| Court Denies Schnuck Markets’ Motion to Dismiss Claims Arising Out of Point-of-Sale Data Breach |
| The U.S. District Court for the Southern District of Illinois recently denied the retail grocery chain Schnuck Markets’ motion to dismiss various claims arising from a December 2012 data breach in which hackers gained access to Schnucks’ credit/debit card processing systems. By mid-March 2013, both… |
| |
| |
| Hong Kong’s Court Convicted Two Companies for Offenses Under the New Direct Marketing Regulatory Regime |
| The Hong Kong Privacy Commissioner for Personal Data recently announced the first two convictions under the new direct marketing provisions of the Personal Data (Privacy) Ordinance (the “PDPO”) that came into force on April 1, 2013. The first conviction was against Hong Kong’s largest broadband… |
| |
| |
| New Jersey Attorney General Announces Privacy Settlement with Mobile App Developer |
| DealerApp Vantage LLC, maker of custom mobile applications for car dealerships, recently settled allegations by the New Jersey Attorney General’s office that the company failed to adequately disclose how it collected and shared information about app users. DealerApp develops mobile apps that are… |
| |
| |
| South Korea Data Breach Penalty Rules Revised to Encourage Voluntary Reporting |
| The Korean Communications Commission (KCC) recently revised its data breach penalty rules to allow reductions in fines of up to 30% if companies voluntarily report a data breach to the regulator. The stated objective is to incentivize businesses to come forward of their own accord in relation to data breaches... |
| |
| |
| Courts Find Mobile Shopping App Operators Did Not Send Texts and No TCPA Violation |
| Two federal district courts recently found in favor of defendant mobile app operators in cases alleging violations of the Telephone Communications Privacy Act (TCPA). First, the U.S. District Court for the Northern District of California granted summary judgment in favor of Shopkick Inc., rejecting plaintiffs’ claim... |
| |
| |
| UCLA Avoids Liability for Medical Record Snooping |
| A jury declined to hold UCLA Health System liable for emotional harm caused by the breach of a patient’s medical records. The plaintiff sought $1.25 million in damages. The plaintiff alleged she became depressed after UCLA failed to adequately protect her health information from a romantic… |
| |
| |
| Can You Consent to Calls/Texts by Giving out Your Number? |
| Two recent federal decisions held that consumers who provided their cell phone numbers consented, in those cases, to receiving calls and texts from the defendant companies. The Sixth Circuit upheld an Ohio federal jury decision, finding that the plaintiff provided his cell phone number to mortgage lender… |
| |
| |
| Turkey Releases Text and Email Regulations |
| The Turkish government recently released regulations prohibiting businesses from sending unsolicited text and email messages to consumers. The new rules establish restrictions on how entities that operate in Turkey reach potential and existing customers and mandate financial penalties for violators… |
| |
| |
| List of States Enacting Social Media Privacy Laws Applicable to Employers Continues to Grow |
| Delaware and Maine recently enacted social media privacy legislation, adding to the list of more than 20 states with social media privacy laws applicable to employers, and Oregon also recently put in place a noteworthy amendment to its existing social media privacy legislation… |
| |
| |
| Advocate Health Avoids FCRA Claims in Data Breach Class Action |
| The Seventh Circuit recently rejected the argument that Advocate Health and Hospitals Corporation qualifies as a consumer reporting agency under the Fair Credit Reporting Act (FCRA). The suit, stemming from a July 2013 data breach, hinged on the plaintiffs’ ability to satisfactorily plead that… |
| |
| |
| Fourth Circuit Finds South Carolina “Anti-Robocall” Statute Unconstitutional |
| The United States Court of Appeals for the Fourth Circuit recently overturned South Carolina’s “anti-robocall” statute for restricting speech based on content in violation of the First Amendment. Plaintiff Robert Cahaly was arrested after allegedly placing robocalls to South Carolina residents with a… |
| |
| |
| Hong Kong’s New Privacy Commissioner Has Enforcement Background |
| Hong Kong recently appointed a new privacy commissioner, Stephen Wong, for a term of five years. Mr. Wong succeeded Allan Chiang, who completed his five-year term on August 3, 2015. Prior to joining the Office of the Privacy Commissioner for Personal Data, Mr. Wong was a barrister and the secretary to the… |
| |
| |
| Mexico Fines Bank for Privacy Violations |
| Mexico’s National Transparency, Information Access, and Data Protection Institute (INAI) recently announced an impending fine of almost $2 million USD to be levied against Grupo Financiero Banorte, the third largest bank in Mexico. According to a statement by an INAI official, the bank failed to… |
