Insights on motion to dismiss,negligence

California, class action, injury-in-fact, motion to dismiss, Shine the Light, State case law

First Reported Shine the Light Suit Dismissed for Failure to State Cognizable Injury

By InfoLawGroup LLP on June 19, 2012

Last week, a plaintiff's putative class action alleging a violation of California's Shine the Light law, Cal. Civ. Code § 1798.83, was dismissed without prejudice. See Boorstein v. Men's Journal LLC, No. 12-cv-00771-DSF-E, 2012 WL 2152815 (C.D. Cal. June 14, 2012). The suit, one of several other similar pending suits, is the first reported decision applying the Shine the Light Law.

Read more

best practices, bill, Colorado, Gross Negligence, HB 11-1225, negligence, Pabon, Regulation, Security

A Novel Data Security Law Proposed in Colorado

By InfoLawGroup LLP on February 24, 2011

Over the past couple years, many predicted that new state laws would follow the lead of states like Nevada and Massachusetts, and some anticipated we could see a situation where 50 different privacy/security laws across the country. Now it looks like we are beginning to see some renewed activity on the state level. In Hawaii we have a proposed bill that would require breached entities to provide credit monitoring and call center services to impacted individuals. In my home state, Colorado, a legislator (Dan Pabon) has proposed a novel bill that takes a new approach to incentivizing companies to implement good security. In this post, we take a look at the highlights of the Colorado bill.

Read more

Breach, consumer fraud law, damages, duty, employee, employee privacy, employer, litigation, negligence, notification, social security number

IL Appellate Court: No Duty Exists to Safeguard SSNs for Purposes of a Negligence Claim

By InfoLawGroup LLP on February 03, 2011

InfoLawGroup recently discovered a new data breach case, one of the first that we are aware of in the United States, that dives deep into the issue of whether a common law duty exists to safeguard personal information. In Cooney, et. al v. Chicago Public Schools, et. al¸ an Illinois appellate court actually rendered a decision holding that no such duty exists under Illinois law. In this blogpost we take a closer look at the court's rationale for dismissing the plaintiffs' negligence claim, as well as the other interesting holdings of the court.

Read more

appropriate, civil litigation, compliance, FTC, legal requirements, negligence, portable devices, public networks, reasonable, security measures, unfair practices, wireless

Code or Clear? Encryption Requirements under Information Privacy and Security Laws (Part 1)

By W. Scott Blackmer on October 01, 2009

"Exactly what data do we have to encrypt, and how?" That's a common question posed by IT and legal departments, HR and customer service managers, CIOs and information security professionals. In the past, they made their own choices about encryption, balancing the risks of compromised data against the costs of encryption. Those costs are measured not merely by expense but also by increased processing load, user-unfriendliness, and the remote but real possibility of lost or corrupted decryption keys resulting in inaccessible data. After weighing the costs and benefits, most enterprises decided against encryption for all but the most sensitive applications and data categories.

Read more
Older