Decision to Dismiss Suit Seeking to Hold Facebook Liable for Hamas Attacks Affirmed by the Second Circuit

The United States Court of Appeals for the Second Circuit affirmed the dismissal of a lawsuit seeking to hold Facebook, Inc. liable for providing Hamas, a Palestinian Islamist organization who is a U.S. designated foreign terrorist organization, a communication platform to encourage and enable acts of violence in Israel. Over three years ago, victims, estates, and family members of victims of terrorist attacks in Israel brought suit against Facebook alleging that Facebook provided material support to the terrorist organization by failing to remove content posted…
Continue reading...

Part 2: Insurance Company Compliance with the CCPA as Businesses


This blog post is our second post in a multi-part series addressing what insurers need to know about the California Consumer Privacy Act (CCPA). This post focuses on insurers’ compliance obligations under the CCPA. If you would benefit from a background discussion on the CCPA, please visit our first post in this series entitled “Part 1: The California Consumer Privacy Act – What Insurers Need to Know.” The CCPA applies to insurers to the extent they qualify as “businesses” that “collect or determine…
Continue reading...

Biometric Class Action Against Facebook Greenlit by Ninth Circuit Court of Appeals

In an opinion article dated August 8, 2019, the Ninth Circuit Court affirmed the district court’s order certifying a class action of users who claim Facebook’s facial-recognition technology violates Illinois’s Biometric Information Privacy Act (BIPA). A copy of the Ninth Circuit’s opinion can be found here.  At issue is Facebook’s use of facial-recognition technology without first obtaining the consent of its users. The court agreed that the plaintiffs had sufficiently alleged a concrete and particularized harm sufficient to confer Article III standing. The court…
Continue reading...

Equifax Agrees to Largest Ever Data Breach Settlement

In connection with the massive 2017 Equifax data breach which affected more than 147 million consumers, a global settlement has been reached to resolve a multi-district consumer action as well as a suit brought by the Federal Trade Commission. Equifax, one of the largest consumer reporting agencies, was allegedly aware of a critical security vulnerability in March 2017. However, it failed to address the issue until July 2017, when suspicious traffic was detected. Ultimately, on September 7, 2017, Equifax announced a data breach involving…
Continue reading...

Fedex Becomes Victim of Latest Spat of Large Scale Cyber-Related Securities Class Actions

As if anyone needed yet another reminder of the invasive effect a cybersecurity event can have on a business, we need not to look any further than the  putative securities fraud class action lawsuits filed against global logistics giant FedEx. On June 26, 2019, the first lawsuit against FedEx was filed in the Southern District of New York. The complaint generally alleges that FedEx violated federal securities laws when it made allegedly fraudulent disclosures concerning the extent of the impact caused by the NotPetya malware…
Continue reading...

What Is Modern Warfare? Ninth Circuit Rules War Exclusions Do Not Preclude Coverage for First Party Loss Caused by Hamas Rocket Attacks

On July 12, 2019, the Ninth Circuit Court of Appeals found two “war” exclusions inapplicable, under California law, to a loss caused by 2014 hostilities between Israel and Hamas. Universal Cable Productions, LLC v. Atlantic Specialty Insurance Co., No. 17-56672, 2019 WL 3049034 (July 12, 2019). In doing so, the court overturned the Central District of California’s award of summary judgment in favor of Atlantic Specialty Insurance Company. The parties’ dispute arose out of Atlantic’s refusal to indemnify Universal for costs associated with Universal’s…
Continue reading...

Internet of Things Cybersecurity Improvement Act

On January 1, 2020, California’s “Security of Connected Devices” law (Senate Bill No. 327), which was enacted in 2018, will require companies that manufacture any device that connects “directly or indirectly” to the Internet that is sold in California to incorporate within the device “a reasonable security feature or features.” What constitutes as a “reasonable security feature” is largely undefined, but if the device is capable of authentication outside of a local area network (LAN), then the security will be deemed reasonable if a preprogrammed…
Continue reading...

House Representatives Ask Facebook to Halt Moving Forward with its Cryptocurrency

In the beginning of July 2019, four members of Congress in leadership roles in various committees in the House of Representatives issued a letter to Facebook’s executives calling for Facebook “to agree to a moratorium on any movement forward” with its proposed cryptocurrency, Libra, and proposed digital wallet, Calibra, citing concerns over “privacy, trading, national security, and monetary policy[.]”    In June 2019, Facebook announced its plan, which had been in development for a year, to create a cryptocurrency backed by financial assets assembled by the…
Continue reading...

Preparing Private Companies for Politically Motivated Cyberattacks

Law firms in the midst of large and publicly reported M&A deals, accounting firms during return season, and Facebook at just about any moment, should all assume that they are being targeted by hackers. However, the Department of Homeland Security’s (DHS) announcement that Iranian regime actors and proxies have been using “wiper” attacks adds a new indicator: geopolitical importance during politically sensitive times. The director of the Cybersecurity and Infrastructure Security Agency (CISA) released a tweet late last week notifying the public that Iran is…
Continue reading...

Part 1: The California Consumer Privacy Act — What Insurers Need to Know

Assembly Bill No. 375, better known as the California Consumer Privacy Act (CCPA), is likely the most robust and sweeping privacy law in the United States. This is not surprising as California is notoriously at the forefront of passing privacy legislation, even though close to 20 other states are also taking steps to pass similar legislation. The CCPA, which becomes effective January 1, 2020, creates a number of consumer rights regarding the collection, storage, selling, and processing of personal information, as well as corresponding business…
Continue reading...