Privacy & Cybersecurity

Yesterday, Mintz Levin attended a panel breakfast sponsored by the New York City Bar's Committee on Women in Intellectual Property. The panel featured two practitioners, one from the public sector and one from the private sector.

As our readers know, we maintain a summary of the US state data breach notification laws, which we refer to as the “Mintz Matrix.” We update the Mintz Matrix on a quarterly basis, or more frequently if developments dictate.

Today is the running of the 118th Boston Marathon.

As a follow-up to our commentary here on the headline-grabbing Heartbleed bug, I had the opportunity to discuss the subject with Colin O'Keefe of LXBN. In the brief interview, I explain how companies should respond to the bug and the uncertainty surrounding the liability they may face.

There has been so much news swirling in the data privacy and security world in the last few days, that it has been difficult to keep up.  We'll give you a roundup here for your Friday and weekend reading.

Following a string of high-profile data breaches and new data suggesting that approximately 21.3 million customer accounts have been exposed by data breach incidents over the past two years, the California legislature has introduced legislation aimed at making retailers responsible for certain costs in connection with data breach incidents. 

Last week was certainly the "week of the Heartbleed." Unless you have been on vacation on a remote island (and if so, good for you!), you have heard and read much about the latest mass bug to infect the Internet.

The latest salvo in the Target data breach litigation is a class action brought by credit card issuing banks advancing a creative and somewhat misleading construction of the Minnesota’s Plastic Card Security Act. The banks allege that there was a violation of the statute’s prohibition on retaining PIN, security code and other magnetic swipe data more than 48 hours after a transaction. 

April 8, 2014 marks the end of Microsoft’s support for the Windows XP operating system, which means the end of security updates from Microsoft and the beginning of new vulnerability to hackers and other intruders into systems still utilizing the operating system.

The draft model clauses have the potential to bring greater certainty to the rules applicable to data transfers from a data processor that is located within the EEA to a sub-processor located outside of the EEA. 

Welcome to the first Monday in April.
Our Privacy Monday is a report on the Federal Trade Commission's latest privacy notice-related settlements with Fandango and Credit Karma.

If you’ve had a birthday in the past two weeks, you may have received a greeting card from an unlikely source; the National Security Agency. Following President Obama’s call for large-scale reform of the NSA, the agency has initiated a rebranding campaign in the hopes of winning back the trust and favor of the American public.

In what apparently is a big "oops," two banks that took legal action against Target over its recent data breach have withdrawn their claims. The suits were withdrawn due to an erroneous allegation against Trustwave, a security vendor also named in the suit.

Last Monday in March (Opening Day for you baseball fans) - some privacy/security bits and bytes to close out the month.

It has been difficult to keep up with all the various permutations of the Target data breach saga.

Delaware state representative Darryl Scott recently introduced the Child Online Protection Act (House Bill 261 or the “Bill”), to the state's House of Representatives.

Mintz Levin employment lawyer Don Schroeder was recently quoted in this Law360 Article entitled Microsoft Steps in Privacy Quagmire With Email Snooping. The article focuses on the controversial choice by Microsoft Corp. to search a blogger’s e-mail account for evidence of leaked trade secrets by its former employee. 

Welcome to March Madness -- although if your brackets look anything like mine do this morning, it is not particularly "welcome." Let's just say that there is no danger of my winning Warren Buffet's $1 billion.

Mintz is presenting a roundtable discussion tomorrow titled:  NIST Framework: How to Best Mitigate Cyber Risk for Your Organization

Just two months after Apple’s settlement with the FTC over lax parental controls over children’s in-app purchases (see our prior blog post), Google takes the spotlight with claims of unauthorized children’s in-app purchases in the Google Play Store!