Privacy Risk Report

Tag

insurance

Use of Biometric Data Enters the Courts

The Privacy Risk Report has previously reported on the necessity to safeguard personal information such as names, addresses, social security numbers and credit card information to avoid risk resulting from data breaches. The latest trend we are seeing now involves… Continue Reading →

Court Finds Whistleblower Protection Act Offers No Protection for Auditor That Reports Data Security Issues

On January 19, 2017, in Pratt v. M & T Bank Corp., the U.S. District Court for Delaware found an information technology auditor at M & T Bank could not support his Delaware Whistleblower Protection Act (the Act) claim with… Continue Reading →

Recent Case Sheds Light on What Courts May Find Makes Security Measures Reasonable

A number of states have recently imposed duties for data collectors to safely store information. For example, Illinois data collectors are now required to “implement and maintain reasonable security measures” to protect data (815 ILCS 530/45). Unfortunately, data collectors have not received guidance… Continue Reading →

First Class Hack: Researcher Claims Airplane In-Flight Entertainment Systems Give Path to Flight Controls

To overcome his anxiety with flying, IOActive’s researcher/author, Ruben Santamarta, began “spending some flights hacking stuff.” In his December 20, 2016 blog post, “In Flight Hacking Systems,” Santamarta describes how he  tried to gain a better understanding of the In-Flight Entertainment… Continue Reading →

Data Breach Litigation Evolves, Allows the Breaching Entity and the Breaching Entity’s Data Security Vendors to be Named as Defendants

To date, the key question in data breach litigation has been whether plaintiffs can demonstrate that they suffered damages and, therefore, have standing to bring suit. In just the last two weeks courts have rendered decisions on whether data breach… Continue Reading →

Court Rejects Insured’s Attempt at “Selectively Reading” Property Policy to Cover Data Breach

In Camp’s Grocery, Inc. v. State Farm Fire & Cas. Co., 4:16-cv-00204 (October 25, 2016), the U.S. District Court for the Northern District of Alabama granted summary judgment to defendant State Farm and denied plaintiff Camp’s Grocery (Camp’s) cross-motion to… Continue Reading →

Casino’s Lawsuit Shows High Stakes for Breach Response

In January 2016, Affinity Gaming (Affinity), the owner of several casinos, filed a complaint in the District Court of Nevada against Trustwave Holdings, Inc. (Trustwave), a data security investigator, for Trustwave’s work in securing data after Affinity suffered a data breach…. Continue Reading →

Cyber Insurance Can Develop Without Centralized Cyber Law

For years there has been a discussion over whether data breaches and cyber security can eventually be regulated by centralized laws rather than various state and federal laws and regulations. Even in October 2014, President Obama called upon Congress to… Continue Reading →

Walk the Plank: Court Finds Pirated Cable Programming Not “Data” in Multimedia Liability Policy

In Ellicott City Cable LLC v. AXIS Ins. Co., the U.S. District Court for the District of Maryland held the term “data” did not include cable television programming that was accessed without DirecTV’s authorization. The definition of “data” became the… Continue Reading →

Nothing to See Here: Underreporting Cyber Security Incidents Impacts Cyber Insurance

Data indicates that large-scale data breaches in 2015 alone resulted in the exposure of approximately 429 million personal records. However, these estimates are too low because many data breaches are not reported. In fact, the “real number” of exposed personal… Continue Reading →

© 2017 Tressler LLPDisclaimer | Privacy Policy

Tressler Blog Network Bad Faith BulletinCGL DispatchCondo Law WatchLocal Government LowdownThe Property LineSpecialty Lines Advisory