Personally Identifiable Information

On June 28, 2018, the Governor of California signed the California Consumer Privacy Act of 2018. The Act introduces key privacy requirements for businesses, and was passed quickly by California lawmakers in an effort to remove a ballot initiative of the same name from the November 6, 2018, statewide ballot. The Act will take effect January 1, 2020.
Continue Reading

On June 21, 2018, California lawmakers introduced AB 375, the California Consumer Privacy Act of 2018. If enacted and signed by the Governor by June 28, 2018, AB 375 would introduce key privacy requirements for businesses, but would also result in the removal of a ballot initiative of the same name from the November 6, 2018, statewide ballot.
Continue Reading

On November 6, 2018, California voters will consider a ballot initiative called the California Consumer Privacy Act. The Act is designed to give California residents the right to request from businesses the categories of personal information the business has sold or disclosed to third parties, with some exceptions.
Continue Reading

On August 21, 2017, the United States Court of Appeals for the Eighth Circuit affirmed the dismissal of a putative class action arising from the Scottrade data breach. Notably, however, the Eighth Circuit did not agree with the trial court’s ruling that the plaintiff lacked Article III standing, instead dismissing the case with prejudice for failure to state a claim.
Continue Reading

Recently, Nevada enacted an online privacy policy law which will require operators of websites and online services to post a notice on their website regarding their privacy practices. Nevada is the third state to enact legislation requiring website operators to post a public privacy notice, following California (enacted in 2004) and Delaware (enacted in 2016).
Continue Reading

On June 12, 2017, a putative class action was filed in the U.S. District Court for the Northern District of Georgia against Tempur Sealy International, Inc. and Aptos, Inc. Tempur Sealy is a mattress, bedding and pillow retailer based in Lexington, Kentucky. Aptos is headquartered in Atlanta, Georgia, and formerly hosted and maintained Tempur Sealy’s website and online payment system. The plaintiff alleges that the breach was discovered in November of 2016 and involved the exposure of payment card data and other PII of an undisclosed number of Tempur Sealy customers.   
Continue Reading