settled with the Federal Trade Commission over charges that it “deceptively tracked” the locations of hundreds of millions of consumers without their knowledge

In St. Paul Mercury Insurance Company v. Tessera, Inc., the federal court held that a lawsuit against an insured alleging a breach of a license agreement did not constitute a violation of an intellectual property right.

Data breaches continue to complicate the interpretation and understanding of commercial insurance policies. But even as courts confront thorny questions presented by cyber security policies, they continue to rely on long-standing principles of insurance and contract law.

Consumer advocate groups—Public Knowledge, Consumer Watchdog, Center for Digital Democracy, Consumer Action, TURN-The Utility Reform Network and Consumer Federation of America—recently filed a complaint with the Federal Trade Commission and a petition with the Federal Communications Commission agai

From automated cars, syncing software, to wearable devices that interact with a vehicle, it is clear that our time in the car is under an era of rapid change.

A German data protection regulator reportedly fined 3 companies—Adobe Systems, Punica, and Unilever—a total of 28,000 euros ($32,000) for continuing to rely on the Safe Harbor framework.

On May 25, 2016, the White House released its much anticipated Data Security Policy Principles and Framework (Security Framework) for President Obama’s Precision Medicine Initiative (PMI).

The concept of standing – that a plaintiff must have suffered a concrete injury in order to bring a lawsuit – is a bedrock legal principle. But, like so many other fundamental legal concepts, the rise and importance of the internet and digital commerce has consistently complicated its application.

On Monday, the US Supreme Court sent a potential class action case back to the Ninth Circuit for reconsideration, marking an intermediary win for Spokeo Inc., which uses a “people search engine” to find, compile, and sell publicly available personal information.