Minding Your Business

Proskauer’s perspective on developments and trends in commercial litigation.

Category Archives: Privacy & Data Security

Subscribe to Privacy & Data Security RSS Feed

A Primer on the SHIELD Act: New York’s Move to Adopt More Stringent Data Security Requirements, Part II

What would companies need to do to comply with the law? The Stop Hacks and Improve Electronic Data Security (SHIELD) Act imposes requirements in two areas: cybersecurity and data breach notification. The cybersecurity provisions of the proposed SHIELD Act would require companies to adopt “reasonable safe-guards to protect the security, confidentiality and integrity” of private … Continue Reading

A Primer on the SHIELD Act: New York’s Move to Adopt More Stringent Data Security Requirements

In November 2017, New York Attorney General Eric Schneiderman introduced the Stop Hacks and Improve Electronic Data Security (SHIELD) Act (the “Act”) in the state’s Legislature. Companies – big and small – that collect information from New York residents should take note, as the Act could mean increased compliance costs, as well as potential enforcement … Continue Reading

Making VHS Relevant Again: The Uncertain Scope of Personal Information Protected by the Video Privacy Protection Act of 1988

The Ninth Circuit recently became the third federal appellate court to tackle what constitutes “personally identifiable information” protected by the Video Privacy Protection Act of 1988 (“VPPA”). Last year, the First Circuit and the Third Circuit propounded different standards for applying this statute, as they each grappled with the necessary leap from the age of VCRs … Continue Reading

Location, Location, Location: Microsoft Debate Over Government’s Access to Overseas Data Heads to the Supreme Court

On October 16, 2017, the Supreme Court agreed to review the Second Circuit’s decision in United States v. Microsoft Corp., a case that highlights the current tension between law enforcement needs and privacy concerns in a rapidly changing digital landscape.… Continue Reading

Concrete Enough to Stand: Ninth Circuit Upholds FCRA Claims in Spokeo

On August 15, 2017, the Ninth Circuit delivered the latest episode in the Robins v. Spokeo saga, reaffirming on remand from the Supreme Court that plaintiff Robins had alleged an injury in fact sufficient for Article III standing to bring claims under the Fair Credit Reporting Act (FCRA). Robins had brought a putative class action against … Continue Reading

Data Breach 101, Part I: Data Breach Notification Laws

In 2017, there are few words that make companies – and their counsel – shudder more than “data breach.” Recent high-profile breaches and the resulting litigation have shown that breaches can be embarrassing, harmful to a company’s brand, and extremely expensive to handle – both in terms of response costs and, potentially, damages paid to … Continue Reading

Home Depot Data Breach Derivative Suit Sent Home

Judge Thomas W. Thrash Jr. of the U.S. District Court of Georgia permanently shelved a derivative suit brought by shareholders of Home Depot. Home Depot is a multinational home improvement retailer. In September, 2014, Home Depot suffered a data breach that resulted in $192 million in net losses. This breach followed the widely publicized data … Continue Reading
LexBlog