On March 19, 2015, a Minnesota federal judge granted preliminary approval of Target Corporation’s (Target) proposed $10 million settlement of a class action lawsuit, which arose out of a 2013 data breach that compromised personal information of roughly 110 million of Target’s customers. The proposed settlement would pay out $10 million to the plaintiffs and up to $6.75 million in attorney fees. Consumers affected by the breach could be awarded up to $10,000 in damages each if they can prove damages.
Privacy & Security - US & Abroad
Arent Fox is on the cutting edge of privacy laws and has experience assisting clients with all aspects of privacy and data security. For example, we routinely assist companies with the development of an internal security protocol that meets the requirements of the applicable state and federal laws. In this regard, our practice groups have helped companies comply with the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule, the Gramm-Leach-Bliley Act (GLB), and the Children’s Online Privacy Protection Act (COPPA), as well as the Payment Card Industry Data Security Standard (PCI DSS) and related payment laws.
Our lawyers also routinely advise companies about online privacy, including providing advice on notification and consent, and when an opt-in is necessary, or merely suggested. In this capacity, we work with small and large businesses on their social media marketing to help them comply with all applicable rules, guidelines, and laws.
Finally, our team has notable experience with managing a reaction to a data breach, having been part of the response to one of the largest known data breach incidents. In this capacity, we assist with all aspects of the breach, including the consumer, regulator, and payment card industry notification procedures, and the compliance and protocol development after the incident.
Last week, the Footwear Distributers and Retailers of America (FDRA) hosted a briefing on cybersecurity trends in the retail industry. In light of the high-profile data breaches in 2014 — including many at the retail level — the briefing aimed to inform the footwear industry on the nature of today’s cyber threats and the way to most effectively secure private information.
The Federal Trade Commission (FTC) released a report this week examining the privacy and security implications of the so-called “Internet of Things.” The Internet of Things (IoT) refers to the ability of everyday objects to connect to the Internet and to send and receive data. As the number of connected devices has surged in recent years, the FTC has signaled a strong interest in the IoT and repeatedly warned businesses to be mindful of consumer privacy and security when developing new products.
Recent guidance from Hong Kong’s Privacy Commissioner suggests that Hong Kong may be on the verge of implementing major new restrictions on the cross-border transfer of personal data. The recent guidance concerns a law known as the “Personal (Data) Privacy Ordinance” (PDPO) that has been on the books for 20 years but has never been implemented.
Arent Fox is pleased to announce the expansion of its Government Relations practice with the addition of Senior Government Relations Director Alex Manning. Alex is joining the firm’s Washington, DC office and will advise clients on issues surrounding cybersecurity, privacy, data breaches, tax, trade policy, and immigration.
This week, as part of a strategic effort to build momentum toward next week’s State of the Union address to Congress, President Barack Obama announced legislative proposals and executive actions to improve cybersecurity. The Obama Administration’s broad array of policy proposals could have a significant impact on how companies and other entities across all sectors of the economy collect and monetize customer data, share threat information, and notify consumers in the event of a data breach.
On January 6, 2015, Federal Trade Commission (FTC) Chairwoman Edith Ramirez delivered a speech discussing best practices for companies in the emerging market of the “Internet of Things,” which refers to the wireless interconnectivity of everyday devices, from home appliances to medical devices. Such devices are quickly becoming pervasive: In 2015, the number of interconnected devices worldwide is expected to reach 25 billion.
What’s the News?
In October 2014, California Attorney General Kamala Harris released the California Data Breach Report, the state’s most recent analysis of data security threats facing businesses and consumers. The Report, which notes a dramatic 28 percent increase in data breaches in California in 2013, serves as a reminder to businesses nationwide of the constant threat of increasingly sophisticated cybercriminals — and the need for new and better approaches to safeguarding sensitive information.
What Made News?
Ikea recently argued that a class action filed against it based on alleged violations of California’s Song-Beverly Act should not be maintained. Ikea admits that its sales registers prompt sales associates to collect ZIP codes from consumers, but it argues that associates often bypass the prompt. Because it does not have a policy to collect ZIP codes, Ikea claims that it cannot be held liable for the alleged illegal ZIP code collections.
ABOUT ARENT FOX LLP
Arent Fox LLP, founded in 1942, is internationally recognized in core practice areas where business and government intersect. With more than 350 lawyers, the firm provides strategic legal counsel and multidisciplinary solutions to clients that range from Fortune 500 corporations to trade associations. The firm has offices in Los Angeles, New York, San Francisco, and Washington, DC.