Earlier this year, we reported on the potential breeding ground for litigation under Illinois’ Biometric Information Privacy Act (“BIPA”). A recent decision from an Illinois state appellate panel on the different limitations periods that apply to BIPA provides guidance for companies faced with a BIPA lawsuit and the arguments they can make on a motion … Continue Reading
In the recent and significant Warren v DSG Retail Ltd [2021] EWHC 2168 (QB) decision the High Court in England clarified the limited circumstances in which claims for breach of confidence, misuse of private information and the tort of negligence might be advanced by individuals for compensation for distress relating to a cyber-security breach where the proposed … Continue Reading
A previous blog post discussed FTC Chairwoman Slaughter’s first priority as the newly designated chairwoman – the COVID-19 pandemic. The FTC’s second priority, racial equity, can be broken down into two sub issues. First, the FTC plans to investigate biased and discriminatory algorithms that target vulnerable communities. As the FTC acknowledges, the analysis of data … Continue Reading
On January 21, 2021, President Biden designated Federal Trade Commission (the “FTC”) Commissioner Rebecca Kelly Slaughter as acting chair of the FTC. Soon thereafter in one of her first speeches in her new role, Chairwoman Slaughter announced two substantive areas of priority for the FTC – the COVID-19 pandemic and racial equity. Read the full … Continue Reading
On February 4, 2021, the Eleventh Circuit affirmed the dismissal of a customer’s proposed class action lawsuit against a Florida-based fast-food chain, PDQ, over a data breach. The three-judge panel rejected the argument that an increased risk of identity theft was a concrete injury sufficient to confer Article III standing, deepening a circuit split on … Continue Reading
New York City apartment living can spawn interesting legal disputes when neighbors fail to resolve their grievances amicably and resort to the courts. Sometimes these disputes bring fanfare as well as opportunities to observe traditional rules of law in action. A recent decision in the ongoing dispute between actor Justin Theroux and his neighbors (Theroux … Continue Reading
As reported last week, a state-sponsored hacker may have breached multiple U.S. government networks through a widely-used software product offered by SolarWinds. The compromised product helps organizations manage their networks, servers and networked devices. The product is not only used by government agencies, but is widely used in both the public and private sectors. Whether or … Continue Reading
On November 25, 2020, a shareholder of First American Financial Corporation (“First American”) filed suit against the company and its officers and directors over a massive data security breach that exposed hundreds of millions of sensitive customer records. The shareholder derivative action, filed by Norman Hollett in Delaware federal court, alleges breaches of fiduciary duties, unjust … Continue Reading
A cyber breach can have serious legal, financial, and reputational consequences for a company, as described in our previous post. As such, cybersecurity threats must be treated as business risks, not just a potential IT problem. Senior management at a company should take the lead to ensure that the company is taking appropriate actions to … Continue Reading
As we previously reported, the Magistrate Judge in In re: Capital One Customer Data Security Breach Litigation, found that a forensic report that Capital One had claimed was protected by the privilege and work product doctrines needed to be produced because Capital One had not met its burden under the dual-purpose doctrine to show that … Continue Reading
Proskauer’s Vice-Chair of the Litigation Department and Minding Your Business blog editor, Margaret Dale was recently featured on Thomson Reuters’ Practical Law, where she explores ways that clients can protect privilege after a data breach. The first, “Protecting Privilege Basics,” identifies steps that can be taken by an organization to maximize the ability to successfully … Continue Reading
On June 1, 2020, the California Attorney General’s office released the third and final set of CCPA proposed regulations (available here). In the link below, we provide information about the final proposed regulations and enforcement actions. The CCPA, or the California Consumer Privacy Act of 2018, gives California consumers certain rights to learn about and … Continue Reading
Requires More than Merely Adding Counsel’s Name to a Forensic Report. Technical investigations conducted following cyber-incidents often have both legal and ordinary-course business purposes. In certain jurisdictions, reports generated as a result of such investigations can be protected from discovery by privilege and work product protections– despite certain non-legal use – under the “dual purpose” … Continue Reading
In today’s world, cybersecurity breaches and threats are pervasive concerns for any business entity, without exception. Working from home arrangements due to COVID-19 constraints only magnify the risk and create further vulnerabilities for companies. Companies should be aware of (1) the key cyber threats they face, (2) the consequences of a breach, and (3) the … Continue Reading
With less than one month to go before the California Consumer Privacy Act of 2018’s (“CCPA”) effective date of January 1, 2020, businesses should be aware of the potential litigation that awaits them. The CCPA is a California privacy law that gives California consumers the rights to know about and control the personal information that … Continue Reading
If the government obtains information about your past locations from your wireless provider, is that a search? If so, is it a search that requires the government to obtain a warrant? Courts have held that, because companies collect this kind of data in the ordinary course of business, consumers who voluntarily provide information to these … Continue Reading
As explained in Part I and Part II of this series, U.S.-based commercial litigators should be aware that other countries’ privacy laws may affect their cases in unexpected ways. Perhaps the most likely stage for these issues to surface is during discovery, where materials of interest are located in another country, and that country’s privacy … Continue Reading
On May 16, 2016, the Supreme Court decided Spokeo, Inc. v. Robins, ruling that a plaintiff must sufficiently allege an injury that is both concrete and particularized in order to have Article III standing, and further that a “bare procedural violation” of a plaintiff’s statutory right may not be sufficiently “concrete” under this analysis. This … Continue Reading
Earlier this month, a judge from the Northern District of California allowed a putative class action suit to proceed against Facebook. In this case, the plaintiffs alleged Facebook collected and stored biometric data of individuals’ facial features for use in “tagging” friends in digital photographs. In rejecting Facebook’s attempt to dismiss the suit, the court … Continue Reading
Although the volume of data that flows between the EU and the U.S. ensures that EU privacy law occupies most of the spotlight on the world stage, other countries have their own privacy laws worth noting as well.[1] Different Types of Privacy Regimes As a preliminary matter, it is important to keep in mind that … Continue Reading
Let’s say an American commercial litigator is working to defend a multinational client that has been sued in the U.S. The litigator may realize that he or she needs to collect emails or other documents from the client’s office in Germany, perhaps for discovery or investigation. However, the export of the data contained in those … Continue Reading
This website uses third party cookies, over which we have no control. To deactivate the use of third party advertising cookies, you should alter the settings in your browser.