Uncategorized

On November 16th, 2012, the PCI Security Standards Council released an information supplement to the Payment Card Industry Data Security Standard (“PCI-DSS”) titled “PCI DSS Risk Assessment Guidelines” (the “Guidelines”). The Guidelines were authored by the Risk Assessment Special Interest Group (“SIG”) – a group of more than 60 organizations representing banks, merchants, security assessors […]

Today the European Commission’s Article 29 Working Party released Opinion 08/2012 providing further input on the EU’s revised Data Protection Regulation. The purpose of the Opinion is to provide “further guidance, notably on certain key data protection concepts and by analysing the need for and the effect of the proposed delegated acts and where necessary suggesting […]

In Curry v. AvMed Inc., No. 11-13694 (11th Cir. Sept. 5, 2012), the Eleventh Circuit found that the named plaintiffs sufficiently alleged injury and causation by including detailed allegations making it plausible, not merely possible, that their purported injuries resulted from the data breach. In AvMed, plaintiffs alleged that their identities were stolen as a […]

Chief executives of each of the Fortune 500 companies will soon receive a letter from Senator John D. Rockefeller IV  (D-W.Va.) asking them to describe how their companies address computer network security, or “cybersecurity.” In the letter, Senator Rockefeller explains that he is addressing Fortune 500 companies directly because of the recent stalling of the Cybersecurity Act […]

Rep. Ed Markey (D-MA) today introduced in the U.S. House of Representatives the “Mobile Device Privacy Act”, which was numbered H.R. 6377 and will be referred to the House Energy & Commerce Committee for further consideration. Congressman Markey serves as a member of the committee and Co-Chair of the Bi-Partisan Congressional Privacy Caucus. In his […]