You are here
Home > Posts tagged "JD Supra"

Countdown to the CCPA: What are the Potential Costs of a Data Breach?

If there's the slightest chance that one of your customers is a Californian resident, given the litigious nature of our West Coast friends I suggest you review your liabilities and insurance cover in time for January...: When the California Consumer Privacy Act (“CCPA”) takes effect in January 2020, California will become the first state to permit residents whose personal information is exposed in a data breach to seek statutory damages of between $100-$750 per incident, eve

UK Supreme Court upholds first successful claim for breach of the “Quincecare” duty financial institutions owe their customers

I've reproduced the whole article because it raises an important issue. Financial institutions have a duty of care to make sure funds are not misappropriated. Given the rise of Business Email Compromise (BEC), this is additional reason for compaies to ensure controls are in place to identify and stop fraudulent transactions...: In Singularis Holdings Ltd (In Official Liquidation) v Daiwa Capital Markets Europe Ltd ([2019] UKSC 50), the Supreme Court upheld the first successf

Navigating Privacy and Cyber Incident Notification and Disclosure Requirements

Screenshot of the ICO Report a Breach web page

This is from a US perspective. For we Europeans, a lot of these requirements are mandated by the regulator (here is the ICO advice on notification). It's worth keeping up to date with what happens elsewhere in the world so have a read of the original article...: Fulfilling a company's data breach and cybersecurity incident notification and disclosure requirements is an increasing challenge. Companies operating across industry sectors and around the world must satisfy a wide

The Long Reach of New York’s SHIELD Act

Much like GDPR, if you're capturing or processing information on NY state citizens, irrespective of where you're based, you need to take note...: States continue to pass legislation addressing the protection and breach of private information and, on July 25, 2019, New York joined the growing trend when Governor Andrew Cuomo signed the Stop Hacks and Improve Electronic Data Security Act (or “SHIELD Act”) into law. The SHIELD Act significantly amends New York’s data protection

Google Sued Under Illinois Biometric Information Privacy Act

Collecting biometric information (or using Google, Facebook etc that do it for you)? I expect to see legislation like BIPA rolled out (not in China obvs) so make sure you're not going to fall foul...: Another day, another suit against a brand name for allegations of violation of the Illinois Biometric Information Privacy Act (BIPA). Plaintiffs’ attorneys are having a field day filing class action lawsuits based on BIPA. Late last week, Google was sued in Cook County, Illi

Ethics Rules for Using Social Media in Legal Matters

The same rules apply to employers e.g. don't force your employees to 'friend' you...: Social media is increasingly important in eDiscovery, employment investigations and jury research. Using social media in legal and HR matters raises significant ethical issues. Lawyers and other legal professionals should keep these five ethics rules in mind. 1. Familiarity with relevant social media is part of legal competence. Competence is ethics rule number one – literally. ABA Mo

The notification dilemma – what can you tell the public when you don’t yet know the extent of a data security incident?

Useful tips about tuning your disclosure messages...: In June, BCLP hosted a high profile data breach seminar, in which industry specialists, the ICO’s Head of Investigations, a former convicted hacker and BCLP’s data breach team came together to conduct a mock data breach exercise and discuss issues that arise when firms are hit by a data breach in the current enforcement climate. During the seminar we asked our audience, made up of Execs, CISOs, DPOs, lawyers and other

CCPA Security FAQs: Can a consumer bring suit in a California state court under the CCPA even if they were not injured by a data breach?

Just in case you were wondering...: Yes, if they satisfy the elements of a CCPA data breach claim. Section 1798.150 of the CCPA permits consumers to “institute a civil action” if the consumer’s “personal information, as defined in subparagraph (A) of paragraph (1) of subdivision (d)... By: Bryan Cave Leighton Paisner

Privacy and Data Security Alert

Tightening of privacy legislation on the West Coast...: [...] Subject to the governor’s signature, California’s breach-notification law will gain additional requirements related to biometric information due to the passage of AB 1130. The bill adds “unique biometric data” to the definition of personal information where that data is generated from measurements or analysis of body characteristics for authentication purposes. Going forward, notices for breaches involving biometr