Tag Archives: PII

Deeper Dive: The Landscape of Healthcare Data Breaches

Healthcare was the industry most affected by data breaches in 2018. We worked on nearly 200 healthcare matters involving multispecialty academic medical centers, hospital systems, small and large physician practices, small and large health insurers, and biotech and pharmaceutical companies. In 2018, health information alone was just behind Social Security numbers (which can also be … Continue Reading

FCC’s Final Privacy Rule – How Final Is It?

The Federal Communications Commission (FCC) adopted an order on Oct. 27, 2016, which started to go into effect this month, regarding privacy and data security obligations for broadband internet access service (BIAS) providers and other telecommunications carriers under its jurisdiction, which were expanded in 2015 by the Open Internet rules (Privacy rule). Buzz around the … Continue Reading

New Cop on the Block – FCC’s Proposed Data Privacy and Security Rulemaking for Broadband Internet Access Providers

In 2015, the Federal Communications Commission (FCC or global Commission) issued its Open Internet Order, applying Section 222 of the federal Communications Act to broadband Internet access services (BIAS), and in doing so took jurisdiction over privacy and data security matters for Internet Service Providers (ISPs). In doing so, it declined requests by some advocacy … Continue Reading

Wyoming Broadens Data Breach Notification Law

Wyoming recently joined the list of states passing laws that broaden the scope of their data breach notification laws. On March 2, 2015, Wyoming signed into law two bills (S.F. 35 and S.F. 36) that expand the definition of personally identifiable information (PII) and require additional minimum content requirements for notifications to affected individuals. Specifically, … Continue Reading

National Highway Traffic Safety Administration Considers Privacy Implications for New Vehicle-to-Vehicle Technology

The Department of Transportation’s National Highway Traffic Safety Administration (“NHTSA”) announced in 2014 that it would begin steps toward implementing vehicle-to-vehicle (“V2V”) technology with an aim toward decreasing the number of traffic accidents on the nation’s roads.  V2V technology allows communication between cars on the road to alert drivers of potential accident situations.  However, with … Continue Reading

Once Again, Clapper Defeats Data Breach Class Action

Article III standing has once again proved to be an insurmountable hurdle for data breach class action plaintiffs whose personal information hasn’t been misused.  In Galaria v. Nationwide Mutual Insurance Co., an Ohio federal court relied on the United States Supreme Court’s decision in Clapper v. Amnesty Intern. USA, 133 S.Ct. 1138 (2013), and held … Continue Reading

Massachusetts Follows California in Finding Retailers Vulnerable to Suit for Collecting Zip Codes in Credit Card Transactions

Earlier this month, the Massachusetts Supreme Court issued an opinion holding that zip codes “may well qualify” as personally identifiable information under the Massachusetts law controlling the treatment of PII in credit card transactions. The Massachusetts case echoes a 2011 ruling from the California Supreme Court which similarly held zip codes to be PII. Like the earlier California case, the … Continue Reading

It’s Raining PII in New York

On November 25, 2012, the front page of the New York Post blasted the headline, “Drop Secret. Shred Alert! Covert cop files used as parade confetti.” The Post reported that shredded files appearing to contain material from Long Island’s Nassau County Police Department were dropped during this year’s Thanksgiving Day parade. The confetti reportedly contains … Continue Reading

Kerry & McCain Release Commercial Privacy Bill of Rights

Senators John Kerry and John McCain introduced the Commercial Privacy Bill of Rights at a press conference today.  The stated purpose of the bill is to “establish rights to protect every American when it comes to the collection, use, and dissemination of their personally identifiable information (PII).”  According to a summary of the bill released by … Continue Reading
LexBlog