Maya Atrakchi and Joseph Lazzarotti of Jackson Lewis write: There are only two states in the U.S. that have yet to enact data breach notification laws, but that may change in 2018. Several weeks ago, the South Dakota state legislature announced that a data breach notification bill (Senate Bill No. 62) was pending. Now, Alabama…
Category: Breach Laws
Lawmaker looks to boost FTC power in data breach enforcement
Chase Gunter reports: Rep. Ted Lieu (D-Calif.) is looking to toughen standards on private sector data breaches. His new bill was released the same day that Equifax announced that an additional 2.4 million Americans had their information stolen from the company, on top of the 145 million it had previously disclosed. Lieu wants to expand…
Luxembourg DPA Publishes Data Breach Reporting Form
On February 12, 2018, the Luxembourg data protection authority (Commission nationale pour la protection des donées, “CNPD”) published on its website (in Englishand French) a form to be used for the purpose of compliance with data breach notification requirements applicable under the EU General Data Protection Regulation (the “GDPR”). The CNPD also published questions and…
No concrete injury? No standing – Ninth Circuit
Shades of Spokeo. The Court of Appeals for the Ninth Circuit affirmed the dismissal of Bassett v. ABM Parking over the display of a full credit card number on a parking lot receipt: The panel affirmed the district court’s dismissal due to lack of standing in a putative class action alleging a violation of the…
Data breach notification bill passes in Nebraska Legislature
Martha Stoddard reports that the Nebraska legislature passed LB 757 on a 46-0 vote. The measure requires any individual or commercial entity holding personal information to implement and maintain security procedures. The same requirement would apply if the information is given to a third party. If a breach does occur, LB 757 would prohibit credit…
Update on Colorado’s Proposed Privacy and Cybersecurity Legislation
David M. Stauss and Gregory Szewczyk of Ballard Spahr LLP write: As we first reported in our January 22, 2018, alert, the Colorado legislature is considering legislation that, if enacted, would significantly change Colorado privacy and data security law. On Wednesday, February 14, 2018, the bill’s sponsors submitted an amended bill that addresses issues raised by numerous stakeholders, including Ballard…