Privacy & Data Security

Data Breaches Comcast’s Xfinity Service Potentially Exposes Addresses and Partial SSNs of More Than 26.5 Million Customers • According to security researcher Ryan Stevenson, alleged vulnerabilities in the system Comcast Xfinity uses to verify users’ identities could have allowed an attacker to learn those users’ home addresses and partial Social Security numbers. • After being informed of the issues, Comcast patched the alleged vulnerabilities. • According to a Comcast spokesperson, Comcast “quickly investigated these issues…
There are many good reasons why companies are increasingly migrating parts of the information technology to cloud service providers (“CSPs”), including lower overhead costs, greater data accessibility and mobility, and more efficient disaster-recovery response.  For cybersecurity, cloud solutions offer companies many benefits, such as full-time data security monitoring and data encryption, but they also come with significant risks.  Over the past year, several major U.S. companies have discovered that sensitive business and customer information stored…
On August 28, Steptoe will host a webinar on US-China trade relations. From the announcement: Over the past few months, US-China trade relations have radically changed. Under Section 301 of the Trade Expansion Act of 1962, the United States has imposed additional tariffs on billions worth of China imports and is threatening to import tariffs on billions more, and China has responded in kind. These tariffs have caused significant turmoil and uncertainty in the US…
In yet another twist in the saga of Certain Beverage Brewing Capsules, Components, Thereof, and Products Containing Same, Inv. No. 337-TA-929, the U.S. International Trade Commission (ITC) has issued an order temporarily rescinding the extant remedial orders in that investigation pending appeal of a district court judgment finding the claims of the patent-in-suit invalid.  The ITC cites its 2011 decision in Certain Composite Wear Components and Products Containing the Same, Inv. No. 337-TA-644 as involving…
Seyfarth Shaw Partner Jordan Vick is on the panel for the “Playing by the Rules: Rule Changes Essential to Your Practice” session on Friday, November 16, at Georgetown Law’s 15th annual Advanced eDiscovery Institute in Washington, D.C. Session topics include: The 2015 Amendments to the FRCP and their actual impacts on practitioners, including unintended consequence How the changes to Federal Rule of Evidence 902 will change how parties and the court can streamline authentication of…
As reported in BNA Privacy Law Watch, a California legislative proposal in California would allocate additional resources to the California Attorney General’s office to facilitate the development of regulations required under the recently enacted California Consumer Privacy Act of 2018.
On August 9, 2018, the United States District Court for the Northern District of Alabama agreed with the Second Circuit Court of Appeals decision in Reyes v. Lincoln Auto. Fin. Servs., 861 F.3d (2d Cir. 2017), which held that contractual consent to be contacted by an automatic telephone dialing system (“ATDS”) could not (and cannot) be unilaterally revoked because the consent formed part of a bargained-for exchange in the contract.  The Second Circuit’s ruling was…
On July 17, 2018, the European Commission successfully concluded negotiations with Japan on a reciprocal adequacy finding which will allow personal data to flow freely from the EU to Japan (and vice versa). The adequacy decision has not yet been formally adopted, as it must still undergo the respective EU and Japanese approval procedures, which the EU and Japan expect to complete by fall 2018.  During that period, Japan is expected to implement additional safeguards…
In February, we wrote about how the road for plaintiffs in cyber breach class actions may be getting smoother.  Since then, the U.S. Supreme Court has continued to avoid the issue of standing in data breach cases (declining to take up the issue in CareFirst, Inc. v. Attias, 138 S. Ct. 981 (2018)), but the Circuit courts and the California legislature have handed plaintiffs a few significant victories. In March, the Ninth…
The Department of Justice recently released its comprehensive assessment of cyber threats in the United States, titled “Report of the Attorney General’s Cyber-Digital Task Force.” The Report is the result of the establishment of the Attorney General’s Cyber-Digital Task Force by the Department in February 2018. Attorney General Jeff Sessions directed the Task Force to answer two questions: How is the Department responding to cyber threats? How can federal law enforcement more effectively accomplish its…