Show: results per page
|California Attorney General Releases Data Breach Report|
Daniel J. McLoon, Michael G. Morgan, Jeffrey Rabkin, David W. Schecter, Gregory P. Silberman; Jones Day;
March 3, 2016, previously published on February 2016On Tuesday, February 16, 2016, the California Attorney General's Office released its Data Breach Report, analyzing the 657 data breaches reported to the Attorney General's office from 2012 to 2015. According to the report, the majority of the reported breaches were the result of security failures....
|New Decision Raises the Bar for FTC Enforcement Actions Over Data Security Practices|
Todd S. McClelland, Michael G. Morgan, Mauricio F. Paez, Jeffrey Rabkin, Gregory P. Silberman; Jones Day;
December 9, 2015, previously published on November 18, 2015A decision on November 13, 2015 has raised the bar for Federal Trade Commission ("FTC") enforcement actions over data security practices. (In re LabMD, Inc., F.T.C. ALJ, No. 9357, (11/13/15)). In order for the FTC to maintain an enforcement action under Section 5 of the Federal Trade...
|NIST's Privacy Risk Management Framework Released in Draft Report|
Todd S. McClelland, Daniel J. (Dan) McLoon, Michael G. (Mike) Morgan, Mauricio F. Paez, Gregory P. Silberman; Jones Day;
June 22, 2015, previously published on June 2015On May 29, 2015, the National Institute of Standards and Technology ("NIST") released Privacy Risk Management for Federal Information Systems (NISTIR 8062) as a draft report, introducing its newly developed Privacy Risk Management Framework ("Privacy Framework"). The stated...
|PCI DSS Version 3.1—SSL and Early Versions of TLS Are Deemed No Longer Secure|
Rachel A. Geist, Todd S. McClelland, Mauricio F. Paez, Gregory P. Silberman; Jones Day;
May 7, 2015, previously published on April 2015On April 15, 2015, the Payment Card Industry Security Standards Council ("SSC") released Version 3.1 of the Payment Card Industry Data Security Standard ("PCI DSS"). PCI DSS is a set of standards that dictate how merchants and other organizations in the payment cycle are...
|State of the Union Address Places the President's Privacy and Cybersecurity Proposals Front and Center|
Richard J. Johnson, Todd S. McClelland, Mauricio F. Paez, Gregory P. Silberman; Jones Day;
February 27, 2015, previously published on January 2015In his January 20, 2015, State of the Union Address, President Barack Obama notably focused on privacy and cybersecurity, stressing the urgent need for comprehensive legislation. He raised the specter of foreign nations and hackers shutting down American networks, stealing trade secrets, and...
|FINRA and SEC Issue Cybersecurity Reports Identifying Common Industry Practices|
Kyle T. Barrett, Richard J. Johnson, Todd S. McClelland, Mauricio F. Paez, Gregory P. Silberman; Jones Day;
February 26, 2015, previously published on February 2015New reports by the Financial Industry Regulatory Authority ("FINRA") and the SEC's Office of Compliance Inspections and Examinations ("OCIE") highlight the increased regulatory focus in the financial sector on cybersecurity. Both reports merit industry attention.
|President Obama Continues Push on Cybersecurity|
Todd S. McClelland, Michael G. Morgan, Mauricio F. Paez, Katherine S. Ritchey, Gregory P. Silberman; Jones Day;
February 26, 2015, previously published on February 2015On February 13, 2015, President Obama spoke to attendees of the White House Summit on Cybersecurity and Consumer Protection held at Stanford University. Calling the digital world a "sort of Wild Wild West," Obama and many corporate representatives announced developments intended to...
|California Attorney General Calls for Greater Data Protection, and Recommends Adoption of Chip and Pin Payment Card Technology|
Michael G. Morgan, Mauricio F. Paez, Katherine S. Ritchey, Gregory P. Silberman, Olivia C. White; Jones Day;
November 12, 2014, previously published on October 2014Data breaches are on the rise-and so is government enforcement action and data breach litigation. Retailers are not the only ones at risk; data breaches are affecting a growing number of industries. In addition to recent privacy enforcement actions from the Federal Trade Commission and now the...
|California Adds More Teeth to Its Data Breach Notification Law|
Gabriel Ledeen, Michael G. Morgan, Katherine S. Ritchey, Gregory P. Silberman; Jones Day;
October 16, 2014, previously published on October 2014On September 30, 2014, California's Governor Brown signed A.B. 1710, a bill establishing new requirements under California's data breach notification statute. The new law adds three provisions to the existing statute, California Civil Code section 1798.81.5: (i) it prohibits the sale, advertisement...
|Attorney General's Office Issues "Do Not Track" Disclosure Guidelines|
Richard J. Johnson, Ka-on Li, Mauricio F. Paez, Katherine S. Ritchey, Gregory P. Silberman; Jones Day;
June 11, 2014, previously published on June 2014The California Attorney General's Office recently issued a set of guidelines, titled "Making Your Privacy Practices Public" ("Guidelines"), designed to help companies develop "meaningful" privacy policies that provide transparency, accountability, and choice for online...