Exploring the evolution of cybersecurity and privacy law
The UK Information Commissioner’s Office (“ICO”) announced on 30 October 2020 that it has decided to fine Marriott International, Inc. (“Marriott”) £18.4m under the General Data Protection Regulation (“GDPR”) for a personal data breach that occurred in relation to the Starwood guest reservation database system and affected up to 339 million guests, around 30 million…
The UK Information Commissioner’s Office (“ICO”) announced on 16 October 2020 that it has ultimately decided to fine British Airways (“BA”) £20 million for BA’s contraventions of the General Data Protection Regulation (“GDPR”) associated with the personal data breach BA first disclosed on 6 September 2018, which affected the personal data of over 400,000 customers…
On September 12, 2016, the US Court of Appeals for the Sixth Circuit held in Galaria v. Nationwide Mutual Insurance Co., Nos. 15-3386/15-3387 (6th Cir. Sept. 12, 2016) that the plaintiffs in two related lawsuits properly alleged standing to pursue claims arising from a 2012 attack on the defendant insurance company’s computer network. The…
A recent possible hack of the Hong Kong Department of Health’s (DH) record system in Hong Kong may affect 17,000 patients.
On 19 July 2016, the DH discovered suspicious files on the computer server hosting its Immunisation Record System. The suspicious files were believed to have been saved on the server after a…
On April 14, 2016, the United States Court of Appeals for the Seventh Circuit held that the two plaintiffs in Lewert v. P.F. Chang’s China Bistro, Inc., No. 14-3700 (7th Cir. Apr. 14, 2016) have standing to pursue claims arising from a 2014 data breach suffered by that restaurant chain. The court, in an…
