On January 12, 2021, in Wengui v. Clark Hill, PLC, et al., the United States District Court for the District of Columbia rejected a law firm defendant’s assertions of the attorney-client privilege and work product doctrine for forensic reporting and other related information associated with its outside counsel’s data breach investigation.
Continue Reading D.C. Court Rejects Attorney-Client Privilege and Work Product Protections in Data Breach Case

The District Court for the District of Columbia recently invalidated certain Department of Health and Human Services (“HHS”) rules regarding an individual’s access to their protected health information (“PHI”). The Court held that: (1) individuals can only direct their electronic PHI to third parties (and not hard copy PHI); and (2) the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) Omnibus Rule provisions regarding the caps on fees that HIPAA-covered entities may charge for such requests did not follow relevant administrative law procedures.
Continue Reading District Court Limits HIPAA Right of Access

On April 9, 2014, the Federal Trade Commission announced settlements with two data brokers, Instant Checkmate, Inc. and InfoTrack Information Services, Inc. The settlements stem from allegations that the companies violated various provisions of the Fair Credit Reporting Act, including failure to take reasonable steps to ensure that consumer reports were accurate and that their users had a permissible reason to have them.
Continue Reading FTC Announces Settlement with Data Brokers for Alleged FCRA Violations

On January 16, 2014 the Federal Trade Commission announced a settlement with TeleCheck Services, Inc., and its affiliated debt-collection entity, TRS Recovery Services, Inc. The settlement stems from allegations that the defendants violated various provisions of the Fair Credit Reporting Act, including requirements concerning the accuracy of consumer reports and dispute investigation and resolution procedures.
Continue Reading FTC Announces 3.5 Million Dollar Settlement for Alleged FCRA Violations

On December 16, 2013, a U.S. federal district court judge granted a preliminary injunction barring the government from collecting and analyzing metadata related to two consumers’ mobile phone accounts, finding that the NSA’s “indiscriminate” systematic collection of telephone records likely violates the Fourth Amendment.
Continue Reading Federal District Judge Ruling Casts Cloud Over NSA Data Collection

On November 13, 2013, Google entered into a $17 million settlement agreement with the attorneys general from 37 states and the District of Columbia related to allegations that the company bypassed users’ cookie-blocking settings on Apple’s Safari browser in 2011 and 2012. The settlement requires Google to refrain from bypassing cookie controls in the future

On August 15, 2013, the Federal Trade Commission announced a 3.5 million dollar settlement with Cetergy following allegations that the check authorization service violated various provisions of the Fair Credit Reporting Act, including requirements concerning accuracy of consumer reports and dispute investigation and resolution procedures.
Continue Reading FTC Announces 3.5 Million Dollar Settlement in FCRA Case