Privacy, Cyber & Data Strategy Team

In a departure from most other courts, the United States Court of Appeals for the First Circuit has concluded that Maine law allows plaintiffs to recover certain damages arising from a data breach. Anderson v. Hannaford Bros. Co., — F.3d —-, 2011 WL 5007175 (1st Cir. Oct. 20, 2011). Hannaford’s holding regarding damages, as described […]

In response to various political pressures, including a letter dated May 11, 2011, from Senator Jay Rockefeller (D-WV) and four other senators to SEC Chairman Mary Schapiro, the Staff of the Security and Exchange Commission’s (SEC) Division of Corporation Finance issued guidance on October 13, 2011 regarding its views on disclosure obligations relating to cybersecurity […]

This afternoon the House Republican Cybersecurity Task Force announced a report containing its recommendations on federal cybersecurity legislation pursuant to a request by the House Republican leadership to examine four critical areas: critical infrastructure and incentives, information sharing and public-private partnerships, existing cybersecurity laws, and legal authorities. The Task Force recommends actions which could be accomplished in […]

In light of changes in technology, particularly in the mobile, interactive gaming and social networking space, this past week the FTC formally requested comments to its proposed changes to the Children’s Online Privacy Protection Rule (“COPPA”).  Comments on the proposed changes are due November 28, 2011. The changes focus on five substantive sections of the […]

The Illinois breach notification law was amended on August 22 to add specifics for breach notifications to Illinois residents. The notifications now must include contact information for the credit reporting agencies and the Federal Trade Commission as well as a statement that the individual can obtain information from these sources about fraud alerts and security […]