Chase Gunter reports: Rep. Ted Lieu (D-Calif.) is looking to toughen standards on private sector data breaches. His new bill was released the same day that Equifax announced that an additional 2.4 million Americans had their information stolen from the company, on top of the 145 million it had previously disclosed. Lieu wants to expand…
Category: Breach Laws
Luxembourg DPA Publishes Data Breach Reporting Form
On February 12, 2018, the Luxembourg data protection authority (Commission nationale pour la protection des donées, “CNPD”) published on its website (in Englishand French) a form to be used for the purpose of compliance with data breach notification requirements applicable under the EU General Data Protection Regulation (the “GDPR”). The CNPD also published questions and…
No concrete injury? No standing – Ninth Circuit
Shades of Spokeo. The Court of Appeals for the Ninth Circuit affirmed the dismissal of Bassett v. ABM Parking over the display of a full credit card number on a parking lot receipt: The panel affirmed the district court’s dismissal due to lack of standing in a putative class action alleging a violation of the…
Data breach notification bill passes in Nebraska Legislature
Martha Stoddard reports that the Nebraska legislature passed LB 757 on a 46-0 vote. The measure requires any individual or commercial entity holding personal information to implement and maintain security procedures. The same requirement would apply if the information is given to a third party. If a breach does occur, LB 757 would prohibit credit…
Update on Colorado’s Proposed Privacy and Cybersecurity Legislation
David M. Stauss and Gregory Szewczyk of Ballard Spahr LLP write: As we first reported in our January 22, 2018, alert, the Colorado legislature is considering legislation that, if enacted, would significantly change Colorado privacy and data security law. On Wednesday, February 14, 2018, the bill’s sponsors submitted an amended bill that addresses issues raised by numerous stakeholders, including Ballard…
House Draft Data Security Bill Preempts Stronger State Safeguards
From EPIC.org: Rep. Luetkemeyer (R-MO) and Rep. Maloney (D-NY) circulated a draft bill, the “Data Acquisition and Technology Accountability and Security Act,” that would set federal requirements for companies collecting personal data and require prompt breach notification. The Federal Trade Commission, which has often failed to pursue important data breach cases, and state Attorneys General…