Privacy & Cybersecurity

The National Association of Insurance Commissioners (NAIC), the standard-setting organization in the U.S. insurance industry created and governed by the chief insurance regulators from the 50 states, the District of Columbia, and five U.S. territories, recently published its “Principles for Effective Cybersecurity: Insurance Regulatory Guidance” (the “NAIC Guidance”).

In the wake of Target’s April 15 announcement of a private $19 million settlement of the data breach claims of MasterCard-issuing banks, counsel representing the putative card issuer class in the consolidated Target data breach litigation moved to enjoin the proposed settlement, arguing that it is an improper end-run around the Minnesota federal court’s adjudication of card issuer claims.

Some privacy & security bits and bytes to start your week:
FCC to Hold Public Workshop on Broadband Consumer Privacy Tomorrow

As cyber week continues in Washington, Federal Communications Commission Chairman Tom Wheeler traveled to the west coast to speak about cybersecurity at the RSA Conference in San Francisco. 

Security is on the agenda from coast to coast this week.
Cybersecurity information sharing legislation will hit the House floor this week.  

Register now for the fourth installment in our monthly 2015 Privacy Wednesday webinar series, coming up next Wednesday, April 29th at 1:00 pm ET.

Target confirmed a report in the Wednesday edition of The Wall Street Journal of a settlement with MasterCard concerning claims of card-issuers arising from Target’s 2013 data breach. 

According to a report published today in The Wall Street Journal, Target and MasterCard are close to reaching a settlement of the claims of MasterCard-issuing institutions in connection with Target’s 2013 data breach. 

Spring has finally arrived on the East Coast, and not a moment too soon.
Here are 3 privacy & security bits and bytes to start your week.

As we predicted in our post late last month, Google’s YouTube Kids app has attracted more than just the “curious little minds” Google was hoping for.  Yesterday, a group of privacy and children’s rights advocates (including the Center for Digital Democracy and the American Academy of Child and Adolescent Psychiatry) asked the Federal Trade Commission “to investigate whether Google’s YouTube Kids app violates Section 5 of the FTC Act . . . .”

Following up on my recent post on the matter, I had the opportunity to speak with Colin O'Keefe of LXBN on the subject of cross-device tracking. In the brief interview, I discuss the growing prevalence of cross-device tracking and what the FTC is doing in response.

Not only is it Privacy Monday - it is OPENING DAY! After this long, long winter ... welcome back baseball!

President Obama today signed an Executive Order granting authority to the Department of the Treasury's Office of Foreign Assets Control (OFAC) to impose sanctions on individuals and entities determined to be "responsible for or complicit in malicious cyber-enabled activities" that result in harms "reasonably likely to result in, or have materially contributed to, a significant threat to the national security, foreign policy, or economic health or financial stability of the United States."

Our 2015 monthly Privacy Issues Wednesday webinar series continued this month with Jonathan Cain and Paul Pelletier's Responding to Insider Data Theft & Disclosure presentation. 

Facebook does it. Google does it. It's everywhere in the mobile ad ecosystem. And your smartphone does it more often than you know, according to a study released on Monday by Carnegie Mellon.

The Federal Communications Commission’s (“FCC”) net neutrality proceeding culminated this month with the release of an Order reclassifying broadband Internet access service as a common carrier Telecommunications Service subject to regulation under Title II of the Communications Act.

On Friday, the FTC published updates to the COPPA FAQs, the Commission’s compliance guide for businesses and consumers, to address the applicability of COPPA and the Amended COPPA Rule to educational institutions and businesses that provide online services, including mobile apps, to educational institutions.

If you've been following the our sister blog, Employment Matters, then you will understand the headline. If you have not, you should click over there and check out the tournament action on a Friday afternoon while you are ... streaming some other things.

On March 18, 2015 – just three months after denial of a motion to dismiss consumer claims arising from Target’s 2013 data breach – Target and the consumer class filed papers seeking approval of a settlement. The proposed settlement agreement creates a $10 million cash fund to be paid out to class members claiming actual damages arising from the settlement.

Taking another “step” toward developing comprehensive privacy legislation, the White House has released a discussion draft of the Consumer Privacy Bill of Rights Act of 2015.