Photo of Paul Bond

Paul Bond

Subscribe to Paul Bond's Posts

A panel of the Seventh Circuit Court of Appeals (Wood, C.J., Kanne, J. and Tinder, J.) has reversed the dismissal of a data security breach class action lawsuit against luxury department store Neiman Marcus.

This lawsuit stemmed from a hacking incident in which “350,000 cards were potentially exposed; and 9,200 of those 350,000 cards were known to have been used fraudulently.” The company provided notices to consumers and a year of free credit monitoring. A number of class action lawsuits were brought by consumers, consolidated into the lawsuit Hilary Remijas v. Neiman Marcus Group, LLC. “The plaintiffs point to several kinds of injury they have suffered: 1) lost time and money resolving the fraudulent charges, 2) lost time and money protecting themselves against future identity theft, 3) the financial loss of buying items at Neiman Marcus that they would not have purchased had they known of the store’s careless approach to cybersecurity, and 4) lost control over the value of their personal information.”

The trial court dismissed the case for lack of Article III standing under Rule 12(b)(1) and declined to rule on defendant’s Rule 12(b)(6) argument. The Seventh Circuit found that at least some of plaintiffs’ alleged injuries passed Constitutional muster, even under the standards set forth in cases like Clapper v. Amnesty International USA.
Continue Reading Seventh Circuit Revives Data Security Breach Class Action Against Neiman Marcus: Finds Article III Standing In Class Expenses “Resolving Fraudulent Charges and Protecting…Against Future Identity Theft.”

On April 20, Virginia Gov. Terry McAuliffe announced that the state is establishing the nation’s first state-level Information Sharing and Analysis Organization (“ISAO”), intended to enhance the voluntary sharing of critical cybersecurity threat information in order to confront and prevent potential cyberattacks.

In the face of recent high-profile data breaches affecting both private and public

An artist photographed his neighbors through their windows, allegedly without their knowledge.  When the neighbors sued, a New York state court dismissed the case for failure to state a claim.  Now the New York Supreme Court, Appellate Division has affirmed that ruling.  Martha G. Foster, et al. v. Arne Svenson, index number 651826/13, in

A proposed settlement has been reached in the multi-district consumer litigation Target faces following a data breach that compromised at least 40 million credit cards during the 2013 holiday shopping season. The settlement, which requires Target to pay $10 million into a settlement fund and adopt specific data security measures, still needs court approval.

If

The Federal Aviation Administration (FAA) has long been studying the promise and perils of small unmanned aircraft systems (“UAS”), a.k.a. drones. The commercial potential of UAS technology is clear. Businesses are eager to use UAS to do everything from covering traffic accidents to taking real estate and wedding photos to delivering small parcels. However, the

Gov. Chris Christie has signed into law S. 562, which, as its title states, “Requires health insurance carriers to encrypt certain information.”

Violation of this new law constitutes a facial violation of the New Jersey Consumer Fraud Act, a powerful consumer remedies statute. The NJCFA can be enforced by the state attorney general, or

Cybersecurity is an increasing concern for companies. Last April, the UK Department for Business, Innovation & Skills (BIS) published the 2014 information security breaches survey: technical report. The report comprises the findings from two online questionnaires completed by 1,125 respondents, and contains a number of important cyber-attack statistics for both large organisations and small businesses.

On January 20, 2015, President Obama will address Congress with his annual State of the Union report. On Monday, the president spoke at the Federal Trade Commission, providing a “sneak peek” of the privacy and cybersecurity agenda that he intends to set.

Of the United States, the president remarked:
“We pioneered the Internet,

On the one-year anniversary of Target’s announcement that it had suffered a massive data breach, Judge Magnuson in the District of Minnesota cleared the way for a consumer class action against the retailer to move forward into discovery. Earlier this month, the court ruled that the financial institution class actions can also proceed.

In the