Nick Palmieri of Baker Botts writes: Healthcare providers wrestling with the legal fallout of cyber-attacks just received a fresh reminder from the District of Arizona: traditional tort and contract theories remain difficult to sustain after a breach, but consumer-fraud statutes can keep a case alive. In Johnson v. Yuma Regional Medical Center, fourteen patients sued the…
Category: Commentaries and Analyses
Huge Fines Imposed by Thailand’s PDPC: A Major Alert on Data Privacy Violations (Thailand)
Shunsuke Minowa and Poonyisa Sornchangwat of Nagashima Ohno & Tsunematsu write: 1. Background On 1 August 2025, Thailand’s Personal Data Protection Committee (“PDPC”) announced the issuance of 8 fines totaling THB 14.5 million (approximately USD 448,000), which were levied against one government agency and other private entities for non-compliance with the Personal Data Protection Act of 2019 (“PDPA”)…
Massachusetts AG Secures $795,000 Settlement for Alleged Data Security and Breach Notification Failures by Peabody Properties Inc.
A.J. S. Dhaliwal, Mehul N. Madia, Maxwell Earp-Thomas of Sheppard, Mullin, Richter & Hampton write: On August 19, Massachusetts Attorney General Andrea Joy Campbell announced a $795,000 settlement with a property management company for alleged violations of the Massachusetts Consumer Protection Act, and the Massachusetts Data Security Law and Data Security Regulations. The AG alleged that the…
3rd Circuit Clarifies Scope of Computer Fraud Abuse Act With Employer’s Policies
Riley Brennan reports: The U.S. Court of Appeals for the Third Circuit clarified this week that an employee’s purported violations of workplace computer use policies cannot be criminalized under federal law as long as there is no evidence of hacking or violations of trade secrets. On Tuesday, the federal appellate court affirmed the U.S. District Court…
We Get Privacy For Work — Episode 8: The Surge in Data Breach Lawsuits: Trends and Tactics
A podcast from JacksonLewis: Class action lawsuits in response to data breaches have skyrocketed as plaintiffs look to take advantage of courts’ perceived leniency regarding standing. On this episode of We get privacy for work, we discuss what employers can do to shore up their legal defenses in the event of a data breach….
South Korea fines SK Telecom US$97M over data breach
A big monetary penalty was anticipated for SK Telecom after a massive data breach. Now we know how big. Muhammad Zulhusni reports: South Korea’s biggest mobile carrier has been hit with a record fine after a massive data breach exposed the personal details of nearly half the country’s people. The Personal Information Protection Commission (PIPC)…