U.S. Representatives Anna Eshoo and Zoe Lofgren, each representing districts in Silicon Valley, have introduced the “Online Privacy Act” bill.  The bill calls for the creation of a U.S. Digital Privacy Agency to draft and enforce comprehensive federal...

The Federal Trade Commission has entered into a Consent Order with Retina-X Studios and its founder for alleged violations of federal privacy laws involving three “stalkerware” apps known as Mobile Spy, Phone Sheriff and Teen Shield. Downloading each app required...

AIG Specialty Insurance Company recently filed a motion to dismiss a lawsuit filed by investment software manager SS&C Technologies Holding, Inc. seeking coverage for a $6 million loss based on email spoofing. The lawsuit...

Calling or texting consumers without proper consent can lead to claimed violations of the federal Telephone Consumer Protection Act of 1991 (TCPA). A plaintiff must show that the call or text utilized an automatic telephone dialing system (ATDS) and was without the...

Tesla touts its Autopilot as having “advanced safety and convenience features . . . designed to assist you with the most burdensome parts of driving” and enabling “your car to steer, accelerate and brake automatically within its lane.” Tesla also warns that “[c]urrent...

Google, LLC and the University of Chicago Medical Center have been named as defendants in a class action style lawsuit recently filed in federal court in Illinois. The named plaintiff, Matt Dinerstein, alleges that Google, through its start-up, DeepMind, “embarked on...

A ransomware attack involves the introduction of malware that locks user access to their system or files, along with a demand for a ransom payment to unlock the system or files.  On July 11, 2019, the United States Conference of Mayors, representing more than...

Illinois’s Biometric Information Privacy Act (BIPA) was passed in 2008 but over the past few years has been the basis for hundreds of proposed class action lawsuits.  As originally drafted, the law contains potentially overbroad definitions of “biometric...

Chinese-based mobile app developer Cheetah Mobile, Inc. has asked a federal court in New York to dismiss a purposed class action lawsuit brought by the company’s investors. Cheetah boasts hundreds of millions of monthly active users of its apps, including Clean...

In May 2019, Verizon released its 2019 Data Breach Investigations Report. The report is the result of analyzing some 41,686 security incidents of which 2,013 were confirmed data breaches. Among the report’s key findings: The majority of incidents were denial of...

Eighteen year old Ousmane Bah has sued Apple after he was falsely accused of felonies in multiple states, including Massachusetts, New York, New Jersey and Delaware. The arrests allegedly resulted from Bah’s image being mismatched to the identity of the true suspect...

The Consumer Federation of America, along with 10 other advocacy groups, including Mozilla and the Internet Society, have sent an open letter to Target, Amazon, Best Buy and Walmart asking the retailers to endorse minimum privacy and security guidelines for connected...

A federal court in New Jersey has lifted a preliminary injunction enjoining former ADP salesmen from engaging in certain conduct alleged by ADP to violate non-compete provisions in their employment agreements.  The injunction had been originally entered in June 2016,...

In 2017, credit reporting agency Equifax experienced a data breach that impacted 143 million consumers. Fallout from the breach included class action lawsuits initiated by various plaintiff classes such as consumers, financial institutions and a small business class....

The U.S. Department of Justice Inspector General has released a report of an audit of the Federal Bureau of Investigation (FBI) process for notifying victims of cyber incidents. The primary findings of the report include: Some unreliable data, including typographical...

The Consumer Federation of America, along with 10 other advocacy groups, including Mozilla and the Internet Society, have sent an open letter to Target, Amazon, Best Buy and Walmart asking the retailers to endorse minimum privacy and security guidelines for connected...

The Trademark Trial and Appeal Board (TTAB) has recently issued a precedential opinion denying a Chicago Cubs fan’s request to trademark #MAGICNUMBER108 for t-shirts. The fan, Grant DePorter wished to use the hashtagged phrase in reference to the fact that it took the...

In a 377-3 bipartisan vote, the U.S. House of Representatives has passed H.R. 238, the “Hack Your State Department Act.” If this bill becomes law, the U.S. State Department would have one year to establish a pilot “bug bounty program” under which qualified security...

As early as 2014, the Court of Justice of the European Union (CJEU) has ruled that Google must comply with the request of E.U. citizens to remove certain search engine results reflecting past actions of the citizens, or the so-called “right to be forgotten.” One...

Over the past two months, drone sightings have caused closures at international airports, both in the U.S. and abroad. In December 2018, drone activity at London’s Gatwick Airport resulted in the airport being closed for 33 hours with multiple flight cancellations,...

The European Union General Data Privacy Regulation (GDPR), which took effect in May 2018, covers the handling of personal information of E.U. citizens, including by U.S.-based companies. The E.U.-U.S. Privacy Shield is a framework to provide companies with a mechanism...

The Federal Communications Commission (FCC) recently sent letters to telecommunications carriers asking them to establish plans to implement the Signature-based Handing of Asserted Information Using toKENS (SHAKEN) and the Secure Telephone Identity Revisited (STIR)...

Two recent class action-styled lawsuits have been filed against Facebook and Google, respectively, for allegedly tracking and storing user location data even after the user had turned off location tracking features. In Heeger v. Facebook, Inc., the plaintiff claims...

California has become the first state to pass legislation to regulate the Internet of Things. The new law, which takes effect on January 1, 2020, applies to manufacturers of connected devices, which are defined as “any device, or physical object that is capable of...

Last year, credit reporting agency Equifax experienced a data breach that impacted 143 million consumers. Fallout from the breach included class action lawsuits initiated by various plaintiff classes such as consumers, financial institutions and a small business...

A visually-impaired and legally blind woman has filed a lawsuit against Apple, Inc. in federal court in New York, alleging that Apple’s website is not accessible and is therefore in violation of the federal Americans with Disabilities Act (“ADA”). Himelda Mendez...

According to a Department of Defense official, the Pentagon has been working on a “do not buy” list of software vendors since early this year. Without identifying specific vendors or products, in a recent press conference, Ellen Lord, undersecretary of defense for...

Global advisory firm Willis Towers Watson recently released its 2018 Management Liability (Directors & Officers) U.S. Survey. When asked the question “to what extent are the following risks a concern for your organization in the coming year,” 80 percent of the...

The importance of making online and mobile app terms clear and conspicuous to users was reinforced by the recent federal appeals court decision in Cullinane v. Uber Technologies, Inc. The plaintiffs filed a proposed class action in Massachusetts state court alleging...

Wells Fargo Bank has recently announced that its customers will no longer be able to make purchases of cryptocurrency using their bank-issued credit cards. This move is consistent with the stated practice of several other major U.S. banks including J.P. Morgan Chase,...

Network in the Sky In our Future? Tech start up Elefante Group, Inc., in partnership with Lockheed Martin Corporation, has filed a petition for rulemaking with the Federal Communications Commission (FCC) regarding a design for a platform of atmospheric-based service...

“Phishing” occurs through a fake email message to obtain sensitive information for the purpose of committing fraud. Phishing schemes are becoming more sophisticated, resulting in many organizations falling victim and incurring financial loss. Some organizations have...

Disney recently suffered a potentially devastating setback in its legal effort to stop Redbox from selling digital codes to Disney films. A federal court in California denied Disney’s request for a preliminary injunction against Redbox, citing that Disney has engaged...

Augmented realty (AR) and virtual reality (VR) technology is becoming more commonplace in both our business and personal lives. Business uses of AR/VR include product design, employee training, marketing and customer service. A March 2018 survey conducted by the law...

A federal court of appeals has rejected the notion that “circulation” rather than “publication” of allegedly defamatory material online and through email distribution is sufficient to state a claim. In late 2013/early 2014, financial publisher The Deal, LLC posted...

The Federal Trade Commission (FTC) has issued the report “Do Web Host Protect Their Small Business Customers With Secure Hosting And Anti-Phishing Technologies? This report is the result of a mid-2017 investigation by the FTC’s Office of Technology Research and...

In what is being touted as a “first” in cyber risk management solutions, tech giants Apple and Cisco have announced a partnership with Aon plc (“Aon”) and Allianz Global Corporate & Specialty (AGCS). An organization adopting the solution would undergo a cyber...

Some companies offer monetary rewards to so-called “white hat” hackers to find security bugs in the company’s systems. These “bug bounties” can prove useful in identifying vulnerabilities and preventing breaches. Care must be taken, however, that a bug bounty...

Public interest in Bitcoin grows as the value of the cryptocurrency has increased of late. Some view cryptocurrency as the wave of the future; others consider trading in it a gamble. How do countries and other levels of government treat cryptocurrency? In the United...

Following the hacking of a Jeep Cherokee during a staged experiment in 2015, Fiat Chrysler USA (FCA) recalled 1.4 million 2013-2015 vehicles. The incident also prompted the filing of a proposed class action lawsuit against FCA in an Illinois federal district court...

Victims of data breaches are often unable to find a remedy without sustaining actual monetary damages. That could change if the Federal Trade Commission (FTC) pursues a path toward “informational injury,” which could impose a deemed harm to data breach subjects. In...

In November, the U.S. Senate Commerce Committee unanimously approved a bill known as the Stop Enabling Sex Traffickers Act of 2017 (SESTA). SESTA has broad bi-partisan support of its worthwhile goal of allowing civil and criminal actions against a website for...

The Michigan House of Representatives recently approved a bill that would amend the state’s Freedom of Information Act (FOIA) to prevent public disclosure of organization’s cybersecurity assessments, cybersecurity plans, cybersecurity incidents and cybersecurity...

Drones are now smaller, lighter, easier to use and capable of capturing high quality images and other data. Drone technology facilitates things like law enforcement activities, aerial photography and emergency deliveries. Last month, the Federal Aviation...

A few weeks ago, the Securities and Exchange Commission (SEC) revealed that its Electronic Data Gathering Analysis and Retrieval (EDGAR) system was hacked in 2016. Rather than issuing a news release specific to the discovery of the event, the SEC included information...

Emoji, the popular icons used in texts and social media posts (and their predecessor, emoticons), are increasingly being asserted as evidence of intent in both civil and criminal matters. What do “‍✌??” or “:-P” mean? They may have multiple meanings, depending on the...

In September, the National Highway Traffic Safety Administration (NHTSA) issued a voluntary guidance for automated vehicles entitled “Automated Driving Systems 2.0 – A Vision for Safety”. The 36-page document, a much scaled down version of what the agency issued a...

A trademark is a word, phrase, symbol or design that identifies and distinguishes the particular source of a product. A service mark does the same thing with respect to the source of services. An owner of a mark can control its use, including preventing others from...

Last week, credit reporting agency Equifax announced that data of 143 million consumers was potentially compromised through a “website vulnerability” that occurred from mid-May through July, 2017. Equifax discovered the breach on July 29th, but waited nearly six weeks...

The Federal Communications Commission (FCC) has been addressing two aspects of robocalls (unsolicited calls being placed to consumers) and caller ID spoofing (impersonating a different phone number to evade call blocking or filtering tools). First, the FCC is focusing...

Many online platforms use moderators to screen user content submissions. How does the use of moderators impact a site’s ability to successful defend itself against copyright infringement claims under the Digital Millennium Copyright Act? The Ninth Circuit Court of...

After a two-day bench trial, a federal court in Florida has ruled that grocery chain Winn-Dixie’s website is inaccessible to individuals who require screen reader software. The court concluded that Winn-Dixie violated the Americans With Disabilities Act (“ADA”) as a...

For many years, the Federal Trade Commission (FTC) has maintained a national “do-not-call” registry of telephone numbers of individuals and organizations that do not to receive unsolicited marketing calls. Recently, the FTC obtained a $2.7 million judgment from a U.S....

While administrative changes within federal agencies have raised uncertainty over enforcement of privacy and security initiatives, many state governments are looking at establishing new rules and laws directed at protecting individual privacy and enhancing online...

Last week, hundreds of thousands of computer systems were impacted by global cyberattacks, many in the form of ransomware. Protecting your organization from these types of attacks is more important than ever. Understanding the ins and outs of ransomware is the first...

Mobile apps are increasingly designed with features and functions promoting interaction with users, including voice commands. Could the design of an app to capture and transmit user communications and other information violate federal wiretap laws? An amended class...

A recent decision of the U.S. Supreme Court may expand copyright protection for 3D printing designs. In general, copyrights protect creative works rather than useful or functional objects. In Star Athletica LLC vs. Varsity Brands Inc., the Court examined whether...

Last fall, the Federal Communications Commission (FCC) adopted historic rules to require broadband Internet Service Providers (ISPs) to protect certain sensitive customer information, including web browser history, app usage history and specific geolocation...

In July, 2008, Alphabet, Inc. (Google’s parent company) was sued in federal court by advertisers alleging violation of California fair advertising laws. According to the plaintiffs, Google mislead them regarding their paid AdWords, which the advertisers claimed were...

Senators John Thune (R-SD) and Gary Peters (D-MI) recently announced that they are exploring federal regulations to be proposed this year for self-driving vehicles. These lawmakers’ stated goal was to offer flexibility for manufacturers of autonomous vehicles without...

The European Union has adopted a General Data Protection Regulation (GDPR) which will take effect in May, 2018.  In January 2017, Price Waterhouse Coopers conducted a survey about preparing for the GDPR of 200 General Counsel and C-level executives from U.S. companies...

Employees using corporate or personal devices to text and use communication apps use can pose risk to an organization. The risk can be even greater for highly regulated industries like financial institutions. Recently, Deutsche Bank announced a ban on employee text...

The ever-increasing number of smart or connected devices is also referred to as the “Internet of Things” or “IoT”.  Many smart devices are installed in homes, such as thermostats, home security systems and appliances. A smart device may pose security risks in initial...

The federal E-Warranty Act of 2015 was enacted to allow manufacturers to display consumer product warranties online. On September 8, 2016, the Federal Trade Commission issued its final rules and amendments on the act. One of the ways that manufacturers can provide...