Tag Archives: Data Security

Vermont Is First Mover Regulating Data Brokers

Vermont recently enacted a data broker security law, one of the first of its kind. The law, which went into in May, requires data brokers to develop and implement a comprehensive security program. The program needs to include administrative and technical safeguards to protect personal information. Data brokers are defined as businesses that collect and … Continue Reading

Colorado Enacts Stringent Data Breach Notification Law

Colorado’s governor recently signed into law an update to the state’s breach notice law.  As we reported yesterday the new law takes effect on September 1, 2018. As amended, the definition of “personal information” now also includes student, military or passport identification numbers, medical information, health insurance identification numbers, biometric data, and a resident’s username … Continue Reading

Colorado Joins States in Passing Data Protection Requirements

Colorado’s recently passed breach notice law, which goes into effect on September 1, includes a data security requirement. This mirrors the change to the Louisiana breach notice law we reported about yesterday. Under the law, companies will need to have “reasonable” security practices and procedures that protect personal information. Personal information is defined as social … Continue Reading

Louisiana Joins the Breach Notice Update Law Fray

Louisiana has joined the growing list of states updating their data breach notification law in 2018.  Others include, as we have reported, Arizona and Oregon. The law has now been amended to include biometric information, state ID number, and passport number in the definition of personal information. It also adds a 60-day notice timeline from … Continue Reading

Louisiana Adds Data Security Requirements to Breach Notice Law

Louisiana’s breach notice law has been amended to require companies to protect personal information. The definition of personal information matches that which -if breached- would give rise to a duty to notify. This includes name combined with social security numbers, drivers’ license (and state ID/passport numbers) or financial account numbers. The law applies to companies … Continue Reading

FTC Outlines Expected Privacy Program Elements in BLU Settlement

The FTC recently settled with the mobile phone company BLU Products, Inc., over allegations that the company was letting one of its vendors pull extensive and detailed personal information off of users’ phones. According to the FTC, BLU phones were pre-loaded with firmware updating tools made by ADUPS Technology. ADUPS, through its software, was then … Continue Reading

And Then There Was One: South Dakota Passes Breach Notice Law, Alabama May Not Be Far Behind

South Dakota recently became the 49th US state to enact data breach notification legislation. The new law takes effect July 1, 2018 and mirrors other states’ breach notice laws. Information that if breached, gives rise to a duty to notify is defined to include Social Security and government-issued identification numbers, account and payment card numbers … Continue Reading

There’s a Form for That? Breach Notices and State Reporting Portals

The recent launch by Massachusetts Attorney General of an online data breach reporting portal is a reminder that many states have such online reporting mechanisms. In Massachusetts, companies that have suffered a data breach and are required to provide notice to the MA AG can either continue to submit a hard copy notice to MA, … Continue Reading

Update on Data Breach and Data Privacy Class Actions Post-Spokeo

In May, the U.S. Supreme Court issued its opinion in Spokeo v. Robins, providing guidance on the “injury-in-fact” aspect of the constitutional standing requirement for putative class action plaintiffs.  136 S. Ct. 1540 (2016), as revised (May 24, 2016).  Spokeo was quickly hailed by both plaintiff- and defense-side lawyers as a major victory, but in … Continue Reading
LexBlog

By scrolling this page, clicking a link or continuing to browse our website, you consent to our use of cookies as described in our Cookie and Advertising Policy. If you do not wish to accept cookies from our website, or would like to stop cookies being stored on your device in the future, you can find out more and adjust your preferences here.

Agree