Part 4: Privacy Policy Requirements Under the CCPA

This is our fourth blog post in a multi-part series addressing what insurers need to know about the California Consumer Privacy Act (CCPA). This post focuses on a business’ obligations when it comes to their privacy policy, such as including and disclosing certain information regarding consumers’ rights. While this post does not require any background on the CCPA, if you would like the benefit of our preliminary discussions before diving into this post we invite you to start with Part 1: The California Consumer Privacy
Continue reading...

Millennials Reporting More Electronic Scams, but Smaller Losses than Individuals Over 40

Scams, whether initiated online or over the phone, affect people of all ages. However, to the surprise of some, the Federal Trade Commission (FTC) has found that individuals in the millennial generation, which the FTC defined as people between 20 and 39, are 25 percent more likely to report losing money to fraud from electronic scams.  In its report, the FTC analyzed the reporting rates of fraud from September 2017 to August 2019, including the following types: 1. Online shopping 2. Business imposter scams…
Continue reading...

Securities and Exchange Commission Waits to Create Cryptocurrency Regulation

Although Congress ramped up its pressure on the Securities and Exchange Commission with the recent announcement of Facebook’s new cryptocurrency, it appears clear regulations are still far down the line. The SEC’s responses at a recent panel suggest that Facebook’s planned launch of Libra in mid-2020 will not lead to an immediate release of regulations specifically designed to address cryptocurrencies. In June, Facebook announced that it would be getting into the cryptocurrency market with Libra, a digital currency supposedly targeted at the 1.7 billion unbanked…
Continue reading...

National Counterintelligence and Security Center Launches Effort to Protect Industry Against State Actors

On January 7, 2019, the National Counterintelligence and Security Center (NCSC), which coordinates counter-intelligence efforts within the U.S. government, announced that it would begin disseminating its “Know the Risk, Raise Your Shield” materials in an effort to assist the private sector in guarding against threats from foreign intelligence entities and other adversaries.  This campaign appears to have been prompted by the Trump administration’s efforts to drive U.S. companies to better protect their trade secrets from foreign hackers.  This comes on the heels of recent cyber-attacks…
Continue reading...

In Pennsylvania, Employers (and Others) may be Liable for Failing to Protect Personal Information that They Collect

On November 21, 2018 Pennsylvania’s highest court ruled that employers in Pennsylvania have an affirmative legal duty to protect workers’ sensitive data from possible hacking.  This ruling has profound implications for employers, which may now be subject to liability for failing to take reasonable precautions to protect their employees from cyber attacks. In a proposed class action, employees of the University of Pittsburgh Medical Center sought damages after a data breach exposed the personal information – including names, dates of birth, addresses, Social Security numbers,…
Continue reading...

An International Vow to Address Cybersecurity

On Monday, November 12, 2018 , during the Internet Governance Forum at UNESCO’s headquarters in Paris, the French President Emmanuel Macron announced an international agreement referred to as the “Paris Call for Trust and Security in Cyberspace.” The agreement was signed by over 50 countries as well as businesses, including Facebook, Google, and Microsoft, and other organizations. Australia, the United States, Israel, Russia, and China are notably absent. The agreement first highlights what is the future of AI, the central role cyberspace plays in…
Continue reading...

The GDPR Question and Answer Guide

Attorneys in Goldberg Segalla’s Cybersecurity and Data Privacy, Global Insurance Services, and other practice groups have fielded countless questions from clients and colleagues curious (or concerned) about the European Union’s (EU) General Data Protection Regulation (GDPR), the landmark legislation governing data protection and privacy for all individuals within the European Union, as well as the export of all data from the EU and European Economic Area (EEA). Here, we answer the most frequently asked questions pertaining to the GDPR’s who, what, when, where, how, and…
Continue reading...

The FTC Gang’s All Here

As we noted in a previous post, the United States Senate has confirmed five new commissioners, bringing a full complement to the Federal Trade Commission (FTC). Four of those commissioners have taken their seats, with the fifth likely to join in the Fall. Earlier this month, the “new” FTC signaled a continued commitment to act in the area of data privacy and security by reaching a settlement with a California company regarding false claims regarding compliance with the European Union-United States Privacy Shield framework
Continue reading...

An Insurer’s Guide to Navigating the Legal Landmines of Cybersecurity Regulation

Cybersecurity is front and center now, especially for the financial services industry which includes insurance and reinsurance companies, among others.  States and regulators are passing laws and promulgating regulations designed to protect customer data in the possession of insurers and their associates. These new statutes and regulations aimed at the insurance industry are in addition to the myriad of other requirements imposed by government for the protection of this data. Aaron J. Aisen, co-chair of the regulatory sub-practice group in the Global Insurance Services
Continue reading...

The FTC Gang’s All Here – Five New Commissioners Confirmed

The Federal Trade Commission (FTC) is widely recognized as the primary federal regulator of cybersecurity and data privacy by virtue of its authority under Section 5 of the Federal Trade Commission Act to take enforcement action against unfair and deceptive trade practices, which authority has been upheld by various courts including the U.S. Court of Appeals for the Third Circuit. For just over a year, the FTC has operated with only two commissioners, one Republican and one Democrat. On April 26, 2018, the United States…
Continue reading...