Data Breach

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

Privacy Challenges for Digital Advertising, Particularly in Europe

The Online Safety Act: Does this present a difficult balancing act for

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

Two Significant AI Announcements:  Spooky for AI Developers? | Privacy World

Last Chance to Register for In-Person CLE: The Important

On October 27th, the Federal Trade Commission (the “FTC”) announced that it approved an amendment to the Safeguards Rule promulgated under the federal Gramm-Leach-Bliley Act (the “Safeguards Rule”) requiring non-bank financial institutions subject to the FTC’s jurisdiction to report to the FTC data breaches affecting 500 or more people (the “Amendment”). 

The Safeguards Rule requires

Data breaches are an all-too-familiar issue, affecting businesses of all sizes and across all industries. Beyond dealing with the operational and reputational impacts and other resulting fallouts of a data breach, businesses also face enhanced class action litigation risk.

A recent high-profile case serves as a valuable reminder that companies should consider reliance upon a well-established mechanism of mitigating class action litigation risk. In In re Marriott International, Inc., Consumer Data Security Breach Litig., 78 F.4th 677 (4th Cir. 2023), the Fourth Circuit Court of Appeals reversed the district court’s certification order in a data breach class action dispute due to the effect of a class action waiver signed by all putative class members. The Marriott decision demonstrates how class action waivers can be utilized as a core strategy for mitigating heightened data breach litigation risks.Continue Reading Recent Marriott Data Breach Class Action Decision Underscores the Importance of Class Action Waivers

According to the 2023 ACC CLO Survey, legal teams are facing unique and growing data-related challenges in this ever-changing regulatory and threat landscape. Data requirements for privacy and compliance continue to become more complex and confusing and the risk of resulting litigation continues to rise.

Team SPB will partner with Exterro, a leading e-discovery

On April 19th, New York’s Attorney General, Letitia James, released a document titled, “Protecting consumer’s personal information: Tips for businesses to keep data safe and secure” (the “guide”), a resource to help businesses adopt effective data security measures. It draws on the Office of the Attorney General’s (“OAG”) experience investigating and prosecuting cybersecurity breaches,

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

Data Retention and Minimization, The Elephant in the Room | Privacy World

Orders to Progress Complaints – No Backdoor Appeal

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

UNSUBSCRIBED! — FTC Proposes Substantial Amendments to the Negative Option Rule to Cover all Autorenewals, including B2B Services, and Add

Privacy World’s Kristin Bryan recently caught up with finance industry resource CFO Dive on the Blackbaud Securities and Exchange Commission (SEC) settlement. The settlement, which stems from a 2020 ransomware attack that impacted more than 13,000 customers, offers public companies a warning for weak breach protocols as well as insight into the coming SEC cyber

Last week, on March 15, 2023, the U.S. Securities and Exchange Commission (“SEC” or “Commission”) continued its aggressive push to regulate the cybersecurity of entities in the financial services sector, proposing three rules affecting a variety of SEC-regulated entities, including broker-dealers, investment companies, and investment advisers, as we covered here on Privacy World.  These