Millennials Reporting More Electronic Scams, but Smaller Losses than Individuals Over 40

Scams, whether initiated online or over the phone, affect people of all ages. However, to the surprise of some, the Federal Trade Commission (FTC) has found that individuals in the millennial generation, which the FTC defined as people between 20 and 39, are 25 percent more likely to report losing money to fraud from electronic scams.  In its report, the FTC analyzed the reporting rates of fraud from September 2017 to August 2019, including the following types: 1. Online shopping 2. Business imposter scams…
Continue reading...

Securities and Exchange Commission Waits to Create Cryptocurrency Regulation

Although Congress ramped up its pressure on the Securities and Exchange Commission with the recent announcement of Facebook’s new cryptocurrency, it appears clear regulations are still far down the line. The SEC’s responses at a recent panel suggest that Facebook’s planned launch of Libra in mid-2020 will not lead to an immediate release of regulations specifically designed to address cryptocurrencies. In June, Facebook announced that it would be getting into the cryptocurrency market with Libra, a digital currency supposedly targeted at the 1.7 billion unbanked…
Continue reading...

Part 3: Coverage Considerations Under CGL Policies for CCPA Violations

This blog post is our third in a multi-part series addressing what insurers need to know about the California Consumer Privacy Act (CCPA). Imagine this: You own a successful string of sporting goods stores across California. Not only do you sell goods directly, but you also finance large purchases to well-qualified buyers and have a generous rewards program. When customers log in to your website, you gather personal information (e.g., name, email address, cell number, etc.). In order to participate in the rewards…
Continue reading...

The Push for a National Data Privacy Law Continues as Tech Giants Write to Congress

On September 10, 2019, 51 companies from the Business Roundtable joined together to send a letter to House and Senate leadership asking them to pass “a comprehensive data privacy law that strengthens protections for consumers and establishes a national privacy framework to enable continued innovation and growth in the digital economy.” The companies included, among others, Amazon, IBM, AT&T, Chubb, and Marriot International, Inc. Signatures from Facebook CEO Mark Zuckerberg and Apple CEO Tim Cook were notably absent, although both have, in the past, supported…
Continue reading...

Ransomware Demands Increase for Municipalities

The trend of hitting local municipalities with ransomware attacks has continued this summer, along with increased monetary demands. In a recent attack, a small city outside of Jacksonville, Florida had its computers totally disabled when a hacker infiltrated its system and demanded bitcoin in exchange for the city’s data. For several days, the city attempted to resolve the issue without paying by working with the FBI and a security consultant. While these attempts may have eventually been successful, the city ultimately determined that paying the
Continue reading...

Cyber Insurance: Enabler of Ransomware Events? Not Quite

Ransomware is once again front and center in the news with reports of a rash of attacks on public and private entities throughout the United States. Some suggest that the proliferation of cyber insurance is fanning the flames of cyberattacks, but there is scant evidence to support that conclusion. In fact, cyber insurance merely offers insureds options in how to respond to a ransomware event. A recent ProPublica article speculates that cyber insurance’s ability to assist insured’s operations to quickly recover from a ransomware event…
Continue reading...

Another Month, Another Major Data Breach – This Time at Capital One

Capital One Financial Corp., the fifth largest United States credit card issuer, announced on July 29, 2019 that a data breach exposed approximately 140,000 Social  Security numbers and about 80,000 linked bank account numbers – impacting nearly 100 million U.S. residents and 6 million Canadian residents. The breach also included other personal information like names, addresses, postal codes, phone numbers, email addresses, dates of birth and self-reported income, credit scores, credit limits, balances, payment history, contact information and fragments of transaction data from a total…
Continue reading...

New York State Passes Legislation Expanding Data Security Prevention and Notification Requirements

On July 25, 2019, New York state passed a substantial expansion of its data security law in the form of two new pieces of legislation: the Identity Theft Prevention and Mitigation Services Act (ITPMS Act) and the Stop Hacks and Improve Electronic Data Security Act (SHIELD Act). The ITPMS Act is less impactful for businesses, but perhaps more useful for consumers. First, it requires credit reporting agencies that experience a breach involving Social Security numbers to give consumers the right to freeze their credit score…
Continue reading...

Decision to Dismiss Suit Seeking to Hold Facebook Liable for Hamas Attacks Affirmed by the Second Circuit

The United States Court of Appeals for the Second Circuit affirmed the dismissal of a lawsuit seeking to hold Facebook, Inc. liable for providing Hamas, a Palestinian Islamist organization who is a U.S. designated foreign terrorist organization, a communication platform to encourage and enable acts of violence in Israel. Over three years ago, victims, estates, and family members of victims of terrorist attacks in Israel brought suit against Facebook alleging that Facebook provided material support to the terrorist organization by failing to remove content posted…
Continue reading...

Part 2: Insurance Company Compliance with the CCPA as Businesses


This blog post is our second post in a multi-part series addressing what insurers need to know about the California Consumer Privacy Act (CCPA). This post focuses on insurers’ compliance obligations under the CCPA. If you would benefit from a background discussion on the CCPA, please visit our first post in this series entitled “Part 1: The California Consumer Privacy Act – What Insurers Need to Know.” The CCPA applies to insurers to the extent they qualify as “businesses” that “collect or determine…
Continue reading...