By

Edward R. McNicholas

26 August 2015

Third Circuit Affirms FTC Authority to Regulate Cybersecurity

On Monday, the U.S. Court of Appeals for the Third Circuit issued its much-anticipated decision in Federal Trade Commission v. Wyndham Worldwide Corp., No. 14-3514 (3d Cir. Aug. 24, 2015), holding that the Federal Trade Commission has the authority to bring an action under Section 5 of the FTC Act for allegedly “unfair” cybersecurity practices.

(more…)

EmailPrintShare
31 July 2015

NIST Releases New and Updated Information Security Guidance

In an effort to address growing concerns about security vulnerabilities in both the public and private sectors, the National Institute of Standards and Technology (NIST) has released a flurry of new and updated information security recommendations.  The latest recommendations address protections for sensitive data held by federal contractors, encryption standards, and security for federal Smart ID cards.

(more…)

EmailPrintShare
24 July 2015

FCC Issues Far-Reaching TCPA Declaratory Ruling

An already active TCPA class action bar is sure to become even more active after a significant Declaratory Ruling and Order from the FCC that, among other points, broadened what technologies may be considered autodialers, gave further strength to class actions based on reassigned cell numbers, and muddied the waters for constructing compliance mechanisms to support consumer revocation of consent.

On July 10, 2015, the Federal Communications Commission issued a declaratory ruling to resolve various concerns raised by 21 petitions regarding the Commission’s implementation of the Telephone Consumer Protection Act, which carries a $500 penalty for each call or text in violation.

(more…)

EmailPrintShare
15 June 2015

One Step Closer to the EU Data Protection Regulation

This week we moved one step closer to the adoption of the proposed EU Data Protection Regulation with the agreement by the Council of Ministers on its proposals for the draft Regulation. The Regulation has been described as the most lobbied piece of European legislation in history and, once adopted, will have a significant impact on governments, businesses and individuals.

(more…)

EmailPrintShare
26 May 2015

Identifying the Standards: DOJ, SEC and FTC Offer Guidance for Cybersecurity Preparedness

Although a frequent topic of discussion on Capitol Hill, no single standard for private-sector cybersecurity programs has yet to emerge. The National Institute of Standards and Technology (NIST) Cybersecurity Framework is often considered foremost among existing guidance, but several other agencies are also expressing views, including the following recent guidance from the Department of Justice (DOJ), the Securities and Exchange Commission (SEC) and the Federal Trade Commission (FTC). Significantly, both the DOJ and FTC tout the advantages of cooperating with law enforcement after a data breach by noting that such cooperation may lead to “regulatory” benefits.

(more…)

EmailPrintShare
14 March 2011

European Shift to Concrete Cost Analysis of Data Protection

BNA’s Privacy & Security Law Report

Following meetings held Feb. 24-25, the Council of the European Union released its ‘‘Conclusions’’ in response to the EU Commission’s Nov. 4, 2010 ‘‘Communication’’ proposing ‘‘a comprehensive approach on personal data protection in the European Union.’’ The Council is the main decision-making body of the European Union, comprising the ministers of the Member States. Depending on the issue on the agenda, each country is represented by the minister responsible for that subject (foreign affairs, finance, social affairs, transport, agriculture, etc.).

View Article

EmailPrintShare
XSLT Plugin by BMI Calculator