After several high-profile motor vehicle computer hacking incidents, new legislation was introduced on November 5 that would require a study of best cybersecurity and private practices for software-enabled smart cars.
The so-called SPY Car Study Act was introduced by U.S. Representatives Ted W. Lieu and Joe Wilson. The Act tasks the National Highway Traffic Safety
On November 3, the Federal Financial Institutions Examination Council (“FFIEC”), the federal agency that regulates the U.S. financial services industry, issued a warning to U.S. banks of a growing threat of cyberattacks involving extortion.
The general threat of cyberattacks comes as no surprise in the wake of highly publicized data breaches. Likewise, cyber security professionals
Cox Communications Inc. agreed to pay $595,000 to resolve an investigation by the Federal Communications Commission’s Enforcement Bureau into whether the cable operator failed to properly protect its customers’ personal information when the company’s electronic data systems were hacked in 2014. The consent decree, entered into on November 5, is the first privacy and
On November 2, 2015, a sharply divided Supreme Court of the United States heard oral arguments in Spokeo, Inc. v. Robins, where it considered whether Congress may confer Article III standing by authorizing a private right of action based on the violation of a federal statute alone, despite a plaintiff having suffered no concrete
On October 27, the United States Senate passed the Cybersecurity Information Sharing Act (“CISA”) by a vote of 74-21. CISA claims to improve cybersecurity by encouraging the sharing of threat information among companies and the U.S. Government.
As previously reported here, CISA would permit private entities to share cyber threat
In October, at the Privacy & Security Forum at George Washington University, Federal Trade Commissioner Terrell McSweeny emphasized that companies that outsource data security to third parties can still be liable in an FTC enforcement action. This position follows what we have heard previously from the Office of Civil Rights, the agency charged with enforcement
LifeLock, an identity theft and data protection company, has reached a tentative proposed settlement with the FTC regarding deceptive marketing claims.
Privacy and security attorney Ron Raether, a partner at the law firm Troutman Sanders LLP, says that it appears, based on what LifeLock disclosed so far, that the FTC may not be demanding additional
Even high-tech companies with substantial in-house technical expertise may not be dealing with the most common type of cyber vulnerability. As technology geeks, we find it more interesting to talk about firewalls, proxy servers, router security, mobile device management, anonymization of data, encryption and the like. But technical security is not enough. Companies need to
On October 29, the Consumer Financial Protection Bureau filed a complaint in the Southern District of California against Global Financial Support, Inc. and its owner and CEO, Armond Aria, for allegedly engaging in a nationwide student financial aid scam.
The Bureau claims that Defendants violated the UDAAP provisions of the Consumer Financial Protection Act when
On Monday, the European Union said it had reached an agreement in principle with the United States on a revised safe harbor program for trans-Atlantic data flow, following the recent Schrems decision before the Court of Justice of the European Union. Although the specifics remain to be worked out, organizations should brace themselves for likely