On October 25, in the case of Camp’s Grocery, Inc. v. State Farm Fire & Casualty Company, the District Court for the Northern District of Alabama granted summary judgment in favor of State Farm Fire and Casualty Company (“State Farm”), concluding that State Farm did not have to defend or indemnify its policyholder, Camp’s
Cyber
Key Privacy & Cybersecurity Developments: June 22-26, 2015
Litigation and regulation surrounding privacy and cybersecurity is continuously developing, both within the government and the private sector. This digest summarizes the most notable events in data security this week.
Adobe Reaches Preliminary Settlement with Class Action Plaintiffs Over Breach
Adobe has asked the Court to approve a class action settlement stemming from a 2013 security breach. The settlement requires Adobe to implement reasonable security measures with respect to intrusion detection, network segmentation, and encryption, and to submit to a security audit to ensure implementation of the measures. Each named plaintiff in the class will also receive $5,000, and Adobe will pay $1.18M in attorneys fees and costs.
[Adobe Settlement]
New Hampshire Student Data Bill Passed
Effective August 11, 2015, the New Hampshire Department of Education will be required to maintain a data security plan to protect the personally-identifiable information of it students and teachers, which includes privacy compliance standards, privacy and security audits, a breach notification plan, and a data retention policy.
EPIC Files Request with FTC to Investigate Uber Customer Tracking
The Electronic Privacy Information Center has filed a request for investigation with the Federal Trade Commission, asking the FTC to investigate Uber’s new privacy policy seeking customers’ permission to collect geolocation and contacts data from users when the application is running in the background. EPIC argues that this practice is not necessary for Uber to operate, and should be banned.Continue Reading Key Privacy & Cybersecurity Developments: June 22-26, 2015
Key Privacy & Cybersecurity Developments: June 15-19, 2015
Litigation and regulation surrounding privacy and cybersecurity is continuously developing, both within the government and the private sector. This digest summarizes the most notable events in data security this week.
Privacy Advocates Quit Facial Recognition Talks with NTIA
After 16 months of working with with the National Telecommunications & Information Administration, nine privacy and consumer groups withdrew from discussions regarding the creation of a voluntary code of conduct for companies using facial recognition technology. The groups were unable to reach a consensus with the NTIA over the level of consumer approval that should be required for the use of facial recognition technology.
[Talks with NTIA]
LastPass Data Breach
Password management company LastPass revealed on June 15th that unauthorized users hacked into its system and accessed users’ email addresses, password reminders, and other authentication information. LastPass has assured users that data vaults were not exposed.
[LastPass]
LinkedIn Settles Proposed Email Harvesting Class Action for $13M
LinkedIn agreed to pay $13M to settle a proposed class action suit alleging that the company accessed users’ email contacts without permission to send out LinkedIn invitations. LinkedIn also agreed to change its disclosure language related to email account access and invitations to connections.
[LinkedIn]Continue Reading Key Privacy & Cybersecurity Developments: June 15-19, 2015