On May 4, 2012, a federal court in California granted a motion for class certification in a suit alleging that IKEA violated the Song-Beverly Credit Card Act of 1971 by requesting cardholder ZIP codes during credit card transactions, and then recording that information in its systems.
Continue Reading California District Court Certifies Class in ZIP Code Collection Suit
Payment Card
New Jersey Courts Issue Conflicting Rulings in ZIP Code Collection Cases
Last month, two New Jersey judges issued opposing decisions in class action lawsuits regarding merchants’ point-of-sale ZIP code collection practices. The conflicting orders leave unanswered the question of whether New Jersey retailers are prohibited from requiring and recording customers’ ZIP codes at the point of sale during credit card transactions.
Continue Reading New Jersey Courts Issue Conflicting Rulings in ZIP Code Collection Cases
German State DPA Fines Payment Transaction Provider for Unlawful Transfer of Transaction Data
On September 12, 2011, the Commissioner for Data Protection and Freedom of Information of the German federal state of North Rhine-Westphalia imposed a fine of €60,000 on Easycash GmbH for unlawfully transferring bank account information.
…
Continue Reading German State DPA Fines Payment Transaction Provider for Unlawful Transfer of Transaction Data
Lush Avoids ICO Fine After Website Data Breach
The UK Information Commissioner’s Office found that Lush Cosmetics Ltd. violated the Data Protection Act 1998 by having insufficient measures to protect customer data on its retail website. The ICO required Lush to process customer payment card data in compliance with the Payment Card Industry Data Security Standard but did not impose a monetary penalty on the company.
…
Continue Reading Lush Avoids ICO Fine After Website Data Breach
PCI Data Security Standards Council Provides Cloud Compliance Guidelines
On June 14, 2011, the PCI Security Standards Council’s Virtualization Special Interest Group published guidelines to provide context for the application of the Payment Card Industry Data Security Standard to cloud and other virtual environments.
…
Continue Reading PCI Data Security Standards Council Provides Cloud Compliance Guidelines
Representative Mary Bono Mack Releases Discussion Draft of the SAFE Data Act
On June 13, 2011, Representative Mary Bono Mack released a discussion draft of of the Secure and Fortify Data Act, which would establish federal data security and breach notification requirements.
…
Continue Reading Representative Mary Bono Mack Releases Discussion Draft of the SAFE Data Act
Another Sony Service Breached by Hackers
On May 2, 2011, Sony disclosed that hackers had gained access to personal information of 24.6 million customers who played games on the Sony Online Entertainment network.
…
Continue Reading Another Sony Service Breached by Hackers
Sotto Discusses Epsilon Breach with Information Security Media Group
On April 5, 2011, Lisa Sotto, partner and head of the Privacy and Data Security practice at Hunton & Williams LLP, discussed the Epsilon email breach in an interview with Tracy Kitten of Information Security Media Group. The interview covered issues such as data protection requirements for sensitive consumer data, steps companies should take…
Massachusetts Attorney General Reaches $110,000 Data Breach Settlement with Boston Restaurant Group
On March 28, 2011, Massachusetts Attorney General Martha Coakley announced a settlement with the Briar Group in connection with a 2009 data breach that jeopardized the payment card information of “tens of thousands” of consumers.
…
Continue Reading Massachusetts Attorney General Reaches $110,000 Data Breach Settlement with Boston Restaurant Group
China Issues New Measures to Protect Credit Card Holders
On January 13, 2011, the China Banking Regulatory Commission issued its first comprehensive provisions relating to the credit card business, including regulations on marketing, managing application materials, and truncating account numbers that appear on credit card statements and receipts.
…
Continue Reading China Issues New Measures to Protect Credit Card Holders