The Securities and Exchange Commission (SEC) announced its most significant case ever filed against a respondent for one of the world’s largest data breaches. Albata, Inc., f/d/b/a Yahoo! Inc., (“Yahoo”) settled with the SEC to charges of violating Section 17(a)(2) and 17 (a)(3) of the Securities Act of 1933 (“Securities Act”), amongst other charges, and agreed to various remedies, including a $35 million penalty.
Continue reading “SEC Cyber Unit Brings Groundbreaking Data Breach Case”
The Senate officially confirmed the five nominees to the Federal Trade Commission on April 26. As noted in previous blogs, Joseph Simons will become the new chairman and Joshua Phillips, Rebecca Slaughter and Rohit Chopra will join the Commission immediately.
Continue reading “Senate Confirms All Five Nominees to the FTC”
The Sedona Conference®, a nonprofit research and educational think tank dedicated to the advanced study of law, particularly in information governance, has released its Incident Response Guide , open for public comment through June 19, 2018. Drafted by Working Group on Data Security and Privacy Liability (WG11), the guide is meant to serve as a practical resource for practitioners dealing with the legal, technical, and policy issues related to data-related incidents – from distributed denial-of-service to ransomware attacks.
The 9th U.S. Circuit Court of Appeals affirmed the district court’s ruling in Aqua Star (USA) Corp., vs Travelers Casualty and Surety Company of America. The case involved fraudulent emails purporting to be from the insured’s suppliers directing that the insured direct its payments to a new account purportedly opened by that supplier. Based on that fraudulent communication, the insured transferred $713,890 due its supplier to the fraudulent “new account.”
The FTC withdrew its August 2017 administrative complaint and proposed consent agreement with Uber Technologies, Inc. (Uber) and issued a revised complaint against Uber Technologies, Inc. Uber has accepted a revised proposed consent agreement which will be subject to public comment for 30 days.
Continue reading “FTC Announces Expanded Settlement with Uber”
On March 23, 2018, Congress passed the “Clarifying Overseas Use of Data Act,” also known as the “CLOUD Act” (H.R. 4943, S. 2383), a new U.S. law that will have a dramatic effect on the United State government’s control over and access to data stored overseas. The CLOUD Act was introduced to the U.S. Senate and House of Representatives on February 6, 2018, as part of a $1.3 trillion omnibus spending bill. The bill passed both houses of Congress on March 23, 2018, and was signed into law by the President the next day.
Continue reading “U.S. Congress Approves CLOUD Act for Data Stored Overseas”
