A Louisiana car dealership’s Cyber Liability policy does not cover contractual reimbursements owed to a lender by that dealership following a “touchless” online vehicle purchase utilizing identity theft. During the pandemic, the dealership created a “touchless” process whereby an online buyer would submit a credit application to a lender. If approved, the buyer and the
Data Security and Privacy
SEC Cybersecurity Reporting Requirements for Publicly Traded Companies Now in Effect
The digitization of our economy has streamlined company operations but has brought with it persistent, ongoing cyberattacks. Successful attacks disrupt business operations, are costly to remediate, and can compromise confidential and personal information—including client and employee information. These compromises can significantly impact revenue and trust in the company and often result in stock prices dropping.
Louisiana to Extend COPPA-esque Parental Permission Requirements for Social Media Use
When President Joe Biden expressed his concerns about children’s Internet usage during his 2023 State of the Union address, Louisiana certainly agreed with that concern. On June 8, 2023, the Louisiana legislature enrolled for Governor John Bel Edwards a bill intended to extend parental consent requirements on social media use by children under the age…
Russia – Ukraine Conflict Likely to Impact U.S. Businesses
Russia’s unprovoked attack on the Ukraine has not been restricted to land. Ukrainian tech resources have been hit by cyber-attacks, particularly against its government and banking systems in a coordinated effort by Russia’s military intelligence unit.[1] Several websites of Ukrainian government departments and banks were hit with distributed denial of service attacks (DDoS), which…
Virginia Enacts Its Consumer Data Protection Act, the Second Comprehensive Data Privacy Law in the United States
In March 2021, Virginia’s Governor Ralph Northam signed the Consumer Data Protection Act (CDPA), making Virginia the second state to enact comprehensive data privacy protections for its residents. If you are feeling blindsided by this news, you are not alone.[1] Unlike California’s Consumer Privacy Act (CCPA) and Privacy Rights Act (CPRA) or the European…
A Work from Home or In Office Essential: Cyber Insurance
The COVID-19 pandemic has forced a technological revolution, with many companies switching their workforce to remote solutions for the first time and now recalling those same workers back to offices as cities move to reopen. While working remotely has had significant benefits, it has also presented new and different risks to company data security. Now…
Cybersecurity Considerations for an Increasingly Remote Workforce
Across the United States and the world, business are closing their doors and moving to remote work to help minimize the spread of COVID-19. Many of these closures have been abrupt, unexpected, and, in some cases, chaotic. As famously stated in Sun-Tzu’s The Art of War, “In the midst of chaos, there is also…
HIPAA Privacy Rule Regulatory Response to COVID-19
The COVID-19 pandemic is reshaping many areas of law and regulation as businesses grapple with maintaining compliance, while also responding to the fluid needs of their clients and employees. In an effort to ease the regulatory burden on businesses, certain government agencies have made announcements that their offices will exercise discretion or waive certain noncompliance…
Sixth Circuit Opinion Highlights the Importance of Indemnity Clauses and Consequential Damages Waivers in Data Vendor Agreements
Outsourcing of basic business functions is increasingly popular. While businesses would once perform data management in-house and rely on their on-site server infrastructure to store data, businesses today are frequently turning to cloud storage providers and other third-parties to hold and manage data. These third party vendors are frequently charged with holding sensitive personal information,…
Will Your Business be Considered an Online Service Provider?
By the Data Security & Privacy Team
Introduced by Senator Brian Schatz (D-HI), the ranking member of the Communications Technology Innovation and Internet Subcommittee of the United States Senate, the Data Care Act of 2018 (the “Act”) seeks to enact Federal privacy legislation that will incentivize “online service providers” to protect certain types of personal…