Yesterday, the Federal Trade Commission announced three main topics that will be the focus of its Spring 2014 privacy seminars. The areas to be examined are: (1) Mobile Device Tracking; (2) Alternative Scoring Products; and (3) Consumer Generated and Controlled Health Data. The Mobile Device Tracking seminar, which is open to the public, will take […]
California’s New Privacy Law Covering Utility ‘Smart Meter’ Data Takes Effect on January 1, 2014
On January 1, 2014, California’s new “smart meter” privacy law goes into effect, which may impact Internet Service Providers, financial institutions and other businesses that handle or receive smart meter data. On October 5, 2013, California Governor Brown approved the law passed by the Assembly (A.B. 1274) that will require certain non-utility businesses to obtain the […]
David Keating Quoted in Law360
David Keating was quoted in a Law360 article titled “FTC Sets High Bar for COPPA Parental Consent Verification” and discussed the COPPA parental consent verification and how the Federal Trade Commission recently rejected the first attempt under the amended COPPA Rule at proposing a parental consent safe harbor method. “Given that data that is collected from […]
Department of Defense Publishes Safeguarding Rule Requiring Contractors to Follow NIST Security Standards, Report Cybersecurity Incidents
On November 18, the U.S. Department of Defense (“DoD”) published a final safeguarding rule (the “UCTI Safeguarding Rule”) applicable to contractors in possession of unclassified yet nonpublic technical information (“UCTI”) that requires them to, at a minimum, satisfy the security controls specified in NIST Special Publication (SP) 800-53 in order to safeguard UCTI. Additionally, the UCTI Safeguarding […]
AvMed’s Novel Data Breach Settlement- First Time Payment to Plaintiffs Who Have Not Suffered Identity Theft as a Result of Data Breach
Recently, AvMed agreed to pay $3 million in a data breach settlement. What sets this apart from other data breach settlements is Plaintiffs who have not suffered identity theft as a result of the breach may nevertheless collect from the Settlement Fund. Plaintiffs who did not suffer identity theft claimed they were injured by overpaying […]