The Supreme Court last week heard the supermarket chain Morrisons argue that it should not be held vicariously liable for its then in-house senior internal auditor publishing the personal data of almost 100,000 employees deliberately and without authorisation.

In seeking to overturn the judgment of the Court of Appeal that it is vicariously liable, Morrisons

This market trends article identifies comprehensive disclosures related to cybersecurity risks, including discussions about the potential reputational, financial, or operational harm resulting from cybersecurity breaches; the potential associated litigation or regulatory costs; and their policies and procedures addressing cybersecurity incidents, and concludes with practical advice on preparing the required disclosures regarding cybersecurity risks and incidents.

On June 6, 2018, the US Court of Appeals for the Eleventh Circuit ruled in favor of LabMD in the medical testing company’s closely watched challenge to the Federal Trade Commission’s (“FTC”) data security enforcement action. While assuming that the FTC was correct that LabMD’s allegedly unreasonable security practices constituted an unfair act or practice

On June 22, 2017, the US Court of Appeals for the Second Circuit—addressing what the court characterized as an issue of first impression for the federal circuit courts—held that the Telephone Consumer Protection Act (“TCPA”) does not permit consumers to revoke their consent to receive calls on their cell phones if they are parties to

Data is rapidly becoming a company’s most valuable asset. Innovations in data analytics, artificial intelligence tools that use data and other technologies are accelerating this trend. Unfortunately, bad actors who seek to obtain or compromise your data and systems are also innovating. Breaches of personal data may lead to litigation, investigations, fines, penalties and reputational

On September 12, 2016, the US Court of Appeals for the Sixth Circuit held in Galaria v. Nationwide Mutual Insurance Co., Nos. 15-3386/15-3387 (6th Cir. Sept. 12, 2016) that the plaintiffs in two related lawsuits properly alleged standing to pursue claims arising from a 2012 attack on the defendant insurance company’s computer network. The

On April 14, 2016, the United States Court of Appeals for the Seventh Circuit held that the two plaintiffs in Lewert v. P.F. Chang’s China Bistro, Inc., No. 14-3700 (7th Cir. Apr. 14, 2016) have standing to pursue claims arising from a 2014 data breach suffered by that restaurant chain. The court, in an

In a noteworthy decision on the coverage of data breaches by commercial general liability (CGL) policies, the United States Court of Appeals for the Fourth Circuit affirmed a lower court’s August 2014 holding that Portal Healthcare Solutions LLC (Portal) is covered under its CGL policies with The Travelers Indemnity Company of America (Travelers). The unpublished