The Senate Health, Education, Labor and Pensions Committee recently passed the Opioid Crisis Response Act of 2018 (OCRA) – a bipartisan package of more than 40 proposals designed to help families and entire communities affected by the nation-wide opioid crisis.
Continue reading “Continued Special Privacy Treatment for Substance Use Disorder Information”
The Securities and Exchange Commission (SEC) announced its most significant case ever filed against a respondent for one of the world’s largest data breaches. Albata, Inc., f/d/b/a Yahoo! Inc., (“Yahoo”) settled with the SEC to charges of violating Section 17(a)(2) and 17 (a)(3) of the Securities Act of 1933 (“Securities Act”), amongst other charges, and agreed to various remedies, including a $35 million penalty.
Continue reading “SEC Cyber Unit Brings Groundbreaking Data Breach Case”
The Senate officially confirmed the five nominees to the Federal Trade Commission on April 26. As noted in previous blogs, Joseph Simons will become the new chairman and Joshua Phillips, Rebecca Slaughter and Rohit Chopra will join the Commission immediately.
Continue reading “Senate Confirms All Five Nominees to the FTC”
The Sedona Conference®, a nonprofit research and educational think tank dedicated to the advanced study of law, particularly in information governance, has released its Incident Response Guide , open for public comment through June 19, 2018. Drafted by Working Group on Data Security and Privacy Liability (WG11), the guide is meant to serve as a practical resource for practitioners dealing with the legal, technical, and policy issues related to data-related incidents – from distributed denial-of-service to ransomware attacks.
The 9th U.S. Circuit Court of Appeals affirmed the district court’s ruling in Aqua Star (USA) Corp., vs Travelers Casualty and Surety Company of America. The case involved fraudulent emails purporting to be from the insured’s suppliers directing that the insured direct its payments to a new account purportedly opened by that supplier. Based on that fraudulent communication, the insured transferred $713,890 due its supplier to the fraudulent “new account.”
The FTC withdrew its August 2017 administrative complaint and proposed consent agreement with Uber Technologies, Inc. (Uber) and issued a revised complaint against Uber Technologies, Inc. Uber has accepted a revised proposed consent agreement which will be subject to public comment for 30 days.
Continue reading “FTC Announces Expanded Settlement with Uber”
