Archives: Weekly Privacy Rewind

Subscribe to Weekly Privacy Rewind RSS Feed

The Weekly Privacy Rewind

Data Breaches Comcast’s Xfinity Service Potentially Exposes Addresses and Partial SSNs of More Than 26.5 Million Customers • According to security researcher Ryan Stevenson, alleged vulnerabilities in the system Comcast Xfinity uses to verify users’ identities could have allowed an attacker to learn those users’ home addresses and partial Social Security numbers. • After being … Continue Reading

The Weekly Privacy Rewind

Federal Trade Commission Federal Trade Commission Asks for Ability to Fine Companies for Privacy Violations • Speaking before the U.S. House of Representatives’ Subcommittee on Digital Commerce and Consumer Protection, the commissioners of the Federal Trade Commission (FTC or Commission) said Congress needs to pass new laws to allow the FTC to fine companies that … Continue Reading

The Weekly Privacy Rewind

Class Actions Macy’s Faces Suit After Disclosing Data Breach • Retail giant Macy’s notified its customers and state regulators of a data breach affecting the accounts of online shoppers. The breach occurred between April 26 and June 12, 2018. • Only two days after receiving notice, online Macy’s shoppers filed a putative class action complaint … Continue Reading

The Weekly Privacy Rewind

Class Actions Finkly & Sons Co. Faces Illinois Biometric Information Privacy Act Class Action • A former employee of steelmaker A. Finkly & Sons Co. filed a putative class action against the company in Cook County, Illinois, for violations of the Illinois Biometric Information Privacy Act (BIPA). • The case alleges the company violated BIPA … Continue Reading

The Weekly Privacy Rewind

Class Actions Facebook Users BIPA Suit to Go Forward • Denying cross-motions for summary judgment, the U.S. District Court for the Northern District of California ruled that the class action against Facebook for violating Illinois’ Biometric Information Privacy Act (BIPA) will proceed to trial. • According to the Court, the “voluminous submissions underscore the multitude … Continue Reading

The Weekly Privacy Rewind

Class Actions Liquor Store Chain Binny’s Is Latest Target of BIPA • In a putative class action complaint filed in Cook County Circuit Court, employees of Illinois liquor store chain Binny’s Beverage Depot alleged the company violates Illinois’ Biometric Information Privacy Act. • Among Binny’s alleged BIPA violations are failing to obtain consent before using … Continue Reading

The Weekly Privacy Rewind

Class Actions Google Seeks Dismissal of BIPA Class Action • Google has sought dismissal of a putative class action lawsuit alleging violations of Illinois’ Biometric Information Privacy Act (BIPA). • According to the original complaint, Google allegedly violated BIPA by scanning photos of nonusers uploaded to Google Photos and then “extracting geometric data” of the … Continue Reading

The Weekly Privacy Rewind

Data Breaches Portable Oxygen Device Maker Inogen Announces Data Breach • Inogen Inc., which makes portable oxygen devices, reported to the U.S. Securities and Exchange Commission that it experienced a data breach that involved approximately 30,000 current and former customers. • According to the company’s Form 8-K, sometime between Jan. 2 and March 14, unauthorized … Continue Reading

The Weekly Privacy Rewind

Class Actions Uber Data Breach Suits Consolidated in California • The U.S. Judicial Panel on Multidistrict Litigation has settled on the U.S. District Court for the Central District of California in which to centralize the class actions arising from the data breach that Uber announced in November 2017, involving the personal information of approximately 57 … Continue Reading

The Weekly Privacy Rewind

Canada Data Breach Notification Provisions of PIPEDA Act Go Into Effect Nov. 1, 2018 • Pursuant to a March 26, 2018 Order in Council, the mandatory breach notification provisions of Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) will become effective on November 1, 2018. • Under the provisions, organizations must notify affected individuals … Continue Reading

The Weekly Privacy Rewind

EU/GDPR GDPR a ‘Learning Curve’ According to CNIL Head Falque-Pierrotin • Speaking at the Global Privacy Summit of the International Association of Privacy Professionals (IAPP), Commission Nationale de l’Informatique et des Libertés (CNIL) president Isabelle Falque-Pierrotin described GDPR compliance as a “learning curve” for everyone involved, including the regulators. • Stating that the role of … Continue Reading

The Weekly Privacy Rewind

Australia Global Shipping Company Svitzer Announces First Data Breach Under Australian Data Breach Notification Laws • Global shipping company Svitzer has the dubious distinction of being the first company to provide notice under Australia’s new data breach notification law, notifying the Office of the Australian Information Commissioner (the OAIC) and almost 500 Australian employees of … Continue Reading

The Weekly Privacy Rewind

Class Actions Facebook Cannot Evade Suit Under Illinois’ Biometric Information Privacy Act Even Where No Proof of Harm • In separate rulings handed down last week in the Northern District of California, the court refused to dismiss a case against Facebook under Illinois’ Biometric Information Privacy Act (BIPA) on Article III standing grounds. • According … Continue Reading
LexBlog