On July 13, 2018, in Dutta v. State Farm Mutual Automobile Insurance Company, the Ninth Circuit affirmed the district court’s decision granting summary judgment to State Farm in a putative Fair Credit Reporting Act class action. The decision presents another helpful application of the U.S. Supreme Court’s 2016 Spokeo decision. The Dutta decision highlights
On June 21, 2018, the U.S. District Court for the District of Oregon dismissed a putative class action complaint alleging that a potential employer violated the disclosure and pre-adverse action notification requirements of the Fair Credit Reporting Act in Walker v. Fred Meyer Inc.[1] The Walker decision highlights several key lessons associated with FCRA class
In June 2018, Wired reported that Exactis, a marketing and data-aggregation firm, leaked an estimated 340 million records in what is shaping up to be one of the largest data breaches in the United States to date.
The leak was discovered by Vinny Troia, security researcher and founder of Night Lion Security. Troia discovered
Last night, California legislators passed Assembly Bill 375 (commonly known as the “California Consumer Privacy Act”) that would grant Californians “increased control” over their data. The new Act will have substantial effects on any business that has appreciable interactions with California, in how they store, share, disclose, and engage with consumer data. The Act will
On May 22, Vermont passed the nation’s most expansive data broker legislation in an effort to provide consumers with more information about data brokers, their data collection practices, and consumers’ right to opt out.
The legislation, which in part takes effect on January 1, 2019, defines “data brokers” to mean “a business … that knowingly
On Wednesday, June 6, from 3 – 4 pm ET, Troutman Sanders attorneys, Ronald Raether and Jonathan Yee will present a webinar discussing vendor risk.
Business interconnectivity is nothing new. With the rise of the cloud, vendor management came into focus. Companies continue to engage outside vendors and third-party services providers to assist with key
We are pleased to announce that Troutman Sanders attorney Ron Raether will be presenting during the NetDiligence Cyber Risk Summit Conference at the Bellevue Hotel in Philadelphia, PA. This conference features two full days of panel discussions by leading cyber experts who will share their insights on hot topics, trends, and cybersecurity concerns. Ron will
Last week, the National Institute of Standards and Technology released version 1.1 of the Framework for Improving Critical Infrastructure Cybersecurity—more commonly known as the Cybersecurity Framework.
The first version of Cybersecurity Framework was initially issued in February 2014 as voluntary guidance for critical infrastructure organizations to better manage and reduce cybersecurity risk. Although it
Attorneys general from thirty-one states have signed a letter urging Congress to scrap a proposed federal breach notification law that was introduced by Rep. Blaine Lukemeyer (R-Mo.) and Rep. Carolyn Maloney (D-N.Y.) in an effort to create a national data breach notification and security standard. The proposed law, known as the Data Acquisition and Technology
We are pleased to announce that Troutman Sanders partner Ronald Raether will make a presentation on, “Incident Response Plans: Avoiding Common Mistakes through a Table Top Exercise,” at the Fraud & Breach Prevention Summit at the Hyatt Hotel in Dallas, Texas on April 24th, 2018 at 10:50 a.m. Ronald will also be on