Iowa Governor Terry Brandstad has signed Senate File 2259, an act modifying provisions applicable to personal information security breach notification requirements. Iowa’s law will now require notice of breaches of unauthorized acquisition of information that is on paper (in addition to computerized data) and to require notice to the consumer protection division of the state […]
Privacy & Cyber Regulatory Enforcement
District Court Denies Wyndham Motion to Dismiss and Supports FTC’s Authority in Data Breach Cases
In Federal Trade Commission v. Wyndham Worldwide Corp., et al., No. 13-cv-01887-ES-JAD (D.N.J. Apr. 7, 2014), Judge Esther Salas of the U.S. District Court for the District of New Jersey denied Wyndham’s request for dismissal of the FTC’s lawsuit against the hotel resort chain as a result of getting hacked.* Wyndham had challenged the FTC’s […]
Kim Peretti to Speak at Georgetown Law’s Cybersecurity Law Institute
Kim Peretti, co-chair of the firm’s Security Incident Management & Response Team, will be a featured speaker during the second annual Cybersecurity Law Institute sponsored by the Georgetown University Law Center. Cybersecurity continues to stay in the news in 2014 as the White House calls for a “Consumer Privacy Bill of Rights” for the digital age. What […]
SIA Announces Revised Privacy Framework
The Security Industry Association (“SIA”) announced the revised SIA Privacy Framework on April 1, 2014. Building on the initial framework released in 2010, the revised SIA Privacy Framework is designed to provide guidance to companies seeking to establish adequate privacy policies to protect personally identifiable information and other sensitive data. This release outlines a core […]
Financial Regulators Release Statements on Cyber-Attacks
On April 2, 2014, the Federal Financial Institutions Examination Council (“FFIEC”) issued a press release, alerting that FFIEC members are issuing joint statements on the risks associated with cyber-attacks on Automated Teller Machine (“ATM”) and card authorization systems and the continued distributed denial of service (“DDoS”) attacks on websites. These joint statements highlight the risks […]