Washington legislators recently introduced the Washington Privacy Act (WPA). This legislation is a consumer-focused privacy law similar to the California Consumer Privacy Act (CCPA) but it also has some European Union General Data Protection Regulation (GDPR)-like concepts. The WPA protects personal data in much the same way as the CCPA, but with some significant differences.
Help with Yelp: Posting Personal Information in Response to a Negative Review Can Land You in Hot Water
Virtually every company that provides goods or services to the public will, at some point, have a negative review posted online by a dissatisfied consumer. While such reviews are understandably upsetting, a company should not respond in kind with negative comments about the reviewer and certainly should not reveal personal or sensitive information about them.…
New Hampshire Enacts Insurance Data Security Law
New Hampshire Governor Chris Sununu recently signed the New Hampshire Insurance Data Security Law, which “establishes the exclusive state standards applicable to licensees for data security, the investigation of a cybersecurity event…, and notification to the commissioner.” The law is applicable to all persons or entities licensed, authorized to operate, registered or required to be…
Privacy Tip #196 – Free Credit Monitoring for Active Duty Military and National Guard Personnel
Part of the 2018 Economic Growth, Regulatory Relief, and Consumer Protection Act (which amended the Fair Credit Reporting Act) included a provision requiring credit reporting agencies (CRAs) to provide free electronic credit monitoring services to active duty military personnel. CRAs are required by law to notify active duty military consumers about any “material” additions or…
Federal Legislation Enables Consumers to Obtain Security Freezes on Credit Reports Free of Charge
Federal legislation recently took effect that prohibits consumer reporting agencies from charging a fee to place or remove (lift) a security freeze on a consumer credit report in response to a consumer request. The “Economic Growth, Regulatory Relief, and Consumer Protection Act” (the Act) was passed on May 24, 2018. The Act includes important updates to the Fair Credit Reporting Act (FCRA) that may in turn affect the information that businesses provide to customers or clients in response to a data breach or similar security incident.
Continue Reading Federal Legislation Enables Consumers to Obtain Security Freezes on Credit Reports Free of Charge
The Importance of Protecting the Last Four Digits of Your Social Security Number
We all know that it is important to protect our Social Security number. But sometimes companies still try to use the last four digits of our Social Security numbers as identifiers or to verify identity in some way. The use of Social Security numbers began in 1936 long before computers, the internet, and identity theft…
Trans Union Hit with Largest FCRA Verdict to Date
Trans Union, LLC, one of the largest credit reporting agencies in the United States has been hit with a verdict by a California jury for $60 million, which is the largest verdict under the Fair Credit Reporting Act (FCRA) to date.
The class action complaint was filed in 2012 and alleged that Trans Union credit…
Fourth Circuit Vacates $12M FCRA Class Action Judgment Against Experian
On May 11, 2017, the Fourth Circuit Court of Appeals vacated a $12 million judgment against Experian Information Solutions, Inc. (“Experian”) in a class action against the credit reporting bureau alleging violations of the Fair Credit Reporting Act (“FCRA”). Relying on the standard set forth by the U.S. Supreme Court in Spokeo, Inc. v. Robins, the circuit court held the named plaintiff lacked constitutional standing because he suffered no “concrete” injury from the alleged statutory violation.
The claims in the lawsuit involved the FCRA requirement that credit reporting agencies must, upon request, clearly and accurately disclose to a consumer the “sources of the information” in the consumer’s file at the time of the request. 15 U.S.C. § 1681g(a)(2). As part of a background check in connection with obtaining security clearance, the lead plaintiff, Michael Dreher, obtained a series of credit reports from Experian which listed a delinquent credit card account identified as Advanta associated with his name. Unbeknownst to Dreher, Advanta has been closed since 2010 and a company named CardWorks had been appointed as a servicer for the company acquiring Advanta’s receivables.
Continue Reading Fourth Circuit Vacates $12M FCRA Class Action Judgment Against Experian
16 Data Breach Class Action Lawsuits Filed Against 21st Century Oncology Consolidated
We previously reported that 21st Century Oncology suffered a data breach in October 2015 involving an intrusion into its systems which compromised around 2 million patients’ records, including their names, Social Security numbers, physicians’ names, insurance information, treatment information and diagnoses [view related posts here and here]. As a result of the data…
California Federal Judge Certifies Class in S2Verify FCRA Class Action, Using Spokeo Concreteness Test
Last week, the decision in the Spokeo case influenced a California court’s decision to certify a class in a Fair Credit Reporting Act (FCRA) case. The class of applicants who claim that S2Verify, a background check company, unlawfully included criminal information in their reports, includes approximately 4,500 individuals who were subject to S2Verify reports from…