A class action lawsuit filed against PayPal in connection with a breach it suffered in 2017 was dismissed recently because the plaintiffs did not adequately allege PayPal’s intent to deceive investors. The litigation began after PayPal’s acquired TIO Networks Corporation, a smaller payment processor and platform. Post-acquisition, PayPal announced that it had discovered “security vulnerabilities” in TIO’s operations and it thus suspended TIO’s operations. At that point, TIO had not yet been integrated into PayPal’s platform. PayPal confirmed that it was investigating TIO’s security measures with the help of outside assistance, and that PayPal customers’ data remained secure. PayPal further confirmed that it was not aware of any breach of personal information maintained by TIO. The following month, however, PayPal announced that a breach of personal information had in fact occurred. Confidential information belonging to 1.6 million customers had been potentially compromised, causing PayPal’s stock price to drop by 5.75%.
Continue Reading Successful Dismissal of PayPal Class Action Over Breach Disclosures Serves as Risks Reminder
Personal Information
Vermont Updates Data Breach Notification Law
By Julia Kadish, Kari Rollins & Liisa Thomas on
Vermont recently amended its data breach notification law. The changes will go into effect July 1, 2020. As amended, the definition of “personal information” now includes the following when combined with a consumer’s first name or first initial and last name:
Continue Reading Vermont Updates Data Breach Notification Law
Privacy Hat Trick: Three New State Laws to Juggle
By Sheppard Mullin on
Posted in Advertising, Consumer Protection
Nevada, Oregon and New Jersey recently passed laws focusing on the collection of consumer information, serving as a reminder for advertisers, retailers, publishers and data collectors to keep up-to-date, accurate and compliant privacy and information collection policies.
Continue Reading Privacy Hat Trick: Three New State Laws to Juggle