Menu

PH Privacy

Key Takeaways from the FTC’s Latest Privacy Enforcement
On January 8, the Federal Trade Commission (“FTC”) settled allegations with VTech, an electronic toy maker, for violations of the Children’s Privacy Protection Act (“COPPA”) and for failing to use reasonable and appropriate data security measures to protect its customers’ personal information. The enforcement action, resulting in fines of over $650,000, is the latest reminder that companies can expect the consumer protection agency to closely scrutinize the privacy and cybersecurity protections in the connected devices and platforms that make up the Internet of Things (“IoT”).
Less Biometric Security Is More Security: A Fifth Amendment Primer
Last month, District Judge Edmond Chang handed down a decision that held that the government, with a search warrant, can require individuals to use their fingerprints to unlock a phone using biometrics without violating the Fifth Amendment. Judge Chang’s decision follows a 2014 Virginia state circuit court decision, which also allowed the government to compel an individual to unlock his phone with his fingerprint.
State AGs Reach Settlement with Nationwide Over 2012 Data Breach
On August 9, 2017, attorneys general representing 32 states and the District of Columbia announced a settlement with Nationwide Mutual Insurance Co. and its unit Allied Property & Casualty (collectively, “Nationwide”) to resolve the states’ investigation into the company’s 2012 data breach.
Bi-Partisan Group of Senators Propose IoT Cybersecurity Legislation
On August 1, 2017, a bipartisan group of senators introduced the Internet of Things (IoT) Cybersecurity Improvement Act of 2017 that would require IoT devices purchased by the U.S. government to meet certain minimum security requirements.
Apple Opens New Data Center in China to Comply with the PRC’s New Cybersecurity Law
In a move that sets the stage for other global companies doing business in China, Apple announced on July 12, 2017, that it will open a new data center in China to locally host data in order to comply with China’s new cyber security law.
Complying with COPPA: FTC Releases Updated Six-Step Compliance Plan for Businesses
Earlier this week, the Federal Trade Commission issued an updated Six-Step Compliance Plan for Businesses to comply with the Children’s Online Privacy Protection Act (COPPA) Rule. We summarize two key changes in the updated plan and provide a short refresher on the six steps your company should take when considering COPPA.
Protecting Your Networks, and Your Brand: How to Avoid and Respond to Ransomware Attacks
Ransomware is daunting, but make no mistake: it is preventable. We outline how to protect your company, and how to respond if attacked.
Swiss Privacy Shield Update: Get Ready to Certify on April 12
In less than a month, on April 12, the U.S. Department of Commerce (“Commerce”) will begin accepting applications for the Swiss-U.S. Privacy Shield Framework (“Swiss-U.S. Privacy Shield”).
New York’s New Cybersecurity Rule for Financial Institutions & How It May Affect You
New York’s top banking regulator, the New York Department of Financial Services (“NYDFS"), recently issued a revised rule, effective March 1, 2017, that requires banks, insurance companies and other financial institutions regulated by NYDFS to establish and maintain a comprehensive cybersecurity program to respond to the growing threat of cyber-attacks.
40-Day Delay in HIPAA Breach Notification Costs Illinois Health System $475,000
The U.S. Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”), has recently announced its first Health Insurance Portability and Accountability Act (“HIPAA”) enforcement action for failure to timely comply with the HIPAA Breach Notification Rule (“Rule”), which came into effect in 2009.
1 2 3 4