Class Action Suits Allege Violations of Illinois Biometric Information Privacy Act

As punch cards are replaced with retina scanners, and keys with fingerprint identification, employers are facing more lawsuits related to the protection of employees’ biometric data. Last week, an employee filed two separate class action lawsuits in Illinois against salad restaurant chain Sweetgreen and Philadelphia-based food services provider Aramark for violations of the Illinois Biometric […]

Read More

The FTC Provides Additional Guidelines on COPPA Compliance

On October 23, 2017, the FTC provided additional guidance on the COPPA Rule regarding the collection of audio voice recordings by organizations covered by the law. The FTC advised that the collection of an audio file from a child, even when such a file is being used solely as replacement for written words, falls within […]

Read More

Federal Judge Issues Opinion Concerning the Viability of Data Breach Claims

A federal judge in the Southern District of New York recently issued an opinion providing guidance concerning the viability of data breach claims, particularly in the context of a breach of employee information. Sackin v. Transperfect Global, Inc. involves a purported class action filed on behalf of Transperfect employees whose personally identifiable information (PII) was […]

Read More

Internet of Medical Things Resilience Partnership Act of 2017

A new bill called the “Internet of Medical Things Resilience Partnership Act of 2017,” H.R. 3985, was recently introduced in the House of Representatives. If passed as drafted, the bill will establish a working group of public and private entities led by the Food and Drug Administration (FDA) and National Institute of Standards and Technology […]

Read More

Two Significant Data Breach Cases Moving to Higher Courts

Two significant data breach cases have been appealed, and this past week, it was announced that one will be heard by the Supreme Court of Pennsylvania. The other has been stayed while plaintiffs move for certiorari before the United States Supreme Court. In Dittman v. UPMC d/b/a The University of Pittsburgh Medical Center, 2017 PA Super.  […]

Read More

Comment Deadline Approaching for NIST Information Security Framework

The public comment period, which began on August 15th, for The National Institute of Standards and Technology’s (NIST) draft, Revision 5, of Special Publication 800-53 “Security and Privacy Controls for Information Systems,” ends on Tuesday, September 12. The newest draft of SP 800-53 is part of a continuing drive to create a “unified information security framework […]

Read More

Delaware Amends Data Breach Notification Law

Delaware has joined the list of states amending their data breach notification laws, expanding the definition of Personal Information (PI) and adding requirements for credit monitoring, among other items. The changes will be effective on April 14, 2018. The Delaware amendments contain a hard deadline for providing notice, required notice to the state AG’s office, […]

Read More

Are Smart Contracts the Next Target for Hackers?

Smart contracts are poised to revolutionize the way transactions are handled in industries ranging from insurance and healthcare to financial services and even gambling.  However, smart contracts can be vulnerable to hacking. On July 19, Parity Technologies, a start-up that specializes in blockchain technology, released a security alert advising that hackers took advantage of a […]

Read More

NotPetya – What Should You Do?

It’s been three days since the outbreak of NotPetya, and we are beginning to learn more about it. Here are some quick things to know and some steps each company should take to help protect itself.

Read More