Category

Enforcement

22 December 2015

NAIC Amends Cybersecurity “Bill of Rights” for Insurance Consumers

On December 17, 2015, the Executive/Plenary Committees of the National Association of Insurance Commissioners (NAIC) unanimously adopted an amended version of the Cybersecurity “Bill of Rights.”  Renamed the “NAIC Roadmap for Cybersecurity Consumer Protections,” the document now states that while the NAIC believes consumers are entitled to the delineated protections, … Read More

EmailShare
16 December 2015

Agreement Reached on EU General Data Protection Regulation

After almost four years of intense negotiations, on 15 December 2015, an informal agreement on the proposed EU Data Protection Regulation was reached between the Council of Ministers and the European Parliament. An extraordinary meeting of the LIBE Committee is scheduled for 17 December 2015 for the 28 EU Member … Read More

EmailShare
14 December 2015

FTC & FCC Memorandum of Understanding on Consumer Protection

The Federal Trade Commission (FTC) and Federal Communications Commission (FCC) have been active in recent years in bringing consumer protection enforcement actions, with a particular focus on privacy and data security issues.  Recent regulatory action from the FCC associated with “net neutrality,” however, has blurred the line as to where … Read More

EmailShare
04 December 2015

Negotiations on the General Data Protection Regulations Continue

As the legislative journey for the General Data Protection Regulation (“GDPR”) nears its conclusion, last week (Nov. 27,2015) saw the publication of a further compromise text which left the door open for additional “trilogue” discussions on the much-debated subjects of administrative fines, data protection officers (“DPOs”), and data breaches, as … Read More

EmailShare
02 December 2015

The second edition of The Privacy, Data Protection and Cybersecurity Law Review is now available

The second edition of The Privacy, Data Protection and Cybersecurity Law Review appears as the world is converging on more privacy laws that cover more areas of business and are subject to more enforcement. Several Sidley lawyers in the Privacy, Data Security and Information Law practice have contributed to this … Read More

EmailShare
01 December 2015

FTC’s Action Against LabMD Dismissed Due to Inadequate Evidence of Harm; FTC Appeals

A recent ALJ Initial Decision may prove significant in data breach litigation and provide further aid to companies battling class actions with claims of future injury through identity theft.  On November 13, 2015, the administrative law judge hearing the FTC’s action against medical testing laboratory LabMD dismissed the FTC’s case … Read More

EmailShare
25 November 2015

Employee of Pharmaceutical Manufacturer Criminally Charged with Wrongful Disclosure of Patient Information for Marketing Purpose

On October 16, the United States Attorney’s Office for the District of Massachusetts filed a criminal information against a former Warner Chilcott district manager alleging that he had obtained and used patient protected health information (PHI) in violation of the criminal provisions of the Health Insurance Portability and Accountability Act … Read More

EmailShare
17 November 2015

New York Department of Financial Services Considers New Cybersecurity Regulations and Seeks to Promote Federal-State Regulatory Convergence – Would Go Well Beyond Protecting Customer Information

In a November 9, 2015 letter to members of the Financial and Banking Information Infrastructure Committee (“FBIIC”), the Acting Superintendent of the New York Department of Financial Services (“NY DFS”) outlined key elements of potential new regulations by the NY DFS addressing cybersecurity risk (“Cybersecurity Proposal”) and encouraged FBIIC members … Read More

EmailShare
17 November 2015

FCC Enforcement Bureau Issues First Privacy Enforcement Order Against a Cable Operator

On November 5, 2015, the Federal Communications Commission (“FCC” or “Commission”) issued its first ever privacy or data security enforcement order against a cable provider, Cox Communications, Inc. (“Cox”). The order adopted a consent decree entered into with the company, fining the company $595,000 for the breach. The order sets … Read More

EmailShare
06 November 2015

European Parliament Adopts Surveillance Resolution Aimed at Mass Surveillance and Prompting Progress on Safe Harbor 2.0

On October 29, 2015, the European Parliament adopted a resolution on the electronic mass surveillance of EU citizens (the “Resolution”). Positioned as a follow-up to its resolution of 12 March 2014 in which the Parliament called for the immediate suspension of Safe Harbor and put forward a number of recommendations … Read More

EmailShare
XSLT Plugin by BMI Calculator