Tag Archives: Personally Identifiable Information

Eighth Circuit Finds Article III Standing Yet Affirms Dismissal of Scottrade Breach Case

On August 21, 2017, the United States Court of Appeals for the Eighth Circuit affirmed the dismissal of a putative class action arising from the Scottrade data breach. Notably, however, the Eighth Circuit did not agree with the trial court’s ruling that the plaintiff lacked Article III standing, instead dismissing the case with prejudice for failure to state a claim. … Continue Reading

Nevada Enacts Website Privacy Notice Law

Recently, Nevada enacted an online privacy policy law which will require operators of websites and online services to post a notice on their website regarding their privacy practices. Nevada is the third state to enact legislation requiring website operators to post a public privacy notice, following California (enacted in 2004) and Delaware (enacted in 2016). … Continue Reading

Tempur Sealy Data Breach: Putative Class Action Filed

On June 12, 2017, a putative class action was filed in the U.S. District Court for the Northern District of Georgia against Tempur Sealy International, Inc. and Aptos, Inc. Tempur Sealy is a mattress, bedding and pillow retailer based in Lexington, Kentucky. Aptos is headquartered in Atlanta, Georgia, and formerly hosted and maintained Tempur Sealy’s … Continue Reading

China Enacts Administrative Measures for Online Payment Businesses

Recently, the People's Bank of China published Administrative Measures for Online Payment Business of Non-bank Payment Institutions. These measures were enacted to provide further details on the regulation of the online payment business in supplement to earlier measures published on June 14, 2010.… Continue Reading

FCC Reaches Settlement with Cable Operator over Customer Data Breach

On November 5, 2015, the Enforcement Bureau of the Federal Communications Commission (“FCC”) entered into a Consent Decree with cable operator Cox Communications to settle allegations that the company failed to properly protect customer information when the company’s electronic data systems were breached in August 2014 by a hacker. The FCC alleged that Cox failed … Continue Reading

SEC Announces Settlement Order and Publishes Investor Alert

On September 22, 2015, the Securities and Exchange Commission announced a settlement order with an investment adviser for failing to establish cybersecurity policies and procedures, and published an investor alert entitled Identity Theft, Data Breaches, and Your Investment Accounts.… Continue Reading

Delaware Governor Signs Set of Online Privacy Bills

Delaware Governor Jack Markell recently signed four bills into law concerning online privacy. The bills, drafted by the Delaware Attorney General, focus on protecting the privacy of website and mobile app users, children, students and crime victims.… Continue Reading

Connecticut Passes New Data Protection Measures into Law

On July 1, 2015, Connecticut's governor signed into law Public Act No. 15-142, An Act Improving Data Security and Agency Effectiveness, that amends and updates the state's data breach notification law and imposes certain data security requirements on health insurers and state contractors.… Continue Reading

Two Wyoming Bills Amending the State’s Breach Notification Statute Are Headed to the Governor

On February 23, 2015, the Wyoming Senate approved a bill that adds data elements to the definition of "personal identifying information" in the state's data breach notification statute. The Wyoming Senate also agreed with amendments proposed by the Wyoming House of Representatives to another bill that adds content requirements to the notice that breached entities must send affected Wyoming residents. … Continue Reading

Federal District Court Grants Motion to Dismiss a Class Action Alleging Impermissible Sharing of Personal Information Under the Video Privacy Protection Act

On October 8, 2014, the United States District Court for the Northern District of Georgia granted Cartoon Network, Inc.’s (“Cartoon Network’s”) motion to dismiss a putative class action alleging that Cartoon Network’s mobile app impermissibly disclosed users’ personally identifiable information (“PII”) to a third party data analytics company under the Video Privacy Protection Act (“VPPA”).… Continue Reading

Delaware Enacts New Data Destruction Law

On July 1, 2014, Delaware Governor Jack Markell signed into law a bill that creates new safe destruction requirements for the disposal of business records containing consumer personal information. The law will take effect on January 1, 2015.… Continue Reading
LexBlog