Phil Yannella, Ballard Spahr litigation partner and Practice Leader of Ballard’s Privacy & Data Security Group, recently authored a treatise on data breach and privacy litigation.  The book, Cyber Litigation: Data Brach, Data Privacy & Digital Rights, is published by Thomson Reuters and is available now for purchase.  The publication of CyberLitigation comes at an

Subscribers to each service will receive weekly emails and have the opportunity to discuss developments in each area during a monthly call.  Additionally, subscribers will be enrolled in an interactive, searchable, online database that enables subscribers to have 24-hour access to our information and analysis.

To further educate our current subscribers and anyone else interested

On December 15th, the FTC announced in a press release that it had reached a settlement with a mortgage industry data analytics company to resolve allegations in the FTC’s administrative complaint that the company had failed to ensure one of its vendors was adequately securing personal data about tens of thousands of mortgage holders under

On December 18, 2020, the Office of the Comptroller of the Current (OCC), Federal Reserve Board (FRB), and Federal Deposit Insurance Corporation (FDIC) announced an interagency notice of proposed rulemaking that would require supervised banking organizations to provide notification of significant computer security incidents to their primary federal regulator.  Under the proposed rule, for incidents

On October 29, 2020, the Federal Trade Commission (FTC) will host a virtual workshop entitled, “Green Lights & Red Flags: FTC Rules of the Road for Business.”  The workshop will cover a broad array of topics within the FTC’s jurisdiction, including truth-in-advertising law, social media marketing, data security, business-to-business fraud, and other business

Yesterday, Andrew Smith, Director of the FTC’s Bureau of Consumer Protection, announced the following three major improvements that have been made to FTC orders in data security cases:

  1. Specificity: To counter past criticisms that FTC orders to implement comprehensive information security programs were too vague, FTC orders will now require specific security safeguards that address

I am pleased to announce that Kim Phan, an attorney noted for her work on privacy and data security issues for a variety of industries, including consumer financial services, retail, and higher education, has returned to Ballard Spahr as a partner after a short absence.  She will be based in the firm’s Washington, D.C. office.

Arizona Governor Doug Ducey signed HB 2154 into law on April 11, 2018, amending and strengthening the state’s data breach notification law. Notably, the amended law significantly expands the definition of “personal information” to include a number of new data elements, including online account credentials, certain health information, and biometric data used to authenticate an