Rebecca J. Schwartz writes: On February 26, 2013, the United States Supreme Court in Clapper v. Amnesty International confirmed a demanding threshold showing for plaintiffs suing based on increased risk of harm in privacy-related. The decision effectively resolves a circuit split over the application of the Article III standing requirement in data breach cases. Plaintiffs must show that the…
Category: Of Note
Mandatory data breach notification law proposed in Canada
Nestor E. Arellano reports: With the Conservative government’s privacy reform bill sitting untouched after being introduced about two years ago, New Democractic Party MP Charmain Borg has introduced a private member’s bill that that would make it mandatory for organizations to report data breach incidents. Bill C-475, Borg’s proposed amendment to the federal Personal Information Protection and Electronics Document…
Crowd-sourcing an idea for a law
Thanks to partisan politics and intensive industry lobbying, we have no strong federal breach notification law. This, of course, is not news to my readers. But in light of (1) Congress’s current interest in cybersecurity and sharing of information, (2) the fact that up to 40% of breaches are first detected by members of the…
Follow-up: Former law firm employee sentenced to 13 years in prison for role in ID theft/tax refund fraud ring
Jay Weaver provides an update with additional details on a breach involving Rodney St. Fleur, an employee of a Miami law firm who misused his access to LexisNexis database searches to steal over 20,000 individuals’ information for a tax refund fraud scheme. Weaver reports that in court, St. Fleur admitted that he had stolen the…
What can we learn from a statistic that 1 in 4 recipients of breach notification letters become victims of ID fraud?
I haven’t read the new Javelin Strategy & Research report because it’s pricey, but their press release on it contains some of its key findings. Of note: … nearly 1 in 4 data breach letter recipients became a victim of identity fraud, with breaches involving Social Security numbers to be the most damaging. If 1 in…
Magistrate Recommends Dismissal with Prejudice of Claims Against Global Payments
Craig Hoffman writes: Global Payments, which processes credit card transactions, announced on March 30, 2012 that an unauthorized person gained access to a portion of its processing system. Global Payments later disclosed that Track 2 data (card number, expiration date, verification code but not cardholder name or address) of 1.5 million cardholders were taken. Three…