Privacy & Cybersecurity

The U.S. Office of Personnel Management (OPM) announced that hackers have stolen the personal information of approximately 4 million current and former federal employees, including names, birthdates and social security numbers. 

Home Depot has staked its defense of consumer claims arising from the 2014 theft of payment card data from the home improvement retailer on the asserted absence of injuries sufficient to confer standing to sue. 

Happy June - the first day of meteorological summer!
In the last month, both a federal and state court denied coverage for claims relating to an insured’s handling of electronic data.

Target’s attempt to resolve claims of MasterCard-issuing banks through a $19 million private settlement with MasterCard has been terminated for failure of issuers of 90% of the affected cards to accept the settlement by the Wednesday, May 20 acceptance deadline. 

If your company has an online presence -- or provides marketing or advertising services -- you should be registered for the fifth webinar in our 2015 Wednesday Privacy Webinar series: The Long Reach of COPPA.   Recall the recent FTC settlement agreement with Yelp -- clearly a site not targeted at children -- that cost the online review company $450,000.

The Network Advertising Initiative (NAI) has issued guidance for its members on the use of non-cookie technologies for Interest-Based Advertising (IBA) and Ad Delivery and Reporting (ADR) (Guidance). The NAI is a self-regulatory organization for third-party digital advertising companies.

Cyber security, and cyber insurance, have dominated the industry headlines for several years now, but even as companies, brokers and insurers work to develop these products, there has been a dearth of case law interpreting key provisions.

It's Monday morning -- do you know your privacy/security status?
Here are a few bits and bytes to start your week.

On this Privacy Monday, we have some upcoming events that you might want to add to your calendar.

Fitbit, the fitness-tracking company with six wearable devices that track and collect data about things like calories burned, steps logged, "quality" of sleep and sleep patterns, heart rate, etc.) as well as web and mobile apps and premium services, has filed with the Securities and Exchange Commission for a $100 million initial public offering.

Senior U.S. District Court Judge Paul Magnuson issued an order  on Thursday, May 7 denying a request by counsel for card issuer banks to enjoin the settlement of data breach related claims negotiated between Target and MasterCard. 

Another federal agency has weighed in with "guidance" on cybersecurity preparation and breach response. The Department of Justice (DOJ) is the latest to issue guidance on how companies should respond to data breaches.

On this Privacy Monday, we can definitely say that the long winter of our discontent (at least for some of our readers) is over. Happy spring!

The National Association of Insurance Commissioners (NAIC), the standard-setting organization in the U.S. insurance industry created and governed by the chief insurance regulators from the 50 states, the District of Columbia, and five U.S. territories, recently published its “Principles for Effective Cybersecurity: Insurance Regulatory Guidance” (the “NAIC Guidance”).

In the wake of Target’s April 15 announcement of a private $19 million settlement of the data breach claims of MasterCard-issuing banks, counsel representing the putative card issuer class in the consolidated Target data breach litigation moved to enjoin the proposed settlement, arguing that it is an improper end-run around the Minnesota federal court’s adjudication of card issuer claims.

Some privacy & security bits and bytes to start your week:
FCC to Hold Public Workshop on Broadband Consumer Privacy Tomorrow

As cyber week continues in Washington, Federal Communications Commission Chairman Tom Wheeler traveled to the west coast to speak about cybersecurity at the RSA Conference in San Francisco. 

Security is on the agenda from coast to coast this week.
Cybersecurity information sharing legislation will hit the House floor this week.  

Register now for the fourth installment in our monthly 2015 Privacy Wednesday webinar series, coming up next Wednesday, April 29th at 1:00 pm ET.

Target confirmed a report in the Wednesday edition of The Wall Street Journal of a settlement with MasterCard concerning claims of card-issuers arising from Target’s 2013 data breach.