Category: Privacy & Information Security

1
TRUMP’S CAMPAIGN TO GO IT ALONE ON FIRST AMENDMENT CHALLENGE TO THE TCPA
2
As Campaign Draws to a Close, Trump’s First Amendment Challenge to the TCPA Continues On
3
FinCEN Looks to Financial Institutions to File SARs Regarding Cyber-Events
4
Cracking the Code: Cybersecurity for Tomorrow
5
Hold On, You Didn’t Overpay for That: Courts Address New “Overpayment” Theory from Plaintiffs in Data Breach Cases
6
Bank of England Launches FinTech Accelerator
7
Heard at the 2016 SIFMA Conference
8
Treasury Department Issues Cybersecurity Checklist for Financial Institutions: What Might Apply to Your Financial Services Company?
9
Connecticut Mandates Identity Theft Services for SSN Data Breaches
10
FCC Empowers TCPA Plaintiffs At Peril Of Businesses

TRUMP’S CAMPAIGN TO GO IT ALONE ON FIRST AMENDMENT CHALLENGE TO THE TCPA

By Andrew C. Glass, Gregory N. Blase, Christopher J. Valente, and Michael R. Creta

On Monday, the U.S. Department of Justice (“DOJ”) declined to intervene in Thorne v. Donald J. Trump for President, Inc., 1:16-cv-04603 (N.D. Ill.). As previously discussed here, a class of plaintiffs sued President-Elect Trump’s campaign alleging violations of the Telephone Consumer Protection Act (“TCPA”) in connection with text messages sent during the campaign. In seeking dismissal of the suit, the campaign argued that the TCPA does not pass muster under the First Amendment. Specifically, the campaign asserted that Congress’s November 2015 exemption of calls relating to government debt constitutes “preferential treatment” and qualifies as a “blatant and egregious form of content discrimination.”

The DOJ did not provide a reason for declining to intervene, and the campaign is now faced with the prospect of going it alone in its First Amendment challenge to the TCPA.

As Campaign Draws to a Close, Trump’s First Amendment Challenge to the TCPA Continues On

By Andrew C. Glass, Gregory N. Blase, Christopher J. Valente, and Michael R. Creta

Donald Trump’s presidential campaign recently moved to dismiss a Telephone Consumer Protection Act (“TCPA”) claim on First Amendment grounds. Thorne v. Donald J. Trump for President, Inc., 1:16-cv-04603 (N.D. Ill.). The class-action complaint alleged that the campaign violated the TCPA by sending text messages without permission. In response, the campaign argued that the TCPA’s prohibition on the use of automatic telephone dialing systems (“ATDS”) for calls or text messages placed to cellular telephones, 47 U.S. Code § 227(b)(1)(A)(iii) (the “cell phone ban”), improperly regulates speech on the basis of content. Specifically, the campaign asserted that the ban cannot withstand strict scrutiny because it does not “further[] a compelling interest” and is not “narrowly tailored to achieve that interest.” Arizona Free Enterprise Club’s Freedom Club PAC v. Bennett, 564 U.S. 721, 734 (2011).

Read More

FinCEN Looks to Financial Institutions to File SARs Regarding Cyber-Events

By Mark A. Rush, Stanley V. Ragalevsky, Rebecca H. Laird, and Samuel P. Reger

On October 25, 2016, the Financial Crimes Enforcement Network (“FinCEN”) issued an advisory (the “Advisory”) explaining the obligations a “financial institution” might have under the Bank Secrecy Act (“BSA”) regarding “cyber-events and cyber-enabled crime.” The Advisory states that even if an actual financial transaction did not take place as result of a cyber-event, a financial institution may still be required to file a Suspicious Activity Report (“SAR”) in certain circumstances. Because of this, a covered financial institution should reconsider its obligations under the BSA after a cyber-event.

To read the full alert, click here.

Cracking the Code: Cybersecurity for Tomorrow

Please join K&L Gates and Carnegie Mellon University for a complimentary one-day program focusing on the prevention of, response to and investigation of cyber threats.

Date/time: Thursday, November 10, 8:00 am – 5:15 pm

Location: This event will be presented live at K&L Gates Pittsburgh and video broadcast to K&L Gates offices in Boston, Charleston, Charlotte, Harrisburg, Newark, New York, Raleigh, Research Triangle Park, and Washington, D.C.

Click here for more information and registration details.

Hold On, You Didn’t Overpay for That: Courts Address New “Overpayment” Theory from Plaintiffs in Data Breach Cases

By Andrew C. Glass, David D. Christensen and Matthew N. Lowe

With the ever-increasing amount of personal information stored online, it is unsurprising that data breach litigation has become increasingly common. A critical issue in nearly all data breach litigation is whether a plaintiff has standing to pursue claims—especially where there is no evidence of actual fraud or identity theft resulting from the purported data breach. The plaintiffs’ bar has pursued a litany of legal theories in the attempt to clear the standing hurdle, including the recent theory of “overpayment” (a/k/a “benefit of the bargain” theory). Under this theory, the plaintiff alleges that the price for the purchased product or service—whether sneakers, restaurant meals, or health insurance—included some indeterminate amount allocated to data security. Depending on how the theory is framed, the purported “injury” is either that the plaintiff “overpaid” for the product or service, or that the plaintiff did not receive the “benefit of the bargain,” because the defendant did not appropriately use the indeterminate amount to provide adequate data security. Despite plaintiffs’ attempts to establish standing through this novel theory, courts have limited its applicability in a variety of ways discussed in this alert.

To read the full alert, click here.

Bank of England Launches FinTech Accelerator

By Jonathan Lawrence

On 17 June 2016 the Governor of the Bank of England announced that the Bank is launching a FinTech Accelerator to work in partnership with FinTech firms to harness innovations for its own requirements as a central bank. In return, it will offer firms the chance to demonstrate their solutions for issues facing policymakers. The Accelerator will deploy innovative technologies on issues that matter to the Bank’s mission and operations. The Accelerator will appoint FinTech firms to run short Proof of Concept (POC) projects in a number of priority areas.

Read More

Heard at the 2016 SIFMA Conference

By Stephen G. Topetzes, Jon Eisenberg, Stavroula E. Lambrakopoulos, Shanda N. Hastings, Erin Ardale Koeppel, Nicole A. Baker, Andrew Edwin Porter and Ted Kornobis

Recently, attorneys from K&L Gates’ Government Enforcement practice group attended the Securities Industry and Financial Markets Association’s (“SIFMA”) Compliance and Legal Society Annual Seminar. We wanted to share with you a summary of the highlights of what we “heard at the SIFMA conference” from various regulators about key enforcement issues.

To read the full alert, click here.

Treasury Department Issues Cybersecurity Checklist for Financial Institutions: What Might Apply to Your Financial Services Company?

By: Mark A. RushThomas C. RyanJoseph A. ValentiSamuel P. Reger

On November 17, 2015, Deputy Treasury Secretary Sarah Bloom Raskin devoted her remarks at the Clearing House Annual Conference to financial sector cybersecurity. She concluded with a list of recommendations for handling cybersecurity at financial institutions. In light of them, prudent in-house counsel, compliance officers, and security personnel may want to review their company’s cybersecurity plan to determine which of the deputy secretary’s recommendations are applicable. This Alert recounts Deputy Secretary Raskin’s “to-do list” and provides step-by-step suggestions regarding cybersecurity response plans in light of it.

To read the full alert, click here.

Connecticut Mandates Identity Theft Services for SSN Data Breaches

By: Holly K. Towle

On June 30, 2015, Connecticut’s governor signed into law an amendment to the state’s data-security-breach-notice statute to mandate “appropriate” identity theft prevention services for breaches involving social security numbers. Identity theft mitigation services are also required “if applicable” (e.g., if identify theft actually occurs). The services must be provided at no cost and for at least 12 months. The statute does not explain which identity theft “prevention” or “mitigation” services are mandated or which are “appropriate.”

Read More

FCC Empowers TCPA Plaintiffs At Peril Of Businesses

By: Martin L. Stern, Andrew C. Glass, Gregory N. Blase, Joseph C. Wylie

At its June 18, 2015, open meeting, a sharply divided Federal Communications Commission made good on Chairman Tom Wheeler’s recent promise to bolster the Telephone Consumer Protection Act’s already strict rules and to bring about “one of the most significant FCC consumer protection actions since it established the Do-Not-Call Registry with the FTC in 2003.” While plaintiffs’ class action lawyers are likely to applaud the new measures, businesses are concerned that the new rules could unfairly restrict legitimate communications with customers.

Read More

Copyright © 2019, K&L Gates LLP. All Rights Reserved.