Skip to main content

Privacy & Cybersecurity

Viewpoints

Filter by:

An attempt to impose liability on corporate officers and directors for data breach-related losses has once again failed. On November 30, 2016, a federal judge in Atlanta issued a 30 page decision dismissing a shareholder derivative action arising out of the September 2014 theft of customer credit card data from point-of-sale terminals in Home Depot stores.
Read more
As we reported earlier this week, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights described a phishing campaign that is attempting to convince recipients of their inclusion in OCR’s Phase 2 audit program.
Read more
The growing scale of cybersecurity concerns is prompting action from government leadership on the federal level.
Read more
Smart machines connected to the internet have become ubiquitous in our daily lives. They make up the Internet of Things (“IoT”), a vast web of interconnected iPhones and Fitbits, tablets and cameras, even baby monitors and implantable medical devices, and all are designed to improve and enrich our lives. 
Read more
Even president-elect Donald Trump has been the victim of a data breach. Several times actually. The payment card system for his Trump Hotel Collection was infected by malware in May 2014 and 70,000 credit card numbers were compromised by the time the hack was discovered several months later.  
Read more
Developers and operators of educational technology services should take note. Just before the election, California Attorney General Kamala Harris provided a document laying out guidance for those providing education technology (“Ed Tech”).
Read more
As we previewed last week, the Federal Communications Commission (FCC) has adopted new privacy rules that govern Internet service providers' (ISPs) handling of broadband customer information.
Read more
Over the last week, details have become available to explain how an attack against a well-known domain name service (DNS) provider occurred. What about the potential legal risks?
Read more
BREAKING NEWS -
The FCC has voted 3-2 along party lines to require internet service providers (ISPs) to get a customer's explicit consent before they can use or share what is termed "sensitive" personal information.
Read more

Insurance Regulators Fine Tuning Cybersecurity Guidance

October 25, 2016 | Blog | By Julia Siripurapu, Michael Katz

You may not realize how much personal information your insurance company has about you. Scarier still is that much of this data is sensitive and valuable to hackers – such as your Social Security number, financial information, medical history, even itemized schedules of your most expensive personal property.
Read more
Imagine you are the CEO of company sitting across from an interviewer. The interviewer asks you the age old question, “So tell me about your company’s strengths and weaknesses?" You start thinking about your competitive advantages that distinguish you from competitors.
Read more
It's time for a compliance check on those website or mobile app privacy policies, before the California Attorney General comes knocking.
Read more
For the next few months, the Mintz Levin Privacy Webinar Series is focusing on the upcoming EU General Data Protection Regulation (GDPR) to help businesses understand the reach and scope of the GDPR and prepare for the potentially game-changing privacy regulation.
Read more
The term “cloud computing,”  -- a process by which remote computers are used to store, manage and process data -- is no longer an unfamiliar term. According to at least one estimate, “approximately 90 percent of businesses using the cloud in some fashion.”
Read more
In the wake of the Supreme Court’s decision in Spokeo, Inc. v. Robins, 136 S. Ct. 1540 (2016), lower courts have begun to address whether alleged violations of statutes intended to protect privacy suffice, in the absence of any further alleged injury, to establish Article III standing.
Read more
The New York Department of Financial Services recently announced a new proposed rule, which would require financial institutions and insurers to implement strong policies for responding to cyberattacks and data breaches.
Read more
In its recent decision in Galaria v. Nationwide Mut. Ins. Co., no. 15-3386 (6th Cir. Sept. 12, 2016). Co., No. 15-3386 (6th Cir. Sept. 12, 2016), a divided Sixth Circuit panel held that plaintiffs had standing to assert claims arising from hackers’ alleged theft of data containing plaintiffs’ sensitive personal data, including dates of birth and Social Security numbers.
Read more
The FBI warned this summer that the “Business Email Compromise” (“BEC”) scam continues to grow, evolve, and target businesses of all sizes. As reported by the FBI in June, the scam had hit more than 22,000 victims for a combined dollar loss of greater than $3 billion – that’s billion with a B! And the latest evolution is even more threatening, potentially causing breaches of protected data.
Read more
As has become typical in the data security space, there was quite a bit of activity in state legislatures over the previous year concerning data breach notification statutes. Lawmakers are keenly aware of the high profile data breaches making headlines and the increasing concerns of constituents around identity theft and pervasive cybercrime. 
Read more
Last week the clothing retailer Eddie Bauer LLC issued a press release to announce that its point of sale (“POS”) system at retail stores was compromised by malware for more than six months earlier this year. 
Read more
Sign up to receive email updates from Mintz.
Subscribe Now

Explore Other Viewpoints: