Insights on Privacy, Data Protection & Data Security

Mobile advertising company InMobi, whose advertising network reaches more than one billion devices worldwide through thousands of apps, has settled with the Federal Trade Commission over charges that it “deceptively tracked” the locations of hundreds of millions of consumers without their knowledge

In St. Paul Mercury Insurance Company v. Tessera, Inc., the federal court held that a lawsuit against an insured alleging a breach of a license agreement did not constitute a violation of an intellectual property right.

Data breaches continue to complicate the interpretation and understanding of commercial insurance policies. But even as courts confront thorny questions presented by cyber security policies, they continue to rely on long-standing principles of insurance and contract law.

Consumer advocate groups—Public Knowledge, Consumer Watchdog, Center for Digital Democracy, Consumer Action, TURN-The Utility Reform Network and Consumer Federation of America—recently filed a complaint with the Federal Trade Commission and a petition with the Federal Communications Commission agai

From automated cars, syncing software, to wearable devices that interact with a vehicle, it is clear that our time in the car is under an era of rapid change.

A German data protection regulator reportedly fined 3 companies—Adobe Systems, Punica, and Unilever—a total of 28,000 euros ($32,000) for continuing to rely on the Safe Harbor framework.

On May 25, 2016, the White House released its much anticipated Data Security Policy Principles and Framework (Security Framework) for President Obama’s Precision Medicine Initiative (PMI).

The concept of standing – that a plaintiff must have suffered a concrete injury in order to bring a lawsuit – is a bedrock legal principle. But, like so many other fundamental legal concepts, the rise and importance of the internet and digital commerce has consistently complicated its application.

On Monday, the US Supreme Court sent a potential class action case back to the Ninth Circuit for reconsideration, marking an intermediary win for Spokeo Inc., which uses a “people search engine” to find, compile, and sell publicly available personal information.

The California Office of the Attorney General (OAG) recently released a report detailing a comprehensive analysis of the data breaches reported to the OAG between 2012 and 2015.

The Federal Trade Commission recently issued warning letters to companies whose mobile applications contain cutting-edge software that can monitor consumers’ television viewing habits.

Anthony Lupo will speak on a panel at the 2016 Legal & Regulatory Conference hosted by the Personal Care Products Council.

On April 14, 2016, the European Union formally adopted a new scheme – known as the EU General Data Protection Regulation (GDPR) – to protect the personal data of European residents.

Data breach notifications may be more common in Tennessee. Notably, the Governor recently signed into law a bill updating the current breach notification requirements by (a) requiring notice even where data is encrypted, (b) requiring notice within 45 days of discovery of the breach (barring a law e

On April 13, 2016, the Article 29 Working Party released its opinion on the EU-US Privacy Shield.

In the wake of the recent ransomware attack on Hollywood Presbyterian Medical Center, news reports have emerged that at least three more medical centers and a large health care system have been the victims of these attacks.

Costco Wholesale Corporation recently moved to dismiss a class action lawsuit alleging that the discount retailer printed more than the last five digits of a customer’s credit card number on her receipt, in violation of the Fair and Accurate Credit Transactions Act.

Following a settlement, ASUSTeK must maintain a comprehensive security program and endure 20 years of independent audits. The onus is on technology companies to ensure reasonable security measures and practices.

Cybersecurity may have rocketed to the top of management’s priority list in the wake of the recent cyberattack on Hollywood Presbyterian Medical Center (HPMC) that left the hospital unable to access some of its computer systems for ten days.

More details are still to come regarding the potential replacement to the invalidated Safe Harbor data transfer mechanism, the EU-US Privacy Shield.

On January 15, 2016, the National Highway Traffic Safety Administration (NHTSA) and 18 automakers pledged to work together to enhance safety and improve recalls. In addition, the automakers agreed to voluntarily work with the government to identify cybersecurity threats to cars and light trucks.

This morning, the European Commission and US Department of Commerce agreed on a Safe Harbor replacement deal, rebranded as the EU-US Privacy Shield.

The Federal and Trade Commission recently released a report outlining the benefits and risks involved in using big data.

The EU Commission, Parliament, and Council of Ministers recently reached an agreement on the General Data Protection Regulation (GDPR).