On Tuesday, September 24, 2019, the European Court of Justice issued two rulings that further defined the right to be forgotten under European laws. The right to be forgotten, also known as the right to erasure, is a fundamental tenet of the General Data Protection Regulation (GDPR). The right allows, among other things, consumers to
Nixing the Fix: Recap of FTC Workshop on Product Repair Restrictions
Make a product that could break? On July 16, 2019, the FTC hosted a workshop to examine repair restrictions on consumer goods and the “Right to Repair” bills proposed in a number of states. Panelists included representatives from trade associations, the repair and technology industries, and state senators. The Nixing the Fix workshop discussed some
Raising the Bar: FTC’s Proposed Changes to the Safeguards Rule Would Establish a New Standard for Information Security Programs
The Federal Trade Commission (FTC) announced this week that it is seeking comments on proposed amendments to the Privacy Rule and Safeguards Rule under the Gramm-Leach-Bliley Act (GLBA). These two rules outline obligations for financial institutions to protect the privacy and security of customer data in their control. While the proposed changes to the Privacy
Pushing the Limits: Preliminary Settlement Entered in Case Against Banana Republic and The Gap after California Court of Appeals Failed to Find Limits on Injury
On January 14, Plaintiffs in the consolidated case of Veera v. Banana Republic, LLC, et al., filed for approval of a preliminary class action settlement after Plaintiffs Veera and Etman successfully argued that “frustration” and “embarrassment” over unclear discounts is sufficient to meet the requirements for injury.
According to separate lawsuits filed against Banana Republic
Massachusetts Imposes Additional Data Breach Notification Requirements
On January 10, 2019, Massachusetts Governor Charlie Baker signed into law the Massachusetts’s Data Breach Notification Act, which amends Massachusetts data breach reporting laws. The new law, available here, amends the timing and content of individual and regulator data breach notifications, and provides for credit monitoring services when social security numbers may have been
Multistate Settles with Neiman Marcus Over 2013 Data Breach
43 State Attorneys General and the District of Columbia announced yesterday a settlement with Neiman Marcus Group LLC resolving the states’ investigation into the company’s 2013 data breach and its security practices. Over a three-month period in 2013, a breach of the Dallas-based retailer exposed customer credit card data at 77 Neiman Marcus stores nationwide.
California Privacy Update: Attorney General Seeks Comments and Announces Public Forum on CCPA
California Attorney General Xavier Becerra announced yesterday that the California Department of Justice will hold a series of six public forums on the California Consumer Privacy Act (CCPA). The hearings will take place during January and February of this year and will give the public an initial opportunity to comment on the requirements set forth
Third Party Complaints to the FTC: Do They Lead to Enforcement Action?
Last week, Gonzalo wrote about the letter Truth in Advertising sent to the FTC, urging the Commission to investigate Diageo’s use of influencers to market Ciroc vodka on Instagram. We also learned last week that the Humane Society sent a similar letter to the FTC requesting that Commission initiate an investigation of Pilgrim’s Pride for