Justin A. Hinkley reports: The state did not properly secure certain confidential records that included Social Security numbers, tax information and personal health information, state auditors reported Thursday. Auditors found no instances of a security breach at the state Department of Technology, Management & Budget’s Records Management Services, but found several issues that put Michiganders’ personal information…
Category: Commentaries and Analyses
UK: TLT v SoS: How do you quantify damages for data breaches?
Cynthia O’Donoghue and Chantelle Taylor write: A recent High Court decision, TLT and others v Secretary of State for the Home Office [2016] EWHC 2217 (QB) (“TLT v SoS”), paves the way for the greater recognition of distress in cases of data breaches and the misuse of private information. The victims of a data breach, in this case asylum…
UK: Vicarious liability for data security breaches by employees
James Hyde writes: Précis Axon v Ministry of Defence and News Group Newspapers Ltd [2016] EWHC 787 (QB) The High Court dismissed a claim for misuse of private information and breach of confidence brought by a former Commanding Officer of a Royal Navy frigate, against the Ministry of Defence where a fellow employee disclosed confidential…
Anxiety not a claim for damages in Barnes & Nobles data breach case
Karen Kidd writes: Plaintiffs in a data breach class action lawsuit against Barnes & Noble fixed their standing problem but still couldn’t adequately allege damages, a Pittsburgh attorney says. “Upon analyzing the facts, this was not a particularly surprising ruling,” Brian Willett, an associate with Reed Smith, said. “However, it was significant in the data privacy…
FTC Issues Guidance for Responding to Data Breaches
Caleb Skeath writes: On Tuesday, the FTC issued new guidance for businesses on responding to data breaches, along with an accompanying blog post and video. The data breach response guidance follows the issuance of the FTC’s “Start with Security” data security guidance last year and builds upon recent FTC education and outreach initiatives on data security and cybersecurity issues. The FTC’s data…
IES users’ data leaked due to ‘inadequate’ security measures: PDPC
Kelly Ng reports: The Institution of Engineers, Singapore (IES) could have “easily detected” and patched security flaws on its website, which had resulted in more than 6,000 users’ personal data being comprised in a data leak in October 2014, said the Personal Data Protection Commission (PDPC) in findings on the incident that it released publicly…