On October 22, 2013, the National Institute of Standards and Technology (NIST) released its Preliminary Cybersecurity Framework (“Framework”), marking one of the final steps in creating the “voluntary” Framework envisioned in an Obama Administration Executive Order (EO) issued earlier this year. That EO, which was designed to strengthen the cybersecurity of the United States’ critical […]
Security Breach
AvMed’s Novel Data Breach Settlement- First Time Payment to Plaintiffs Who Have Not Suffered Identity Theft as a Result of Data Breach
Recently, AvMed agreed to pay $3 million in a data breach settlement. What sets this apart from other data breach settlements is Plaintiffs who have not suffered identity theft as a result of the breach may nevertheless collect from the Settlement Fund. Plaintiffs who did not suffer identity theft claimed they were injured by overpaying […]
Kim Peretti Interviewed by BankInfoSecurity about Her Discussion at the 2013 Fraud Summit
On October 22, Alston & Bird’s Kim Peretti, Security Incident Management & Response Team co-chair, spoke at the 2013 Fraud Summit in a session titled “Post-Fraud Investigation: Effective, Efficient, Defensible.” Her presentation focused on how organizations must ensure they are prepared to respond effectively, efficiently and defensibly when they detect fraudulent activity. Following the conference, […]
Prior Express Written Consent Now Required for Sending Marketing Messages via Robocall or Text Message; Questions Remain Regarding Pre-Existing Databases and Purely Informational Messages
Companies that have amassed databases of consumers’ landline and mobile numbers for telemarketing purposes are left in a quandary as to whether they must obtain additional consent from consumers to comply with the new Telephone Consumer Protection Act (“TCPA”) rule. As of Wednesday October 16, 2013 companies that use prerecorded calls, autodialers or text messages […]
California S.B. 46 Expands Data Breach Notification Law to Include Breaches of User Names and Email Addresses for Online Accounts
California Governor Brown is preparing to sign into law a new data security breach notification bill (S.B. 46) that expands the coverage of California’s existing breach law to include breaches of individuals’ online user names and email addresses, when acquired in combination with passwords or a security question and answer that would permit access to […]