Breach Laws

California Amends Breach Notification Law

Hunton Andrews Kurth writes: On October 11, 2019, California Governor Gavin Newsom signed into law AB 1130, which expands the types of personal information covered by California’s breach notification law to include, when compromised in combination with an individual’s name: (1) additional government identifiers, such as tax identification number, passport number, military identification number, or...

LinkedIn Can’t Block Analytics Company From Scraping Profiles

Wendy Davis reports: LinkedIn can’t rely on a 33-year-old anti-hacking law to prevent prevent the analytics firm HiQ Labs from mining data, a federal appellate court ruled Monday. The ruling, issued by a three-judge panel of the 9th Circuit Court of Appeals, leaves in place an injunction that requires LinkedIn to allow publicly available...

FTC Takes Tougher Data Security Stance After LabMD Fight

Sara Merken reports: The Federal Trade Commission is issuing specific data security requirements to companies as part of agency settlements, policing businesses more aggressively than before, attorneys and former staff said. Proposed settlements reached this year with LightYear Dealer Technologies LLC, ClixSense.com, Unixiz Inc, and D-Link Systems Inc. show what the FTC is expecting...

Ireland, Poland Offer Guidance on Data Breach Response Under GDPR

Odia Kagan of Fox Rothschild writes: The Irish Data Protection Commission and Polish Data Protection Authority have issued guidance on data breach notification under GDPR in which they address the following questions, and more: When do you “become aware”​ of a data breach? What should a data breach notification include? How do you communicate...

Delaware Signs Insurance Data Security Act into Law

Joshua Mooney of White & Williams writes: On July 31, 2019, Governor Carney signed the Delaware Insurance Data Security Act (formerly, HB 174) into law. Based on the National Association Of Insurance Commissioners (NAIC) Insurance Data Security Model Law, the Delaware law establishes a regulatory framework requiring insurers licensed to do business in Delaware...