Ira Nishisato and Éloïse Gratton of Borden Ladner Gervais LLP write: There is a new trend in Canada towards privacy class actions being launched following a cybersecurity breach or an improper disclosure of personal information. Indeed, privacy class actions triggered by data breaches are growing in popularity in Canada, with between twenty and thirty privacy…
Category: Commentaries and Analyses
Texas Broadens Unauthorized Access of Computer Law to Specifically Address Insider Misuse
Shawn E. Tuma writes that Texas just amended its unauthorized access of computers law to specifically address misuse by insiders. Here’s a snippet from his detailed post: Nothing was removed from the prior version of the law; the following language in blue italics was added as Section 33.02 (b-1)(2) of the Texas Penal Code: It is a crime for a…
U.S. Education Dept. ripe for breach more devastating than OPM’s
Teri Robinson reports: The Department of Education is primed for a large data breach that could eclipse the one experienced by the Office of Personnel and Management (OPM), House Oversight Committee Chairman Jason Chaffetz (R-Utah) said last week at a Brookings Institute function. With its rich set of data, including 139 million Social Security numbers and information…
Databases with voter information and the “database of ruin”
DataBreaches.net recently reported on two inadequately secured MongoDB databases that exposed voters’ information. The public’s reaction to these two incidents illustrated how little the majority of the public knows about what’s in a voter registration list and how such records are viewed by states. But the incidents also raise important questions as to whether existing laws provide adequate protection…
UK’s Information Commissioner repeats call for stronger sentences for data thieves
In the wake of another ridiculously light penalty for data theft, U.K.’s Information Commissioner, Christopher Graham, has repeated his call for stronger penalties. The comments come as an employee of a car rental company was sentenced for stealing customer information that accident claims companies could use to make nuisance calls. Sindy Nagra, 42, from Hayes, sold almost 28,000…
LabMD and Wyndham Decisions Curtail FTC’s Data Privacy and Security Reach
Alan L. Friel and Gerald J. Ferguson of BakerHostetler provide their interpretation of recent rulings: Both the administrative law judge’s decision in LabMD and the Third Circuit’s recent decision in Wyndham, which we previously blogged about, put the FTC on notice that it cannot assume that in the wake of a security breach, allegedly inadequate data security will necessarily constitute…