Tag Archives: Illinois

UK and U.S. Regulators Introduce New Breach Guidance, Notification Forms

Posted on February 3, 2012 by Hunton & Williams LLP

In recent weeks, regulators in California and Illinois have issued guidance on responding to data security breaches, while UK and California authorities released online forms for organizations to use when providing notification of a breach to regulators.

In December 2011, the UK Information Commissioner’s Office (“ICO”) released a new breach notification form, reinforcing its expectation that organizations provide notification whether or not such notification is legally required. Sector-specific breach notification requirements were introduced in the UK by The Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011, and since May 2011, public electronic communication service providers have been required to notify the ICO, and in some cases affected individuals, in the event of a data security breach. All other organizations are strongly encouraged to notify the ICO of serious security breaches, and the fact that an incident was reported voluntarily is something the ICO takes into consideration when determining the appropriate enforcement action.

Tags: California, Data Protection Act, E-Privacy Directive, Illinois, Information Commissioners Office, State Attorneys General, United Kingdom

California Joins the Growing List of States Restricting Employers’ Use of Consumer Credit Reports

Posted on October 21, 2011 by Hunton & Williams LLP

As reported in the Hunton Employment & Labor Perspectives Blog, on October 10, 2011, California became the seventh state to enact legislation restricting public and private employers alike from using consumer credit reports in making hiring and other personnel decisions. Assembly Bill No. 22 both adds a new provision to the California Labor Code — Section 1024.5 — and amends California’s Consumer Credit Reporting Agencies Act (“CCRAA”). Effective January 1, 2012, California employers will be prohibited from requesting a consumer credit report for employment purposes unless they meet one of the limited statutory exceptions, and those employers meeting an exception, will be subjected to increased disclosure requirements. Connecticut, Illinois, Hawaii, Oregon, Maryland and Washington already have similar laws on the books, and many other states, as well as the federal government, are contemplating similar legislation. This trend creates a potential “credit-centric” minefield for employers that do business in any one or more of these states. In light of the multiple laws affecting their use, employers who utilize consumer credit reports in making personnel decisions should proceed cautiously. Employers must evaluate the need for these reports in making personnel decisions, review and modify their policies to ensure compliance with the myriad of regulations in this area, and monitor any new developments to ensure continued compliance.

Tags: California, Connecticut, Department of Justice, Hawaii, Illinois, Legislation, Maryland, Oregon, Washington

Seventh Circuit Finds in Favor of Resellers in DPPA Suit

Posted on September 30, 2011 by Hunton & Williams LLP

On September 28, 2011, a federal court in Illinois held that West Publishing Company (“West”) had not violated the Driver’s Privacy Protection Act (“DPPA”) by reselling driver’s license information obtained from state DMVs. The court held that (1) the DPPA creates a federal private right of action permitting individuals like the plaintiffs to bring their class action suit, but (2) the lower court’s dismissal for failure to state a claim was proper.

Tags: Class Action, Illinois, Litigation

New Illinois Law Restricts Employer Use of Credit History

Posted on August 19, 2010 by Hunton & Williams LLP

On August 10, 2010, Illinois Governor Pat Quinn signed the Employee Credit Privacy Act, which prohibits most Illinois employers from inquiring about an applicant’s or employee’s credit history or using an individual’s credit history as a basis for an employment decision. The definition of “employer” under the Act exempts banks, insurance companies, law enforcement agencies, debt collectors and state and local government agencies that require the use of credit history.

Tags: Credit Report, Employee Credit Privacy Act, Illinois

New Class Action Complaint Alleges Privacy Violations by ISP Using NebuAd Device

Posted on December 15, 2009 by Hunton & Williams LLP

A class action complaint filed on December 9, 2009, in Illinois federal court alleges that WideOpen West, Finance, LLC ("WOW"), an Internet service provider, violated its users’ privacy by "installing spyware devices on its broadband networks." Valentine v. WideOpen West (N.D. Ill., No. 1:09-cv-07653). This action against WOW follows the October 6, 2009, dismissal by a district court in California of similar claims against six out-of-state ISP defendants (including WOW) filed in November 2008 by the same lead plaintiff. The court in Valentine v. NebuAd, Inc. et al. (N.D. Cal., No. 3:08-cv-05113) found that the ISP defendants were not subject to personal jurisdiction in California, leaving the now-defunct NebuAd as the only defendant in that case. Plaintiff Valentine has now brought this action against WOW in the Northern District of Illinois.

Tags: Advertisement, Class Action, Computer Fraud and Abuse Act, Electronic Communications Privacy Act, Illinois

Privacy and Information Security Law Blog - Global privacy and information security law updates and analysis

Tag Archives: Illinois

UK and U.S. Regulators Introduce New Breach Guidance, Notification Forms

California Joins the Growing List of States Restricting Employers’ Use of Consumer Credit Reports

Seventh Circuit Finds in Favor of Resellers in DPPA Suit

New Illinois Law Restricts Employer Use of Credit History

New Class Action Complaint Alleges Privacy Violations by ISP Using NebuAd Device

Published By Hunton & Williams

Search

Subscribe

Topics

Recent Updates

Blogroll

Privacy News