All in Privacy + Cybersecurity

Zappos and the Supreme Court’s Reluctance to Address Privacy Harms Under Article III Standing

On Monday, the Supreme Court denied cert in Zappos.com, Inc. v. Stevens, signaling that the Court remains reluctant to address privacy harms under Article III standing.  The petition for certiorari in Zappos asked the Court to resolve a circuit split over whether individuals have standing where their personal information is held in a database breached by hackers, even if they have not actually suffered an injury from that data breach. 

Issue-spotting Federal Privacy Framework from Congressional Hearings

On February 26 and 27, commerce committees in the House and Senate convened the first consumer data privacy hearings of the 116th Congress. These hearings reflect a growing consensus on Capitol Hill that, in light of developments both in the states and overseas, a comprehensive federal privacy framework is becoming increasingly necessary to address an increasingly fragmented and incongruous patchwork of privacy regulation to the detriment of consumers and industry.

The FTC is Back Up and Running: The Chairman’s Update on Agency Priorities

FTC Chairman Joe Simons outlined the agency’s priorities in his keynote at the ABA’s consumer protection conference on Tuesday, promising vigorous enforcement as the agency emerges from the shutdown.  Without commenting on any pending investigations, he made clear that the agency would continue to pursue enforcement actions in a number of areas.  And he reiterated calls to Congress to give the agency new tools and expanded authority.

NIST Launches Effort to Establish IoT Security Baseline; Seeks Stakeholder Feedback

The National Institute of Standards and Technology (NIST), within the Department of Commerce, has launched an effort to identify “a core set of cybersecurity capabilities that could be a baseline for [Internet of Things (IoT)] devices.”  The discussion draft, Considerations for a Core IoT Cybersecurity Capabilities Baseline, is intended to solicit stakeholder feedback and includes NIST’s “initial thoughts about what a core baseline of cybersecurity capabilities that are important for most IoT devices would look like.”

Big Data Transforming Healthcare, But Cybersecurity Issues Loom

Mobile and cloud technologies, combined with big data and advanced analytics are revolutionizing our healthcare system, making life-saving care accessible to more patients. At the same time, the medical sector is under constant cyberattack. The healthcare infrastructure, electronic medical records and medical devices are all targets of malicious activity by criminals, hacktivists and nation states.