As a result of recent breaches – including breaches of health information and information held by health insurers – a great deal of attention has recently been focused on state data breach notification requirements. Most States have general data breach notification requirements that apply to all data breaches, including those involving health information. A few […]
Montana Broadens Data Breach Notification Law
Montana has amended the state’s data breach notification law to both broaden the definition of “personal information” that triggers individual notice and to require notice to the state’s attorney general. The changes become effective on October 1, 2015. Montana has joined several other states, including California and Florida, that include medical-related information in the definition […]
Third Circuit Questions FTC’s Data Security Authority
On March 3, 2015, the Third Circuit heard oral argument in FTC v. Wyndham Worldwide Corp., et al. (“Wyndham”) on the issue of whether the FTC has the authority to regulate private companies’ data security under Section 5 of the FTC Act. This appeal arises out of the District Court’s holding that the unfairness prong […]
White House Releases Consumer Privacy Bill of Rights
On February 27, 2015, the Obama Administration released a discussion draft of the Consumer Privacy Bill of Rights Act of 2015 (the “Privacy Act”), holding true to President Barack Obama’s commitment in 2012 to introduce legislation to put the Privacy Act’s principles into law. The Privacy Act is intended to “establish baseline protections for individual […]
White House Releases Report on Big Data and Differential Pricing
The White House Council of Economic Advisors recently released a report titled “Big Data and Differential Pricing.” “Differential pricing” refers to the practice of charging different prices to different groups of people for the same (or similar) products or services. The White House report explores the uses of big data for differential pricing, including the […]