The Consumer Financial Protection Bureau (“CFPB”) filed an interesting consent order in re: Dwolla, Inc. concerning their cyber security practices. 1)See “CFPB Takes Action Against Dwolla for Misrepresenting Data Security Practices”, available at The order begins with CFPB identifying that it found, “deceptive acts and practices relating to false representations regarding [Dwolla’s] data-security practices”. […]Continue reading

The FTC brought an administrative action against LabMD, a Georgia based medical testing lab, because of a security incident occurring within the company. A decision by the administrative law judge came out recently essentially saying the FTC failed to carry their burden in proving actual or likely substantial harm to consumers.1)See “Initial Decision Docket No. […]Continue reading

Motor Carriers, that is interstate trucking companies, are granted the valuable right to define their relationship with shippers through a tariff, which is essentially a document setting out the rates, rules, and classifications pertaining to a shipment of goods.  At one time truckers were required to file these tariffs with the Interstate Commerce Commission (I.C.C.), […]Continue reading

The Federal Trade Commission (FTC) is very active and interested in data breaches and other cyber security incidents. The federal government and many state governments are slowly adding legislation that specifically addresses issues of cyber security and data breach reporting, but while those efforts slowly produce narrowly focused legislation, the FTC is trail blazing by […]Continue reading

I wrote briefly about the Hacking Team Data Breach yesterday in the context of data breaches generally. This is an interesting area of the law because of all the high profile breaches in the last couple of years, the upsurge in interest in cyber liability insurance products, and increasing numbers of regulatory regimes both domestically […]Continue reading