The United States Court of Appeals for the Seventh Circuit recently affirmed the dismissal of a putative class action brought by financial institutions against Schnuck Markets, Inc., following a data breach impacting Schnuck beginning late 2012. The plaintiffs attempted to assert claims of negligence, negligence per se, various contract claims, and violation of Illinois consumer […]
Data Breach
SEC Adopts Statement and Interpretive Guidance on Public Company Cybersecurity Disclosures
The Securities and Exchange Commission (SEC) issued a press release announcing its unanimous approval of a statement by SEC Chairman Jay Clayton and interpretive guidance (the “2018 Guidance”) to assist public companies in preparing disclosures about cybersecurity risks and incidents. This is the first interpretive guidance published by the full Commission on the topic of […]
Privacy & Data Security Team Launches Unique GDPR Tracker Website
“To Harmonize or Not To Harmonize: That Is the Question.” With the the GDPR fast approaching on May 25, 2018, European Member States are getting ready with the implementation of national legislation. Although the GDPR is a regulation, and directly applicable in all Member States, it has left room for country-specific legislation in several different […]
Lenovo Wins Second Motion to Dismiss in Adware Class Action
By Jay Repko A California district court recently dismissed—for the second time—consumer claims that technology giant Lenovo Inc. violated New York’s Deceptive Acts and Practices Statute by selling laptops with preinstalled VisualDiscovery software that allegedly invades users’ privacy and exposes users to security breaches. In reaching this decision, Judge Haywood S. Gilliam, Jr. concluded that […]
Data Protection Litigation to Become a New Reality in Belgium
On November 16, 2017 the Belgian Senate adopted an “Act on the Establishment of the Data Protection Authority” (the “Act”). Following Austria, Germany, and the UK, Belgium is the fourth EU Member State to pass a domestic statute implementing the General Data Protection Regulation 2016/679 (“GDPR”) prior to its effective date of 25 May 2018. […]