William K. Kane and Melissa M. Mikhail of SheppardMullin write: A brazen and sophisticated computer intrusion into the records of over 145 million Americans launched from computer hackers based in China led to recent criminal prosecutions under the Computer Fraud and Abuse Act. [1] Courts are willing to extend American law beyond U.S. boundaries often when criminal…
Category: Federal
Turkey: KVKK fines gaming company TRY 1,100,000 for breach notification violations
OneTrust DataGuidance reports: The Personal Data Protection Authority (‘KVKK’) published, on 23 June 2020, its decision (‘the Decision’) of 16 April 2020, fining a gaming company a total of TRY 1,100,000 (approx. €142,980) for data breach notification violations. In particular, the Decision concerns a data breach suffered by the gaming company in which hackers were…
Senate Approves Sinema Bipartisan Bill Supporting Identity Theft Victims
Hannah Hurley reports: Sinema’s bill creates a single point of contact at the Social Security Administration to resolve identity theft cases more easily. The U.S.Senate unanimously approved Arizona senior Senator Kyrsten Sinema’s and Republican Senator Chuck Grassley’s (Iowa) Improving Social Security’s Service to Victims of Identity Theft Act. Their bipartisan bill cuts red tape and creates…
FTC Reaches Settlement with Kohl’s over Allegations it Failed to Provide Victims with Information Related to Identity Theft
From the FTC, this press release: Kohl’s Department Stores, Inc. has agreed to pay a civil penalty of $220,000 to settle Federal Trade Commission allegations that the Wisconsin-based retailer violated the Fair Credit Reporting Act (FCRA) by refusing to provide complete records of transactions to consumers whose personal information was used by identity thieves. In…
Twitter and WhatsApp could face EU data privacy sanctions
The National reports: Twitter and Facebook’s WhatsApp are in the firing line as Europe’s leading privacy watchdog for US tech giants edges closer to delivering its first major sanctions under the region’s tough data-protection rules. The Irish Data Protection Commission said on May 22 that it finalised a draft decision linked to a data breach…
Third Circuit Offers Blueprint for Defeating Data Breach Class Actions
Jeffrey N. Rosenthal and David J. Oberly discuss how the Third Circuit offers defense attorneys a way to possibly get some data breach lawsuits dismissed. They write, in part: Taken together, Reilly and Horizon operate to create a diving line between circumstances where standing might exist in the Third Circuit. Under Horizon, standing can often be established where plaintiffs are…