Are You Ready for the General Data Protection Regulation (GDPR)?

The impact will be significant and yes, U.S. businesses will be impacted. GDPR will impact any U.S. company that has a web presence and markets their goods or services to European markets. A recent study by the International Association of Privacy Professionals indicated that Fortune’s Global 500 will spend roughly €7.8 billion to implement GDPR. IAPP also estimates that …

The Fate of WHOIS Under the GDPR: Privacy and Safety on the Internet

As of May 25, 2018, a new EU regulation will make the collection of data and tracking of online selling activity illegal – potentially shielding would-be counterfeiters and trademark infringers from detection in the purchase and sale of counterfeit goods. By Anne Aikman-Scalese Privacy advocates hail the new EU General Data Protection Regulation (GDPR) as …

Court Breathes Life Into Lawsuit Over Inaccurate Online Data

Last Tuesday, the U.S. Court of Appeals for the Ninth Circuit revived a California man’s lawsuit accusing Spokeo, Inc. of violating the Fair Credit Reporting Act (“FCRA”). The FCRA regulates any “consumer reporting agency” that furnishes a “consumer report,” and those terms are broadly defined to include operators such as Spokeo. The lawsuit arose when …

New Mexico Passes Data Breach Notification Legislation

Last week, the New Mexico state legislature passed a bill requiring that New Mexico state residents be notified if their non-encrypted “personal identifying information” (including biometric data) is breached. Once the bill is signed into law, New Mexico will join 47 other states with similar notification laws, and the only two hold-outs will be South Dakota and …

Congress Offers Cybersecurity Guidance for Small Businesses

Shane Olafson - Cyber Security

Earlier this week the House Small Business Committee published new cyber security and data privacy guidance for small businesses.  Those publications can be found at http://smallbusiness.house.gov/resources/committee-publications.htm, and come on the heels of a Committee hearing that highlighted cyber risks facing small businesses. According to the Committee, nearly 60 percent of small companies go out of …

Federal Court Limits FTC’s Power to Police Data Breaches

The Federal Trade Commission (FTC) is the government agency primarily responsible for imposing penalties on companies that fail to protect consumer data.  It does so under Section 5 of the Federal Trade Commission Act, which prohibits “unfair and deceptive acts or practices in or affecting commerce.” This case began in 2008, when someone found a …

Would You Like the Data Theft Option with that Rental Car?

According to a recent Federal Trade Commission (“FTC”) blog post, consumers should think twice before connecting their cell phones to a rental car.   The FTC warns that the vehicle could record all kinds of data, including your personal contacts, location, web browsing, and even your text messages. This blog post written by an FTC staff attorney …