Continuing the trend of changes in state breach notification and related laws, Cal. A.B. 1710 amends California’s breach notification, security procedures, and Social Security number (SSN) laws in the wake of significant data breaches, particularly in the retail sector. (See “Changes in State Breach Notification Laws.”)
As data breaches continue to occur, breach notification laws are being amended or enacted. In the United States, state and federal breach notification laws should be monitored carefully regarding changes, as should breach notification laws in other countries (e.g., Canada).
As of July 15, 2014, 47 states (other than Alabama, New Mexico, and South Dakota) plus the District of Columbia, Guam, Puerto Rico, and Virgin Islands have breach notification laws. This article addresses changes in state breach notification laws.
Cybersecurity threats have reached a point where they cannot go ignored by any government agency,even the U.S. Securities and Exchange Commission. Although an agency that is tasked with protecting investors is not one that typically comes to mind in the battle against cyberthreats,the SEC does maintain jurisdiction over cybersecurity issues for public companies, broker dealers and investment advisers, due to its responsibilities for ensuring the disclosure of material information, integrity of market systems and customer data protection.
A New York trial court announced a decision on February 21, 2014, that may be a harbinger of wide-reaching limitations on insurance coverage for data breaches under commercial general liability (CGL) policies. The court’s ruling, while subject to appeal, demonstrates the hazards of relying on traditional CGL policies for coverage for data breaches. The lawsuit, Zurich… Read More
By: Gary Gansle, Jessica Linehan, and Kurt Whitman Addressing a recent hot topic regarding the forced disclosure of social media passwords and/or content as part of the employment application process, California has promptly resolved the issue legislatively. Effective January 1, 2013, employers in California are generally prohibited from requiring applicants and employees to disclose or… Read More
You may not, as reflected in the recently reported decision of Eagle v. Morgan, 2011 WL 6739448 (E.D. Pa. December 22, 2011) where both the employee and her former employer claim ownership in the employee’s LinkedIn account, the popular social networking site for business professionals. The dispute is starkly drawn in the litigation’s opposing pleadings… Read More
By Jamie M. Nafziger, partner Dorsey & Whitney Yesterday, ICANN approved the launch of its new generic top level domain name (gTLD) plan. It will accept applications for new gTLDs from January 12, 2012, to April 12, 2012. Under ICANN’s plan, anyone can apply to own and manage a gTLD, the part after the dot. … Read More
On January 26, 2011, the federal district court in the Northern District of California granted Facebook a default judgment against Philip Porembski and PP Web Services LLC for obtaining “login credentials for at least 116,000 Facebook accounts without authorization” and for sending “more than 7.2 million spam messages to Facebook users.” Facebook, Inc. v. Fisher,… Read More
LimeWire sounds innocent enough – a file sharing program that allows individual users to download music over the Internet, video and other files directly from the hard drive of another LimeWire user. LimeWire and other similar software, described as peer-to- peer software, is a popular way to avoid paying for music and movies. There is,… Read More
In the past six months approximately 6 class action lawsuits have been filed in Los Angeles federal district court against various companies for, among other things, violations of the Computer Fraud and Abuse Act (“CFAA”), Title 18 U.S. C. § 1030, based on advertising technology that tracks a computer’s web surfing practices. Unlike traditional cookies,… Read More