In a case that fundamentally challenges the Federal Trade Commission’s ability to regulate data security, the Commission has denied a motion to dismiss its own complaint against a cancer-detection laboratory LabMD for alleged data security...

Clients often ask whether we think a particular piece of privacy, data security, consumer protection or similar legislation will be passed by Congress. And, more often than not, the answer is no. I’d like to...

In two recent cases, certain contours of the cyber insurance industry were refined.  In the first case, a court found that the existence of a common law right of privacy thwarted an argument by an...

On January 1, 2014, a new data breach notification law will take effect in  California (of course).  The Golden State has been leading the charge for years in enacting data privacy and security standards and...

In a September 3 ruling, the Fifth Circuit overruled a district court and held that  New Jersey’s version of the “economic loss doctrine” permits a card issuer to sue a payment processor for negligence when...

Like most states, Missouri has in place a data breach notification law that requires any entity that experiences a data breach involving covered personal information to “provide notice to the affected consumer that there has...