In our last post, we discussed the evolving standing landscape in class actions. That discussion highlighted the Third Circuit Court of Appeals’ recent decision in Horizon Healthcare, where the Court held that even without hard evidence that any of the plaintiffs’ personal information was used improperly, the alleged disclosure of information was enough to create a “de facto injury” sufficient to confer standing.
In a recent decision, the Third Circuit Court of Appeals reversed the lower court’s ruling on a motion to dismiss and held that class action plaintiffs had Article III standing on the basis of their data security Fair Credit Reporting Act (FCRA) claims.
Join us March 22, 2017 for a live webinar with F. Paul Greene, partner and chair of our Privacy and Data Security practice group and Reg Harnish, CEO of GreyCastle Security, to learn about the final set of DFS’s Cybersecurity Rules, which have been in force as of March 1, 2017.
In previous posts, we’ve highlighted the FTC’s broad regulation of the use, storage and protection of consumer data under Section 5(a) of the FTC Act and discussed how the FTC relies upon its authority under the Act to flex its muscles in the cybersecurity realm. The FTC’s touchstone for data protection is “reasonableness” and for guidance as to its expectations as to what is deemed reasonable, the FTC has pointed businesses to its speeches, congressional testimony, articles, blog entries, Commission materials and published settlements. It is for this reason that a blog post published last week on the FTC’s website regarding what to do if businesses are impersonated as part of a phishing scam is so interesting.
Last Friday, Federal Communications Commission (FCC) Chairman Ajit Pai announced his intent to block a controversial new privacy rule that was adopted under the Obama administration and intended to protect consumer information from disclosure by broadband Internet providers.