Dena Castricone of Murtha Cullina writes: Two courts. Two days. Two different results. On March 7, on remand from the U.S. Court of Appeals for the Eighth Circuit, a federal district court judge in Minnesota granted a motion to dismiss a consumer class action suit involving a 2014 data breach affecting over 1,000 grocery stores. …
Category: Breach Laws
Alabama Senates Passes Data Breach Notification Act
Maya Atrakchi and Joseph Lazzarotti of Jackson Lewis write: There are only two states in the U.S. that have yet to enact data breach notification laws, but that may change in 2018. Several weeks ago, the South Dakota state legislature announced that a data breach notification bill (Senate Bill No. 62) was pending. Now, Alabama…
Lawmaker looks to boost FTC power in data breach enforcement
Chase Gunter reports: Rep. Ted Lieu (D-Calif.) is looking to toughen standards on private sector data breaches. His new bill was released the same day that Equifax announced that an additional 2.4 million Americans had their information stolen from the company, on top of the 145 million it had previously disclosed. Lieu wants to expand…
Luxembourg DPA Publishes Data Breach Reporting Form
On February 12, 2018, the Luxembourg data protection authority (Commission nationale pour la protection des donées, “CNPD”) published on its website (in Englishand French) a form to be used for the purpose of compliance with data breach notification requirements applicable under the EU General Data Protection Regulation (the “GDPR”). The CNPD also published questions and…
No concrete injury? No standing – Ninth Circuit
Shades of Spokeo. The Court of Appeals for the Ninth Circuit affirmed the dismissal of Bassett v. ABM Parking over the display of a full credit card number on a parking lot receipt: The panel affirmed the district court’s dismissal due to lack of standing in a putative class action alleging a violation of the…
Data breach notification bill passes in Nebraska Legislature
Martha Stoddard reports that the Nebraska legislature passed LB 757 on a 46-0 vote. The measure requires any individual or commercial entity holding personal information to implement and maintain security procedures. The same requirement would apply if the information is given to a third party. If a breach does occur, LB 757 would prohibit credit…