
Scott Carpenter
Subscribe to all posts by Scott Carpenter
In a recent decision, the Ninth Circuit held that "the ECPA unambiguously applies to foreign citizens." In Suzlon Energy Ltd. v. Microsoft, Suzlon Energy demanded Microsoft to produce emails from the Hotmail email account of an Indian citizen imprisoned abroad. The district court held that the Electronic Communications Privacy Act ("ECPA") prohibited Microsoft from producing the documents even though the individual was not a U.S. citizen. The Ninth Circuit affirmed.
… Continue Reading
Where others have failed, Alan Claridge did not. Recently, a Federal judge in the Northern District of California declined to dismiss Plaintiff Claridge’s claims arising from a data breach involving the social entertainment site RockYou. Arguing that the data breach harmed the value of his personal information, Plaintiff convinced the court not to dismiss his action for … Continue Reading
The Federal Trade Commission recently announced that it reached a settlement with three consumer credit report resellers whose information security practices and procedures were not sufficient to prevent hackers to obtain more than 1,800 consumer credit reports without authorization. The settlement resolves allegations that the resellers violated the Fair Credit Reporting Act, the FTC Act and … Continue Reading
According to a federal court in the Northern District of California, United States border agents may not search a laptop without a warrant several months after the agents seized the laptop.… Continue Reading
data breach, class action, injury-in-fact, speculative, standing, Pisciotta, increased risk of harm
… Continue Reading
On December 7, 2009, a federal district court sitting in New Jersey dismissed a securities fraud class action lawsuit against Heartland Payment Systems arising from a massive breach of credit and debit card information and, in doing so, reinforced the difficulties private plaintiffs face in bringing data breach lawsuits under the federal securities laws.… Continue Reading
The Federal Trade Commission (“FTC”) announced today that, for the third time, it will delay enforcement of the Red Flags Rule until November 1, 2009 – a year after the original November 1, 2008 compliance deadline. In delaying enforcement yet again, the Commission stated that it intends to engage in an “expanded business education campaign” in … Continue Reading
The Electronic Privacy Information Center (“EPIC”) recently filed a complaint with the Federal Trade Commission (“FTC”) accusing Google of failing to implement adequate privacy and data security safeguards and engaging in unfair and deceptive trade practices related to its “cloud computing” services.… Continue Reading
A U.S. District Court for the Middle District of Florida recently issued a preliminary injunction ordering CyberSpy Software, LLC to stop promoting and selling “RemoteSpy,” a keylogger software program that, once installed on a computer, collects information regarding use of the computer.… Continue Reading
The Federal Trade Commission (“FTC”) recently announced that it will not enforce the new Red Flag Rules until May 1, 2009, giving financial institutions and creditors an additional six months to comply by developing and implementing a written identity theft prevention program. In an Enforcement Policy Statement released on October 22, 2008, the FTC acknowledged … Continue Reading
On September 4, 2008, in American Bankers Association v. Lockyer, No. 05-17163, 2008 WL 4070308 (9th Cir. Sept. 4, 2008), the Ninth Circuit Court of Appeals revived part of the California Financial Information Privacy Act (“S.B. 1”), allowing consumers to opt-out of certain information-sharing activities between financial institutions and their affiliates. Previously, in the 2005 case … Continue Reading
On May 16, 2008 the U.S. Court of Appeals for the Fifth Circuit agreed with a number of other courts, holding that the Communications Decency Act (“CDA”) (47 U.S.C. Sec. 230) protects social networking websites from liability with respect to negligence claims based on third-party content published on the website and the consequences stemming from … Continue Reading
Website Operator Can Be Held Liable for State Intellectual Property Violations A federal district court in New Hampshire recently ruled that Section 230 of the Communications Decency Act of 1996 (“CDA”) does not prevent a state law right of publicity claim against a Website operator. In Doe v. Friendfinder Network, Inc., No. 07-286, 2008 WL 803947 … Continue Reading
In light of growing concerns over identity theft, data breaches, and the hacking of online brokerage accounts, the Securities and Exchange Commission (“SEC”) has recently proposed new amendments to Regulation S-P – the SEC’s existing privacy rules mandated under the Gramm-Leach-Bliley Act. The SEC’s unanimous approval of these proposed rules signals the Commission’s desire to more … Continue Reading
http://www.csoonline.com/article/217027/CSO_Disclosure_Series_What_s_Next_with_Disclosure_Legislation_ … Continue Reading
Businesses are on notice to pay more attention to computer security in order to protect business assets and private information, and to thwart infiltrations that threaten interconnected computers. And help is available from the United States Computer Emergency Readiness Team (“US-CERT”). Department of Homeland Security (“DHS”) Secretary Michael Chertoff and Assistant Secretary of Cybersecurity Greg Garcia recently warned … Continue Reading
Ninth Circuit: ECPA Protects Stored Communications of Foreign Citizens
By Scott Carpenter on Posted in Electronic Communications
Judge Finds Injury-in-Fact Adequately Alleged in RockYou Data Breach Action
By Scott Carpenter on Posted in Data Breaches
Credit Report Resellers Settle FTC Charges Over Poor Security
By Scott Carpenter on Posted in FTC Enforcement
Federal Court Limits Warrantless Border Searches
By Scott Carpenter on Posted in Fourth Amendment
Lack of Standing Argument Wins Against Supposed Data Breach Victim
By Scott Carpenter on Posted in Data Breaches
Data Breach Class Action Fails – Court Dismisses Securities Fraud Case Against Heartland
By Scott Carpenter on Posted in Data Breaches
Third Time’s A Charm: FTC Delays Enforcement Of The Red Flags Rule Again
By Scott Carpenter on Posted in Identity Theft
EPIC Petitions for a Closer Look at the Cloud – Privacy Group Asks the FTC to Investigate Google Cloud Computing for Inadequate Safeguards and Unfair and Deceptive Trade Practices
By Scott Carpenter on Posted in Online Privacy
Federal Court Enjoins Sale of Keylogger Program
By Scott Carpenter on Posted in FTC Enforcement
FTC Suspends Enforcement of Red Flag Rules For Six Months
By Scott Carpenter on Posted in Identity Theft
California’s Financial Information Privacy Act Affiliate Sharing Provisions Narrowly Survive Complete Preemption
By Scott Carpenter on Posted in Direct Marketing
CDA Protects MySpace from Underage User’s Negligence Claim
By Scott Carpenter on Posted in Communications Decency Act
Immunity Under the CDA Has Its Limits According to Two Recent Federal Court Decisions
By Scott Carpenter on Posted in Communications Decency Act
SEC Seeks to Better Protect Investors’ Privacy With Proposed Amendments to Regulation S-P
By Scott Carpenter on Posted in Data Privacy Laws
Proskauer’s Tanya Forsheit Gives Web Exclusive Interview on Pending Data Breach Legislation
By Scott Carpenter on Posted in Data Privacy Laws
DHS Says Infrastructure More Vulnerable to Cyber Attacks; Private Businesses Told to Be Vigilant
By Scott Carpenter on Posted in Miscellaneous