• Posts by Jacob D. Rhode
    Partner

    Jacob Rhode assists clients with litigation and dispute resolution, helping develop and implement strategies to successfully resolve corporate disputes.

    Jacob primarily works on complex commercial and financial services ...

September 2018 was a busy month for data privacy. We expect the next several months to be extremely active as well, especially with the number of new complaints and data breach notices filed in Europe since May. We will continue to monitor and update developments as the data privacy framework continues to evolve.

G-Day is May 25, 2018, the day when the European Union’s General Data Protection Regulation (“GDPR) is set to go into effect.  Even though the Regulation has been approved and available for review for more than a year, most companies are still working to determine whether GDPR applies and, if so, how to become GDPR compliant.  The litigators from KMK’s Cybersecurity and Privacy Team have prepared a Legal Alert which helps companies answer both questions. 

Two decisions last week further widened the divide among the Courts of Appeals in applying Spokeo in cybersecurity litigation.

Two Courts of Appeals have issued decisions during the past week related to cybersecurity and data retention which anyone who maintains electronic data and personal information should read.

Last week the Seventh Circuit reinstated the Neiman Marcus data breach class action, holding that plaintiffs had satisfied Article III’s standing requirements based on at least some of the injuries they alleged. In doing so, the Seventh Circuit became the first federal court of appeals to rule on a challenge to the standing of purported data breach victims in light of the Supreme Court’s decision in Clapper v. Amnesty International, 133 S. Ct. 1138 (2013), and diverged from the growing majority of federal district courts that have held similar allegations are insufficient to confer standing.

Last week, the Eastern District of Louisiana joined the growing majority of district courts around the country that have held increased risk of future identity theft or identity fraud posed by a data breach is not sufficient to confer Article III standing on individuals whose information has been compromised but not yet misused.

On April 29, the Department of Justice published its “Best Practices for Victim Response and Reporting of Cyber Incidents”, which is an excellent, easy to read summary of steps companies can take to protect against cybersecurity incidents 

Blog Contacts:  
Joe Callow, Litigation Partner
jcallow@kmklaw.com or 513.579.6419

Rob Lesan, Business Representation & Transactions Partner
rlesan@kmklaw.com or 513.579.6939

Jump to Page
Close