On Friday afternoon an Illinois intermediate appellate court decided that the bar for a plaintiff bringing a class action lawsuit under the Illinois Biometric Information Privacy Act (BIPA) is low, creating a conflict with its sister intermediate appellate court. The Illinois Supreme Court is expected to resolve the conflict early next year. How the court resolves the conflict will significantly impact companies doing business in Illinois.
Continue Reading New Biometric Privacy Decision Creates More Risk for Companies Doing Business in Illinois
Data Privacy
GDPR Webinar: A Corporate Counsel’s Guide to Building a Compliance Program
In three months, the EU’s General Data Protection Regulation (GDPR), one of the strictest privacy laws in the world, will go into effect. It will apply to companies that collect or process personal data of EU residents, regardless of whether the company is physically located in the EU. Companies that violate the law will be…
Biometric Privacy Webinar: A Guide for Corporate Counsel
Does your company collect biometric information? Are you not entirely sure what “biometric information” means? Would you like to understand the differences between the different state biometric privacy laws? Do you want to know why more than 50 companies were hit with class action lawsuits within a period of three months as a result of…
New Wave of Biometric Privacy Class Actions: Could You Be A Target?
While the privacy world is focused on the Equifax data breach, another development is taking place that could have a more lasting effect on privacy law. In the last month, plaintiffs’ lawyers in Illinois have filed over 20 lawsuits against companies that authenticate their employees or customers with their fingerprints. The lawsuits are based on…
Incident Response: The Increasing Risks to Corporate Legal Departments
The consequences of a data breach reached new heights last week when Yahoo announced the resignation of its General Counsel in response to a series of security incidents the company suffered. A more fulsome explanation of the security incidents and Yahoo’s response can be found in item seven of the company’s 10-K, but here…
60 Minutes Reports on Payment Card Data Breaches
Ever wonder how your credit card gets compromised and how the bad guys get your information? This report on tonight’s episode of 60 Minutes provides an overview of what happens from the moment you swipe your card at the point-of-sale terminal to the moment when the card number is compromised and sold on a black…
Why Every Business Should Care About Florida’s Information Protection Act
My last post described what the recently passed Florida Information Protection Act (FIPA) will do. This post analyzes how FIPA differs from Florida’s existing breach notification law and explains why those differences will hurt or help companies that maintain information about Florida residents. Florida’s Governor must still sign the FIPA into law, but his signature…
Everything You Need To Know About Florida’s New Data Protection Law
The Florida Legislature recently passed the Florida Information Protection Act of 2014 (FIPA). This post describes the FIPA and analyzes the advantages and disadvantages to businesses governed by the new law. The FIPA must still be signed by the Governor, but the law received unanimous support in the legislature, so his signature is expected. Once…
What’s The Next Wave of Privacy Litigation? “Failure to Match”
A client recently asked me to identify the next wave of data privacy litigation. I said that with so much attention on lawsuits arising from data breaches, particularly in light of some recent successes for the plaintiffs in those lawsuits, the way in which companies collect information and disclose what they are collecting is flying…
Healthcare Organizations Take It On The Chin
If you have noticed an increasing number of high profile problems for healthcare organizations with respect to privacy and security issues these last few weeks you’re not alone. The issues have ranged from employee misuse of protected health information, web-based breaches, photocopier breaches, and theft of stolen computers that compromised millions of records containing unsecured…