Archives: Weekly Privacy Rewind

Subscribe to Weekly Privacy Rewind RSS Feed

The Weekly Privacy Rewind

By Aaron Lancaster on December 18, 2018 Posted in Weekly Privacy Rewind

State AGs Coalition of AGs Asks Social Security Administration to Establish Database of SSNs to Combat ID Theft • Forty-three state AGs sent a letter to acting Social Security Administration (SSA) Commissioner Nancy Berryhill urging the SSA to swiftly develop a database that would make it easier for financial institutions to verify consumers’ personal information. … Continue Reading

The Weekly Privacy Rewind

By Aaron Lancaster on December 10, 2018 Posted in CCPA, Weekly Privacy Rewind

California Consumer Protection Act Privacy Groups Urge California Lawmakers Not to Weaken California Consumer Privacy Act • A variety of privacy groups, including the Electronic Frontier Foundation, the Digital Privacy Alliance and the Center for Digital Democracy, sent a letter to California lawmakers asking them not to “push[] California backward” when it comes to privacy … Continue Reading

The Weekly Privacy Rewind

By Aaron Lancaster on October 25, 2018 Posted in Weekly Privacy Rewind

Class Actions Plaintiffs Seek Approval for $4.3 Million Settlement With Sonic in Credit Card Data Breach Suit • Following a variety of lawsuits against fast food chain Sonic Drive-In related to a 2017 credit card data breach, plaintiffs are seeking consolidation of those suits, class certification and a $4.3 million settlement. • The settlement would … Continue Reading

The Weekly Privacy Rewind

By Aaron Lancaster on September 20, 2018 Posted in Weekly Privacy Rewind

Class Actions Judge Approves $80M Settlement in Yahoo Data Breach Suit • U.S. District Judge Lucy Koh awarded plaintiffs $80 million in a consolidated class action brought against Yahoo by shareholders resulting from data breaches Yahoo experienced in 2014 and 2016. • According to the suit, Yahoo’s stock was trading at an artificially high price … Continue Reading

The Weekly Privacy Rewind

By Aaron Lancaster on September 10, 2018 Posted in Weekly Privacy Rewind

Class Actions Hotel Investment and Management Firm Aimbridge Hospitality LLC Removes Putative Class Action to Federal Court • Hospitality company Aimbridge Hospitality LLC (Aimbridge) removed a putative class action lawsuit by a former laundry attendant that alleged that her personal information was exposed in a March 2018 data breach. The complaint alleged that the putative … Continue Reading

The Weekly Privacy Rewind

By Aaron Lancaster on September 5, 2018 Posted in Weekly Privacy Rewind

Class Actions San Francisco Transit Agency Seeks Approval of Class Action Settlement • Bay Area Rapid Transit (BART) sought preliminary approval of a class action settlement to resolve claims that the transit agency’s mobile app secretly collected various information about its users, including mobile device ID number and location, even when users are not reporting … Continue Reading

The Weekly Privacy Rewind

By Aaron Lancaster on August 28, 2018 Posted in Weekly Privacy Rewind

Biometric Information Privacy Act AGCO Corp., Ceridian HMC Inc. and Hegewisch Development Corp. Latest Employers to Face Allegations of BIPA Violations • Lawsuits against employers for alleged violations of Illinois’ Biometric Information Privacy Act (BIPA) show no signs of slowing, with three more employers, AGCO Corp., Ceridian HCM Inc. and Hegewisch Development Corp., all facing … Continue Reading

The Weekly Privacy Rewind

By Aaron Lancaster on August 20, 2018 Posted in Weekly Privacy Rewind

Data Breaches Comcast’s Xfinity Service Potentially Exposes Addresses and Partial SSNs of More Than 26.5 Million Customers • According to security researcher Ryan Stevenson, alleged vulnerabilities in the system Comcast Xfinity uses to verify users’ identities could have allowed an attacker to learn those users’ home addresses and partial Social Security numbers. • After being … Continue Reading

The Weekly Privacy Rewind

By Aaron Lancaster on July 24, 2018 Posted in Weekly Privacy Rewind

Federal Trade Commission Federal Trade Commission Asks for Ability to Fine Companies for Privacy Violations • Speaking before the U.S. House of Representatives’ Subcommittee on Digital Commerce and Consumer Protection, the commissioners of the Federal Trade Commission (FTC or Commission) said Congress needs to pass new laws to allow the FTC to fine companies that … Continue Reading

The Weekly Privacy Rewind

By Aaron Lancaster on July 16, 2018 Posted in Weekly Privacy Rewind

Class Actions Macy’s Faces Suit After Disclosing Data Breach • Retail giant Macy’s notified its customers and state regulators of a data breach affecting the accounts of online shoppers. The breach occurred between April 26 and June 12, 2018. • Only two days after receiving notice, online Macy’s shoppers filed a putative class action complaint … Continue Reading

The Weekly Privacy Rewind

By Aaron Lancaster and John Busch on June 19, 2018 Posted in Weekly Privacy Rewind

Class Actions Finkly & Sons Co. Faces Illinois Biometric Information Privacy Act Class Action • A former employee of steelmaker A. Finkly & Sons Co. filed a putative class action against the company in Cook County, Illinois, for violations of the Illinois Biometric Information Privacy Act (BIPA). • The case alleges the company violated BIPA … Continue Reading

The Weekly Privacy Rewind

By Aaron Lancaster on May 21, 2018 Posted in Weekly Privacy Rewind

Class Actions Facebook Users BIPA Suit to Go Forward • Denying cross-motions for summary judgment, the U.S. District Court for the Northern District of California ruled that the class action against Facebook for violating Illinois’ Biometric Information Privacy Act (BIPA) will proceed to trial. • According to the Court, the “voluminous submissions underscore the multitude … Continue Reading

The Weekly Privacy Rewind

By Aaron Lancaster on May 14, 2018 Posted in Weekly Privacy Rewind

Class Actions Liquor Store Chain Binny’s Is Latest Target of BIPA • In a putative class action complaint filed in Cook County Circuit Court, employees of Illinois liquor store chain Binny’s Beverage Depot alleged the company violates Illinois’ Biometric Information Privacy Act. • Among Binny’s alleged BIPA violations are failing to obtain consent before using … Continue Reading

The Weekly Privacy Rewind

By Aaron Lancaster on April 23, 2018 Posted in Weekly Privacy Rewind

Data Breaches Portable Oxygen Device Maker Inogen Announces Data Breach • Inogen Inc., which makes portable oxygen devices, reported to the U.S. Securities and Exchange Commission that it experienced a data breach that involved approximately 30,000 current and former customers. • According to the company’s Form 8-K, sometime between Jan. 2 and March 14, unauthorized … Continue Reading

The Weekly Privacy Rewind

By Aaron Lancaster on April 18, 2018 Posted in Weekly Privacy Rewind

Class Actions Uber Data Breach Suits Consolidated in California • The U.S. Judicial Panel on Multidistrict Litigation has settled on the U.S. District Court for the Central District of California in which to centralize the class actions arising from the data breach that Uber announced in November 2017, involving the personal information of approximately 57 … Continue Reading

The Weekly Privacy Rewind

By Aaron Lancaster and Julie Hein on April 11, 2018 Posted in Weekly Privacy Rewind

Canada Data Breach Notification Provisions of PIPEDA Act Go Into Effect Nov. 1, 2018 • Pursuant to a March 26, 2018 Order in Council, the mandatory breach notification provisions of Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) will become effective on November 1, 2018. • Under the provisions, organizations must notify affected individuals … Continue Reading

The Weekly Privacy Rewind

By Aaron Lancaster on April 2, 2018 Posted in Weekly Privacy Rewind

EU/GDPR GDPR a ‘Learning Curve’ According to CNIL Head Falque-Pierrotin • Speaking at the Global Privacy Summit of the International Association of Privacy Professionals (IAPP), Commission Nationale de l’Informatique et des Libertés (CNIL) president Isabelle Falque-Pierrotin described GDPR compliance as a “learning curve” for everyone involved, including the regulators. • Stating that the role of … Continue Reading

The Weekly Privacy Rewind

By Aaron Lancaster on March 26, 2018 Posted in Weekly Privacy Rewind

Australia Global Shipping Company Svitzer Announces First Data Breach Under Australian Data Breach Notification Laws • Global shipping company Svitzer has the dubious distinction of being the first company to provide notice under Australia’s new data breach notification law, notifying the Office of the Australian Information Commissioner (the OAIC) and almost 500 Australian employees of … Continue Reading