Laptop-maker Lenovo (United States), Inc. agreed to a no-fault settlement with the Federal Trade Commission and 32 states over allegations that it installed ad software that compromised customers’ web security and invaded users’ privacy.
As part of the Consent Order, Lenovo agreed that it would:
…
As we previously reported, the EU and U.S. reached agreement last week on the EU-U.S. Privacy Shield to replace the invalidated EU-U.S. Safe Harbor Program for transatlantic data transfers. While the announcement of the Privacy Shield is a relief to the thousands of companies who relied on the Safe Harbor Program, details remain unclear.…
Norton Rose Fulbright recently released the results of their 9th annual litigation trends survey. The Fulbright survey reflects information collected from 392 in-house attorneys; including 82% identifying themselves as general counsel and 14% as head of litigation. Additionally, the companies responding to the survey represent virtually all industries, include entities of all sizes, and…
Many employers often question what recourse is available when faced with the destruction or alteration of company data by former employees. This question is made more complicated when employees use their own personal computer for work. In addressing this issue, the U.S. District Court for the Northern District of Illinois, Eastern division held that an employee’s …
In a uniquely timed second showing of enforcement authority, the Department of Health and Human Services (HHS) announced on February 24, 2011 a one million dollar settlement with a Massachusetts hospital that allegedly breached patient data. This settlement announcement comes only days after HHS announced a 4.3 million dollar HIPAA Privacy Rule fine. The…
Paintball Punks filed a class action suit against U.S. Bank in Hennepin County, Minnesota. The case was subsequently removed on December 6, 2010, to the Minneapolis District Court. In the complaint, Paintball Punks alleges that between August and December 2009 it received 9 orders totaling approximately $11,000, which were fraudulently billed to U.S. Bank-issued cards. The amount…
Federal contractors are subject to numerous requirements under federal law and, as we have previously highlighted here, need to keep pace with changes in law and regulation.
Under the Federal Information Security Management Act of 2002 (FISMA) each federal agency is required to develop, document, and implement an agency-wide program to provide information security …
Nearly 100 organizations have been notified by the Federal Trade Commission (“FTC”) that personal information, including sensitive employee and customer data, shared from the organizations’ computer networks is available on peer-to-peer (P2P) file-sharing networks. This, the FTC warned, could be used to commit identity theft or fraud. The notices went to both private and public entities, including …
The State of Minnesota has been smacked with a number of privacy-related district court lawsuits recently.
The most recent dispute arose after the state of Minnesota hired a Texas-based company, Lookout Services to perform E-Verify services for state employees as part of a U.S. Department of Homeland Security program to ensure that all employees of the state and its…
