Written by Heidi Lawson, CPCU and Danny Harary “Cyber liability insurance” is often used to describe a range of insurance policies, in the same way that the word cyber is used to describe a broad range of information security related tools, processes and services. Everyone is talking about the need for “stand alone” cyber liability… Continue Reading
Monthly Archives: September 2014
Time to Step Up Your COPPA Compliance
Posted in Children, Federal Trade Commission, Privacy RegulationAs we promised in our post on the Yelp and TinyCo Federal Trade Commission COPPA enforcement actions, the Mintz Privacy Team has prepared an extensive review and analysis of both actions, and a helpful guide to avoiding COPPA violations. Client Advisory is available here.
Ninth Circuit Rules Marketing Consultant Can Be Held Vicariously Liable for Text Messages under TCPA
Posted in Class Action Litigation, Privacy LitigationWritten by Ernie Cooper In a ruling issued late last week, the Ninth Circuit held that a marketing consultant that hired a firm to send text messages for a third party could also be held vicariously liable for violations of the Telephone Consumer Protection Act (TCPA). The marketing consultant acknowledged that Federal Communications Commission orders… Continue Reading
Privacy Monday – September 22, 2014
Posted in Cybersecurity, Data Breach, HIPAA/HITECH, Privacy MondayHappy autumnal equinox — http://www.skyandtelescope.com/astronomy-news/observing-news/autumnal-equinox-2014-arrives-09222014/ Home Depot Breach – By the Numbers 56 million cards at risk (compare to Target = 40 million) $62 million in estimated costs (compare to Target =$146 million and counting) $27 million insurance coverage (compare to Target = $100 million in cover) Lawsuits filed – at least 1 in US and… Continue Reading
BREAKING NEWS: THE COPPA ENFORCEMENT ACTIONS ARE HERE!
Posted in Children, Data Compliance & Security, Federal Trade CommissionWritten by Julia Siripurapu, CIPP As we predicted in prior blog posts (here and here), the Federal Trade Commission has begun its vigorous enforcement of the Amended COPPA Rule. And one of the players is not a child-related site, so read on.
NIST Issues Draft Report Enumerating Risks and Protections to Consider When Evaluating Mobile Apps for Your Enterprise
Posted in Cybersecurity, Data Compliance & Security, Mobile PrivacyWritten by: Stephanie D. Willis As the world recovers from the excitement leading up to Tuesday’s Apple Live Event announcement of the new iPhone 6 and Apple Watch, mobile app developers are chomping at the bit to create software that leverages the new operating system and Apple’s widely-anticipated “HealthKit,” a purportedly secure platform that allows… Continue Reading
Privacy Monday – September 8, 2014
Posted in Class Action Litigation, Cybersecurity, Data Breach, Data Breach Notification, Privacy MondayBack to school, back to traffic jams … back to Privacy Mondays! Our look at bits and bytes and goofs and gaffes in data privacy and security Home Depot Breach Update It has been nearly a week, and The Home Depot has still not confirmed that it is the latest victim of point-of-sale hackers in… Continue Reading
California Sets the Curve with New Regulations on Collection and Use of Student Data
Posted in UncategorizedWritten by Jake Romero When one thinks of the use of technology in school, often the first image that comes to mind is of students sending ill-advised Snapchats and making in-app purchases that line the pockets of the Kardashian family, rather than paying attention in geometry. As a tool for teachers, however, online educational tech products… Continue Reading
NLRB Continues Aggressive Crackdown on Social Media Policies
Posted in Employee Privacy, Social MediaIn the past few years the National Labor Relations Board (“NLRB”) has taken an increased interest in whether workplace policies prohibiting employees from discussing the terms and conditions of their employment on social media such as Facebook and Twitter violate the National Labor Relations Act (“NLRA”) by interfering with workers’ rights to engage in concerted… Continue Reading
Another day, another data breach…..DIYers, beware. This time it’s Home Depot.
Posted in Cybersecurity, Data Breach, Data Breach NotificationIt appears that the data breach victim of the week (perhaps of the year) is The Home Depot. Brian Krebs has reported that it appears that two large dumps of purloined credit card numbers have made an appearance on the black market and that those numbers may have originated at Home Depot locations. Krebs’ reporting is… Continue Reading
UK Information Commissioner’s Office Launches Consultation on Privacy Seal Program
Posted in European Union, Privacy RegulationWritten by Susan Foster, Solicitor England & Wales/Admitted in California (LONDON) The UK’s Information Commissioner’s Office (ICO) is accepting comments from the public on a proposed UK privacy seal program. The deadline for comments is October 3, 2014. The ICO intends to endorse at least one privacy seal program in 2015. Privacy seal programs are… Continue Reading
