Archives: Identity Theft

Subscribe to Identity Theft RSS Feed

Two Wyoming Bills Amending the State's Breach Notification Statute Are Headed to the Governor

On February 23, 2015, the Wyoming Senate approved a bill that adds data elements to the definition of "personal identifying information" in the state's data breach notification statute. The Wyoming Senate also agreed with amendments proposed by the Wyoming House of Representatives to another bill that adds content requirements to the notice that breached entities must send affected Wyoming residents. … Continue Reading

Obama's New Executive Order Focuses on Securing Consumer Payments

Today, the White House announced that the President signed a new executive order focused on cybersecurity. The signed executive order, entitled Improving the Security of Consumer Financial Transactions, focuses on securing consumer transactions and sensitive personal data handled by the U.S. Federal Government.… Continue Reading

Delaware Enacts New Data Destruction Law

On July 1, 2014, Delaware Governor Jack Markell signed into law a bill that creates new safe destruction requirements for the disposal of business records containing consumer personal information. The law will take effect on January 1, 2015.… Continue Reading

Kentucky Enacts Data Breach Notification Law

On April 10, 2014, the Governor of Kentucky signed into law a data breach notification statute requiring persons and entities conducting business in Kentucky to notify individuals whose personally identifiable information was compromised in certain circumstances. The law will take effect on July 14, 2014. … Continue Reading

FTC Issues a Guide for Businesses and Organizations on the Red Flags Rule

In May 2013, the Federal Trade Commission released a new guide entitled Fighting Identity Theft with the Red Flags Rule: A How-To Guide for Business to help businesses and organizations determine whether they are subject to the FTC’s Red Flags Rule and how to fulfill the Rule’s requirements. The Guide includes information regarding what types of entities must comply with the Red Flags Rule, a set of FAQs and a four-step process to achieve compliance.… Continue Reading

SEC and CFTC Adopt Rules on Red Flags and Identity Theft

On April 10, 2013, the Securities and Exchange Commission and the Commodity Futures Trading Commission jointly adopted rules that require broker-dealers, mutual funds, investment advisers and certain other regulated entities to adopt programs designed to detect red flags and prevent identity theft.… Continue Reading

Massachusetts Court Ruling Benefits Plaintiff in Zip Code Case

On March 11, 2013, in Tyler v. Michaels Stores, Inc., the Massachusetts Supreme Judicial Court effectively reinstated the suit against the retailer by answering favorably for the plaintiff three certified questions from the United States District Court for the District of Massachusetts regarding Massachusetts General Laws Chapter 93, Section 105(a) entitled “Consumer Privacy in Commercial … Continue Reading

UK Parliament Calls for Prison Sentences for Data Theft

In an October 18, 2011 report, the Justice Committee called for UK courts to be given greater powers to imprison and fine individuals who breach the Data Protection Act, and asked that the government assess whether the UK Information Commissioner should have additional authority to audit data processing activities.… Continue Reading

Sotto Discusses Epsilon Breach with Information Security Media Group

On April 5, 2011, Lisa Sotto, partner and head of the Privacy and Data Security practice at Hunton & Williams LLP, discussed the Epsilon email breach in an interview with Tracy Kitten of Information Security Media Group.  The interview covered issues such as data protection requirements for sensitive consumer data, steps companies should take to … Continue Reading
LexBlog