On June 23, 2017, Anthem Inc., the nation’s second largest health insurer, reached a record 115 million dollar settlement in a class action lawsuit arising out of a 2015 data breach that exposed the personal information of more than 78 million people. Among other things, the settlement creates a pool of funds to provide credit monitoring and reimbursement for out-of-pocket costs for customers. … Continue Reading
On June 13, 2017, Judge Andrea R. Wood of the Northern District of Illinois dismissed with prejudice a putative consumer class action filed against Barnes and Noble. The case was first filed after Barnes and Noble’s September 2012 announcement that skimmers had tampered with PIN pad terminals in 63 of its stores and exposed payment card information.… Continue Reading
On October 14, 2016, California Attorney General Kamala D. Harris announced the release of an online form that will enable consumers to report potential violations of the California Online Privacy Protection Act. … Continue Reading
On February 16, 2016, California Attorney General Kamala D. Harris released the California Data Breach Report 2012-2015 which, among other things, provides (1) an overview of businesses’ responsibilities regarding protecting personal information and reporting data breaches and (2) a series of recommendations for businesses and state policy makers to follow to help safeguard personal information. … Continue Reading
On December 15, 2015, the California Attorney General announced an approximately 25 million dollar settlement with Comcast Cable Communications, LLC stemming from allegations that Comcast disposed of electronic equipment (1) without properly deleting customer information from the equipment and (2) in landfills that are not authorized to accept electronic equipment.… Continue Reading
On October 8, 2015, California Governor Jerry Brown signed into law the California Electronic Communications Privacy Act. The law requires police to obtain a warrant before accessing an individual’s private electronic information. … Continue Reading
On October 2, 2015, California Attorney General Kamala D. Harris announced that her office settled a lawsuit against an online home design company, Houzz Inc., stemming from allegations that the company impermissibly recorded phone calls without appropriately notifying the parties to the calls.… Continue Reading
On July 9, 2015, the National Telecommunications and Information Administration announced the launch of its first cybersecurity multistakeholder process, in which representatives from across the security and technology industries will meet in September to discuss vulnerability research disclosure.… Continue Reading
The U.S. District Court for the Central District of California recently granted, only in part, a motion to dismiss a data breach class action against Sony Pictures Entertainment, Inc. in Corona v. Sony Pictures Entertainment, Inc. This blog entry provides details of the ruling.… Continue Reading
On May 5, 2015, the Financial Crimes Enforcement Network of the U.S. Treasury Department, in coordination with the U.S. Attorney’s Office for the Northern District of California, announced a civil monetary penalty of $700,000 against Ripple Labs, Inc. and its subsidiary XRP II, LLC for violations of the Bank Secrecy Act.… Continue Reading
On January 5, 2015, the Alameda County District Attorney's Office announced that Safeway Inc. has agreed to pay USD 9.87 million to settle claims that the company unlawfully disposed of customer medical information and hazardous waste in violation of California's Confidentiality of Medical Information Act and hazardous waste laws. … Continue Reading
On November 18, 2014, Hunton & Williams' Global Privacy and Cybersecurity practice group hosted the latest webcast in its Hunton Global Privacy Update series. This blog entry provides a link to the recording.… Continue Reading
Fears of a worldwide Ebola pandemic appear to have abated, but the tension between workplace safety and employee privacy, thrown into relief by this health emergency, remains an issue relevant to all employers.… Continue Reading
On October 28, 2014, California Attorney General Kamala D. Harris announced the release of the second annual California Data Breach Report, which provides information on data breaches reported to the Attorney General in 2012 and 2013.… Continue Reading
On October 14, 2014, rent-to-own retailer Aaron’s, Inc. (“Aaron’s”) entered into a $28.4 million settlement with the California Office of the California Attorney General related to charges that the company permitted its franchised stores to unlawfully monitor their customers’ leased laptops.… Continue Reading
On September 30, 2014, California Governor Jerry Brown announced the recent signings of several bills that provide increased privacy protections to California residents. These bills are aimed at protecting student privacy, increasing consumer protection in the wake of a data breach, and expanding the scope of California's invasion of privacy and revenge porn laws.… Continue Reading
At the end of August, a bill amending California's breach notification law passed and was sent to Governor Jerry Brown for signature. The revised law would extend certain obligations to safeguard personal information to entities that "maintain" such information, add a requirement to offer identity theft protection to individuals affected by a security breach, and bolster protection for Social Security numbers.… Continue Reading
On May 21, 2014, California Attorney General Kamala D. Harris released guidance for businesses on how to comply with recent updates to the California Online Privacy Protection Act.… Continue Reading
As reported in the Hunton Employment and Labor Perspectives Blog, on February 14, 2014, San Francisco passed the San Francisco Fair Chance Ordinance and became the latest national municipality to "ban the box" and limit the use of criminal background checks in employment hiring decisions.… Continue Reading
On January 21, 2014, the Hunton and Williams Global Privacy and Cybersecurity practice group hosted the latest webcast in its Hunton Global Privacy Update series. This blog post provides a link to a recording of the session and previous updates. … Continue Reading
Following recent approvals of two new online privacy laws in California, on October 12, 2013, California Governor Jerry Brown vetoed an electronic communications privacy bill that would have compelled law enforcement to obtain a search warrant before seeking access to electronic communications maintained by service providers. … Continue Reading
On October 7, 2013, a federal district court in California held that a general liability insurance policy covered data breach claims alleging violations of California patients' right to medical privacy. This blog post includes a downloadable client alert on the ruling.… Continue Reading
On September 27, 2013, California Governor Jerry Brown signed into law a bill amending the California Online Privacy Protection Act to require website privacy notices to disclose how the site responds to "Do Not Track" signals, and whether third parties may collect personal information from consumers who use the site.… Continue Reading
On September 23, 2013, California Governor Jerry Brown signed "Privacy Rights for California Minors in the Digital World" into law, adding new sections concerning California residents under age 18 to the California Online Privacy Protection Act. Changes include a prohibition on online marketing or advertising of certain products to minors, and an obligation to honor requests made by minors who are registered users to remove content posted online. … Continue Reading
