Tag Archives: Litigation

Putative Data Breach Class Action Dismissed for the Third Time

On June 13, 2017, Judge Andrea R. Wood of the Northern District of Illinois dismissed with prejudice a putative consumer class action filed against Barnes and Noble. The case was first filed after Barnes and Noble’s September 2012 announcement that skimmers had tampered with PIN pad terminals in 63 of its stores and exposed payment card information.… Continue Reading

Global Ransomware Attacks Raise Key Legal Considerations

On May 12, 2017, a massive ransomware attack, known as “WannaCry,” began affecting tens of thousands of computer systems in over 100 countries. These types of incidents can have significant legal implications for affected entities and industries for whom data access and continuity is critical. As affected entities work to understand and respond to the threat of ransomware, we address some of the key legal considerations.… Continue Reading

Home Depot Prevails in Shareholder Derivative Lawsuit Over 2014 Data Breach

Recently, the U.S. District Court for the Northern District of Georgia dismissed a shareholder derivative lawsuit against Home Depot Inc. (“Home Depot”) arising over claims that Home Depot’s directors and officers (the “Defendants”) acted in bad faith and violated their duties of care and loyalty by disregarding their oversight duties in connection with a 2014 … Continue Reading

France Adopts Class Action Regime for Data Protection Violations

On November 19, 2016, the French government enacted a bill creating a legal basis for class actions against data controllers and processors resulting from data protection violations. The bill establishes a general class action regime and includes specific provisions regarding data protection violations.… Continue Reading

Russia Set to Block Access to LinkedIn

On November 10, 2016, Moscow’s Court of Appeal upheld a lower court’s decision that LinkedIn violated Russia’s data localization law requiring Russian personal data to be stored within Russian territory. Roskomnadzor, Russia’s data protection authority, is now set to block access to the social media website across Russia.… Continue Reading

Court Rules Fraud Involving a Computer Is Not ‘Computer Fraud’ under Crime Protection Policy

On October 18, 2016, the United States Court of Appeals for the Fifth Circuit held in Apache Corp. v. Great American Ins. Co. that a crime protection insurance policy does not cover loss resulting from a fraudulent email directing funds to be sent electronically to the imposter’s bank account because the scheme did not constitute “computer fraud” under the policy. … Continue Reading

The New Wave of Consumer Class Actions Targeting Retailers: What is the TCCWNA?

TCCWNA. The very acronym evokes head scratches and sighs of angst and frustration among many in the retail industry. The New Jersey Truth-in-Consumer Contract Warranty and Notice Act was passed in 1981 to protect consumers from allegedly deceptive practices in consumer contracts, warranties, notices and signs. Continue reading for an in-depth view of the TCCWNA and what retailers can do to minimize risk. … Continue Reading

CNIL Issues Decision Regarding Data Processing for Litigation Purposes

On February 19, 2016, the French Data Protection Authority made public its new Single Authorization Decision No. 46. This decision relates to the data processing activities of public and private organizations with respect to the preparation, exercise and follow-up regarding disciplinary or court actions, and the enforcement of those actions.… Continue Reading
LexBlog