Over the past few years, there has been a surge in class actions challenging companies’ privacy and data security practices. But, while the number of class actions continues to grow, the suits face several significant challenges, have afforded limited relief to individual consumers, and have provided no coherent privacy standards in the US By comparison, the primary government regulator, the … Continue Reading
The European Union wants to change that, by facilitating class actions for mass privacy and data breaches.
With the development of big data, the scope and impact of potential data breaches or losses have indeed significantly increased. In the EU, the GDPR comes into effect. Due to … Continue Reading
The U.S. Federal Trade Commission has approved Sears Holdings Management Corporation’s request to amend the terms of Sears’ 2009 consent order (the “Order”) in a manner that helpfully clarifies the lead U.S. privacy regulator’s views of notice and consent in the marketplace for mobile applications (“mobile apps”). After reviewing Sears’ petition and public comments, the Commission agreed with Sears that, … Continue Reading
In a case that could have far-reaching implications for how companies are held liable for data security lapses, the FTC issued an order and opinion unanimously overturning its Chief Administrative Law Judge’s (ALJ) November 2015 dismissal of charges that LabMD’s allegedly lax data security measures were unfair practices under Section 5 of the FTC Act (see our coverage of the … Continue Reading
In a move counter to the trending precedent in data breach litigation, the U. S. Court of Appeals for the Seventh Circuit ruled on July 20 that data breach plaintiffs whose personal information was potentially exposed in a confirmed hacking breach of a major retailer’s network alleged enough risk of harm to meet the standing requirements of Article III of … Continue Reading