The U.S. Court of Appeals for the 2nd Circuit recently upheld a district court decision dismissing a putative class action filed by two plaintiffs against the maker of the NBA2K videogame series. The plaintiffs alleged five violations of the Illinois Biometric Information Privacy Act (BIPA). The district court dismissed plaintiffs’ claims for lack of Article III standing, and the plaintiffs appealed.Continue Reading
The United States Supreme Court opinion in Spokeo (“Spokeo II) was viewed as a major decision in cybersecurity litigation. We at Mckenna Storer addressed the importance of that decision in this space in “No Harm, No Foul: Why Spokeo v. Robins is a Win for Data Privacy Defendants”. The results following that decision have been mixed for plaintiffs and defendants. In Spokeo II, the Court remanded the case to the U.S. Court of Appeals for the 9th Circuit, which recently issued its opinion on remand. The 9th Circuit held that Plaintiff has standing to sue Spokeo for violations of the Fair Credit Reporting Act (FCRA).
The Federal Trade Commission (FTC) recently updated its COPPA Compliance Plan for businesses. The Children’s Online Privacy Protection Act (COPPA) protects the privacy of children using websites and online services. Operators of websites and online services that collect personal information from kids under age 13 are covered by the Act. Failure to comply with COPPA can result in civil penalties up to $40,654 per violation. To assist business covered under COPPA, the FTC has published a 6-step compliance plan. In response to changing technologies in the marketplace, the FTC recently updated this plan.
New Mexico recently became the 48th state to enact a data breach notification law. On April 6, 2017, Governor Susana Martinez signed H.B. 15, New Mexico’s “Data Breach Notification Act” (the Act), into law. Currently, Alabama and South Dakota are the only states without a data breach notification law. The effective date of New Mexico’s Data Breach Notification Act is June 16, 2017.
E-mail marketing is a key component of most digital marketing strategies. One study measured the return on investment for e-mail marketing at 28.5% compared to 7% for direct mail. According to a different study by McKensey, the average order value is three times higher for e-mail marketing than for social media. Considering these statistics, along with the fact that the number of e-mail users worldwide is expected to reach 3 billion by 2020, e-mail marketing is clearly an important resource for businesses seeking to generate additional revenue. However, to effectively utilize an e-mail marketing campaign, businesses must comply with the applicable law regulating this activity, specifically the Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003 (CAN-SPAM Act).
There are many steps that a company should take to prepare for a data breach. As , one of the most important steps is to hire outside legal counsel. Not only will outside legal counsel advise the company how to comply with applicable legal requirements, but establishing a relationship with outside legal counsel will allow the company to shield certain communications that were made for the purpose of obtaining legal advice through the application of the attorney-client privilege.
As we begin the new year, it is important to look ahead at the privacy and data security issues that will impact businesses in 2017.
The Federal Trade Commission (FTC) recently released data breach response guidance for businesses. Data security has become an increasingly important issue to businesses of all sizes, so the FTC has tried to provide guidance in this area.
Drafting and maintaining a “Bring Your Own Device” (BYOD) policy is now a necessary component of any company’s privacy program. Advances in technology have provided employees the opportunity to use their own devices for work-related purposes. Now, a parent can use his/her personal laptop to remotely access a company computer while taking care of a sick child, or an employee can use an iPhone to reply to an e-mail while singing “Take Me Out to the Ballgame” at Wrigley Field. The use of employee-owned devices is a regular occurrence in most industries.
Cloud computing is available to everyone in various forms. As individuals we put our photos and music in the cloud and businesses can use the cloud for various functions including storing data and information. Cloud computing offers many benefits to businesses, but there are cyber liability and privacy and data security risks that come with this service as well. Knowledge of these risks and benefits is crucial for you to make the right decision when considering whether to move your business to the cloud.