Can a company which provides a corporate e-mail account to a contractor, and then gets into a legal dispute with that contractor, use the contractor’s emails in that corporate account in the litigation? The answer appears to be no, in certain circumstances.
An agreement between Canada and the European Union over the sharing of air passengers’ personal information failed to pass muster in the European Court of Justice because Canada was found to have inadequate privacy protections.
In a law-heavy news roundup, Katie Cassel and I talk about New York’s dangerously prescriptive cybersecurity regs for banks and insurers.
One of defendants’ most significant arguments in opposing data breach victims’ negligence and breach of privacy claims has been that the claimants that have not suffered actual fraud or identity theft can show no cognizable injury and therefore lack Article III standing to assert their claims.
CSO recently predicted “a major uptick in cyber spending — to the tune of 12 to 15 percent year-over-year growth through 2021” in an article entitled “Cybersecurity spending outlook: $1 trillion from 2017 to 2021” which included these comments from the SANS Institute which were presented in February 2016.
Interest-Based Advertising Disclosure Requirements Become More Clear—and Potentially More Burdensome
Recent enforcement decisions within the digital advertising industry indicate a shift in—and a clarification of—the required disclosures for companies engaged in interest-based advertising (IBA).
The New York Department of Financial Services recently announced a new proposed rule, which would require financial institutions and insurers to implement strong policies for responding to cyberattacks and data breaches.
The proposed New York Department of Financial Services Cybersecurity Requirements for Financial Institutions (the “Regulation”) has many different aspects that are designed to bring about overall improvement in cybersecurity programs.
Back in the saddle again. Welcome back!
The Radio Shack bankruptcy case raised a fundamental question regarding the sale of personally identifiable customer information: Can it be done?