Tag Archives: privacy

New Jersey Senate Passes Bill Limiting Identity-Card Scanning by Retailers for Limited Purposes

On June 22, 2017, the New Jersey Senate passed the Personal Information and Privacy Protection Act (“the Act”), now awaiting Governor Christie’s handling. The Act permits retailers to scan a person’s identity card (“I.D. card”) for specified purposes and limits the type of information that may be collected to the name, address, date of birth, … Continue Reading

ALERT: Ransomware – a Global Wake-Up Call

U.S. Regulator Warns of “Evidence” of Global Cyber Assault Occurring Inside the U.S. and Steps Your Company Should Take Against a Ransomware Attack  On Friday, May 12, 2017, Laura Wolf, Critical Infrastructure Protection Lead of the Department of Health and Human Services (HHS) issued a notification stating that: HHS is aware of a significant cyber security … Continue Reading

“W-2 Phishing Attacks Targeting Businesses to Cash in on Busy Tax Season: 10 Tips to Protect Your Business”

Cyber criminals are taking advantage of tax season to lure valuable W-2 information from vulnerable businesses. An example of a common phishing scheme starts with a scammer posing as a legitimate employee of a company, sending an email that looks like it is coming from an internal email address, often the Human Resources department or … Continue Reading

Recent Trends in Bankruptcy Sales of Customer Data

Introduction In 2005, Congress amended the Bankruptcy Code to address privacy concerns in connection with sales of customer data in bankruptcy cases. The Code was specifically amended to restrict or prohibit the sale of customers’ personally identifiable information – as defined by the Bankruptcy Code – when in violation of a debtor company’s existing privacy … Continue Reading

FTC Report Highlights Privacy Concerns and Best Practices for Cross-Device Tracking

On January 23, 2017, the FTC released a Staff Report (the Report) on cross-device tracking, a commonly used practice that allows companies to associate multiple internet-based devices with the same consumer in order to track behavior across devices. The Report follows the FTC’s Workshop on cross-device tracking, and alerts companies engaged in cross-device tracking of certain best … Continue Reading

FTC Settles Ashley Madison Data Breach Complaint

The operators of Ashley Madison, the dating website for married people that became famous following its massive data breach in 2015, settled claims brought by the Federal Trade Commission (“FTC”) regarding that breach and their security practices and representations. Ruby Corp., Ruby Life Inc., and ADL Media Inc. (collectively, “Ruby”), named as defendants, were responsible … Continue Reading

Proper Handling of Biometric Data — Lessons Learned from a $1.5 Million Illinois Class Action Settlement

In 2008, Illinois passed the Biometric Information Privacy Act, 740 ILCS 14/1 (the Act or BIPA), which requires companies to obtain a person’s consent before collecting that person’s biometric data. Illinois, unlike other states such as Texas, provides a private right of action for individuals whose data was collected without proper notification and consent. Under … Continue Reading

FCC Announces New Rules to Protect Online Privacy

On October 27, the Federal Communications Commission (FCC), by a 3-2 vote, approved new rules regarding how Internet Service Providers (ISPs) handle their customers’ browsing history, mobile location data and other sensitive information generated by virtue of their customers’ use of the Internet. The agency is looking to restrict ISPs ability to share with advertisers … Continue Reading

OCR: Businesses Sharing Consumer Health Information Must Also Comply With FTC Act

In October 2016, the OCR issued a bulletin clarifying that businesses collecting and sharing consumer health information must comply with the FTC Act. The OCR specifically called out disclosure statements, declaring “You must also make sure your disclosure statements are not deceptive under the FTC Act.” Businesses dealing with health information are likely already familiar … Continue Reading

Wearable Tech: Where Data Privacy Collides with Employment Law

As wearable devices like FitBit, Garmin, and Jawbone and a culture of wellness in the workplace proliferate, employers who adopt such technology should be mindful of federal and state privacy laws, as well as the myriad of employment laws that are implicated by the use of these devices. The aggressive stance taken by federal employment … Continue Reading

Bankruptcy Rules On Privacy Pose Risk to Unwary Creditors

With the advent of electronic case filing, the increased risk of identity theft, and proliferation of various privacy laws, creditors need to be more cautious than ever when filing their proofs of claim in bankruptcy cases to order to avoid inadvertent disclosure of the debtor’s personal information. This is of particular importance as to any … Continue Reading

FCC Chairman Proposes To Provide Broadband Consumers With Choice, Transparency & Security

Next week the Federal Communications Commission (FCC) will vote on a new proposal for privacy rules governing internet service providers (ISP). This follows on the FCC’s decision last year that high-speed internet carriers should be treated as public utilities (providing telecommunications services as opposed to information services). The decision was part of last year’s net … Continue Reading

Federal Legislation Seeks to Pre-Empt State Bills Mandating Smartphone Encryption Backdoors

On February 10, 2016, Representative Ted Lieu (D-California) and Representative Blake Farenthold (R-Texas) introduced a bill into Congress that would seek to pre-empt state efforts to require smartphone manufacturers to incorporate encryption “backdoors” for law enforcement and otherwise dictate smartphone design and encryption standards. Rep. Lieu, one of only four computer science majors serving in … Continue Reading

Breaking News- USA and EU Reach Data Transfer Agreement to Replace Safe Harbor

Today, the European Commission announced that the United States and the European Union reached a trans-Atlantic data transfer agreement called “EU-US Privacy Shield” to replace Safe Harbor. While the written text of Privacy Shield has not yet been released, the agreement introduces a new regime for trans-Atlantic transfer of Europeans’ data. We can expect to … Continue Reading

FTC’s First PrivacyCon Event Reveals Cutting Edge Research in Key Data Privacy Issues and Hot Topics on the FTC’s Radar

The FTC held its first PrivacyCon event on January 14, 2016, bringing together scholars, researchers, and the FTC to discuss the latest privacy and data security research in 5 topic areas: 1) state of online privacy, 2) consumer’s privacy expectations, 3) big data in algorithms, 4) the economics of privacy and data security, and 5) … Continue Reading

Sedgwick LLP Observes Data Privacy Day in Los Angeles

In honor of Data Privacy Day, Sedgwick LLP is proud to host a Privacy After Hours event on behalf of the IAPP this afternoon (January 28) at BottleRock LA, 1050 S. Flower #167, Los Angeles, CA 90015, beginning at 5:30 p.m. Everyone is invited to stop by and get to know other local privacy professionals.… Continue Reading

US/EU Safe Harbour Invalidated – The View from London

On 6 October, the European Court of Justice struck down the “Safe Harbour” agreement created by the EU Commission Decision 2000/520 for the transferring of personal data between entities located in the EU and the US, or even between a single company’s servers located in the US and the EU. The agreement was a cornerstone … Continue Reading

Sedgwick Cybersecurity and Privacy Chair John Stephens Published on Cyberextortion and Ransomware

John Stephens, Sedgwick partner and head of the firm’s Cybersecurity and Privacy Practice Group, has published an article in Corporate Counsel entitled “The Rise of Cyber-Extortion, and How to Fight Back.”  9-23-15 – Corporate Counsel – Stephens He was also recently published in the National Law Journal for his article “When Hackers Take Your Digital … Continue Reading
LexBlog