Privacy & Cybersecurity

On August 16, 2021, the U.S. Securities and Exchange Commission announced that Pearson plc, a publicly traded British multinational educational publishing and services company, agreed to pay a $1 million civil penalty in a settlement related to charges that Pearson misled investors about a 2018 data breach resulting in the theft of millions of student records.
Continue Reading SEC Sanctions Public Company for Misleading Disclosures About Data Breach

The Second Circuit just affirmed the dismissal of a data breach class action predicated on an alleged increased risk of identity theft on Article III standing grounds. 
Continue Reading Second Circuit Affirms Dismissal of Data Breach Class Action on Article III Standing Grounds, Citing Unanimity of Circuits on “Increased Risk” Claims

On November 26, 2020, the French Data Protection Authority announced that it imposed a fine of €2.25 million on Carrefour France and a fine of €800,000 on Carrefour Banque for various violations of the EU General Data Protection Regulation and Article 82 of the French Data Protection Act governing the use of cookies.
Continue Reading CNIL Fines Two Companies of the Carrefour Group €3.05 Million for GDPR and Cookie Violations

Earlier this year, The Retail Equation, a loss prevention service provider, and Sephora were hit with a class action lawsuit in which the plaintiff claimed Sephora improperly shared consumer data with The Retail Equation without consumers’ knowledge or consent.
Continue Reading Multiple Retailers Sued Under CCPA for Sharing Data Used to Identify Fraudulent Returns

On August 6, 2020, President Trump signed executive orders imposing new economic sanctions under the International Emergency Economic Powers Act (50 U.S.C. § 1701 et seq.) and the National Emergencies Act (50 U.S.C. § 1601 et seq.) against TikTok, a video-sharing mobile application, and WeChat, a messaging, social media and mobile payments application.
Continue Reading U.S. Government Takes Aim at TikTok and WeChat Citing Privacy and Security Concerns

Listen as Phyllis H. Marcus, partner at Hunton Andrews Kurth and Co-Chair of the ABA Antitrust Law Section’s Privacy and Information Security Committee, speaks about the privacy concerns over using smart devices on the ABA’s Our Curious Amalgam podcast, Is Your Assistant Spying on You? Understanding the Privacy Law Issues Involving In-Home Assistants.
Continue Reading Is Your Smart Home Too Smart? Hunton Partner Featured in ABA Podcast on Privacy and Smart Speakers

As reported in the Hunton Insurance Recovery Blog, a Maryland federal court awarded summary judgment to policyholder National Ink in National Ink and Stitch, LLC v. State Auto Property And Casualty Insurance Company, finding coverage for a cyber-attack under a non-cyber insurance policy after the insured’s server and networked computer system were damaged as a result of a ransomware attack.
Continue Reading Maryland Court Finds Coverage For Lost Data And Slow Computers After Ransomware Attack

As publicly traded retailers begin to prepare their annual reports and 2020 proxy statements, they should keep in mind a number of new and amended SEC disclosure items. As detailed in our recent client alert, hot topics for proxy statements include hedging policy disclosure, board diversity disclosure and overboarding of directors. In annual reports on Form 10-K, public retailers must consider new cover page requirements; new disclosure rules for material property, management’s discussion and analysis (MD&A) and exhibit filings; and most retailers will now disclose critical audit matters, or CAMS, as identified by their independent auditors.
Continue Reading Upcoming Changes to 2020 Proxy Statements and Annual Reports