On October 22, 2013, the National Institute of Standards and Technology (NIST) released its Preliminary Cybersecurity Framework (“Framework”), marking one of the final steps in creating the “voluntary” Framework envisioned in an Obama Administration Executive Order (EO) issued earlier this year. That EO, which was designed to strengthen the cybersecurity of the United States’ critical […]
Crisis & Data Breach Response
FTC Chairwoman Reiterates Support for National Data Breach Law with FTC Enforcement Powers
At the National Consumers League Conference on identity theft, held on December 12, 2013 in Washington, D.C., Federal Trade Commission (“FTC”) Chairwoman Edith Ramirez pushed for a federal data breach law featuring the FTC as the “enforcer.” Chairwoman Ramirez engaged in a keynote discussion with former FTC Chairwoman Deborah Platt Majoras and made her position […]
AvMed’s Novel Data Breach Settlement- First Time Payment to Plaintiffs Who Have Not Suffered Identity Theft as a Result of Data Breach
Recently, AvMed agreed to pay $3 million in a data breach settlement. What sets this apart from other data breach settlements is Plaintiffs who have not suffered identity theft as a result of the breach may nevertheless collect from the Settlement Fund. Plaintiffs who did not suffer identity theft claimed they were injured by overpaying […]
Kim Peretti Interviewed by BankInfoSecurity about Her Discussion at the 2013 Fraud Summit
On October 22, Alston & Bird’s Kim Peretti, Security Incident Management & Response Team co-chair, spoke at the 2013 Fraud Summit in a session titled “Post-Fraud Investigation: Effective, Efficient, Defensible.” Her presentation focused on how organizations must ensure they are prepared to respond effectively, efficiently and defensibly when they detect fraudulent activity. Following the conference, […]
Prior Express Written Consent Now Required for Sending Marketing Messages via Robocall or Text Message; Questions Remain Regarding Pre-Existing Databases and Purely Informational Messages
Companies that have amassed databases of consumers’ landline and mobile numbers for telemarketing purposes are left in a quandary as to whether they must obtain additional consent from consumers to comply with the new Telephone Consumer Protection Act (“TCPA”) rule. As of Wednesday October 16, 2013 companies that use prerecorded calls, autodialers or text messages […]