Photo of Kimberly Chow

The Federal Trade Commission’s recent settlement with VIZIO, Inc., may have created a new definition of “sensitive information” that includes viewing data, but the opinion of Acting Chairperson Maureen Ohlhausen may provide further insight on how the agency will act under the new administration.

On February 6, the FTC settled charges with VIZIO, one of

The FDA represents the latest federal agency to show a focus on cybersecurity issues with the release December 28 of new guidance. While the prospect of network-enabled medical devices increasingly offers the promise of improved care and patient treatment, evolving technology and new-found connectivity present emerging security considerations as well.

The Food and Drug

Officers and directors may breathe a temporary sigh of relief following the recent dismissal of the Home Depot data breach derivative case. Others will look to the facts for guidance.

The complaint alleging the board had breached its fiduciary duties by “knowingly and in conscious disregard” failing to ensure that Home Depot took reasonable measures to protect its customers’ personal and financial information was dismissed with prejudice.  The November 30, 2016 ruling by the Northern District of Georgia acknowledged that this was an “incredibly high hurdle” to surmount, signalling for at least the second time that D&O claims in derivative actions face an uphill pleading climb.
Continue Reading Officers and Directors Spared Home Depot Data Breach Derivative Lawsuit

With the election of current California Attorney General Kamala Harris to the U.S. Senate, Governor Jerry Brown was tasked with appointing her replacement. On December 1, he announced that his pick is U.S. Representative Xavier Becerra, head of the House Democratic caucus.

Becerra was first elected to the House in 1992 and has also served

On October 25, the Federal Trade Commission released “Data Breach Response: A Guide for Business,” its latest guidance on data privacy and security regulation. The Guide seeks to help businesses comprehend the Agency’s understanding of both legal requirements and best practices, although what is legally required versus what is encouraged continues to be challenging for many companies to identify in these pronouncements.

Although the Guide is not a regulation, the Commission has historically used such guidance to help signal where its enforcement efforts might focus as it evaluates companies’ conduct. The introduction suggests that the FTC considers following its advice to be at least one way to “make smart, sound decisions.”

The Guide outlines tasks for companies affected by a breach:

  • Secure Your Operation
  • Fix Vulnerabilities
  • Notify Appropriate Parties

Continue Reading FTC’s New Guidelines Provide Agency View on Data Breach Response

In an election season in which it seems Americans cannot agree on much, a new poll shows that data privacy and security reform is a unifying issue.

The U.S. Chamber of Commerce Institute for Legal Reform (ILR) has released the findings of a poll shedding light on American voters’ perception of the legal landscape for

On October 26, the Federal Communications Commission convened a second meeting of the Robocall Strike Force, which has been working for two months to develop solutions to the problem of illegal and unwanted robocalls. The Strike Force, led by AT&T CEO Randall Stephenson, was established at the behest of FCC Chairman Tom Wheeler, and is composed of members from 33 companies in the telecommunications industry. Its charge was to develop innovative and comprehensive solutions to detect and prevent undesired calls to consumers.

Unwanted phone calls and text messages continue to be the number one complaint to the FCC by a wide margin, and the volume of such complaints continues steadily to rise, despite the Commission’s laborious efforts, through rulemakings and the issuance of declaratory rulings, to interpret the Telephone Consumer Act (TCPA), the statute giving the FCC authority over unwanted calls, in a more and more consumer-friendly fashion, and despite both a stepped-up enforcement at the FCC and a continuous deluge of private class action lawsuits.Continue Reading FCC Robocall Strike Force Releases Its Report on Curbing Unwanted and Illegal Robocalls

California Attorney General Kamala Harris is enlisting new enforcers in her efforts to get companies to comply with the state’s privacy policy requirements: members of the public.

On October 14, Harris released an online form enabling consumers to report websites, mobile applications, and other online services that are violating the California Online Privacy Protection Act

Attorney General Maura Healey of Massachusetts has held her office since January 2015. Massachusetts has established itself as being on the cutting edge of data privacy regulations that call for robust written information security program and computer system requirements, and the attorney general’s office continues to be on the forefront of enforcement since its security