Christopher Brown reports: A data-breach victim whose personal information was subject to actual misuse has standing to sue the entity that suffered the breach, a federal appeals court said. Plaintiff Alexsis Webb plausibly alleged an injury-in-fact sufficient to confer standing to sue Injured Workers Pharmacy Inc. based on her allegation that information stolen from the…
Category: Legislation
French Govt. Wants to Inject Domain Blocking Lists Directly Into Web Browsers
From TorrentFreak: A coordinated effort to associate online piracy with malware, identity theft and banking fraud, is well underway. As a result, legislation beyond copyright infringement is likely to play a key role in tackling piracy moving forward. The French government’s current plan for tackling online harms envisions state-operated domain blocking lists being injected directly…
UK: Prosecution of tracing agent for illegally obtaining personal information
An enforcement action and prosecution was announced by the U.K. Information Commissioner’s Office this week: A former tracing agent pleaded guilty and was fined for illegally obtaining personal information to check if customers of a high street bank could repay their debts. Michael Isaacs, 80, from Epsom, Surrey was the sole director of Datasearch Services…
FTC Says Genetic Testing Company 1Health Failed to Protect Privacy and Security of DNA Data and Unfairly Changed its Privacy Policy
The Federal Trade Commission charged that the genetic testing firm 1Health.io left sensitive genetic and health data unsecured, deceived consumers about their ability to get their data deleted, and changed its privacy policy retroactively without adequately notifying and obtaining consent from consumers whose data the company had already collected. As part of a proposed settlement with the…
Rural hospital cybersecurity protection bill moves forward
Noah Schwartz reports: The Rural Hospital Cybersecurity Enhancement Act made it out of committee and will now head to the Senate floor. The bipartisan legislation sponsored by Republican Sen. Josh Hawley and Democratic Sens. Josh Ossof and Gary Peters would require the Cybersecurity and Infrastructure Agency to develop workforce recruitment and cybersecurity training materials for rural hospitals….
SEC Delays Cybersecurity Rules
Micaela McMurrough, Ashden Fein, Caleb Skeath, and Shayan Karbassi of Covington & Burling write: Earlier this week, the Securities and Exchange Commission (“SEC”) published an update to its rulemaking agenda indicating that it does not plan to approve two proposed cyber rules until at least October 2023 (the agenda’s timeframe is an estimate). The proposed…