Target Resolves State Attorney Generals’ Investigation

By on May 25, 2017 Posted in Data breach, Regulatory response

Data Protection Report - Norton Rose Fulbright

On May 23, 2017, it was announced that Target Corporation had settled the investigation initiated by the Attorneys General[1] of 47 states and the District of Columbia resulting from its 2013 data security incident. Besides the $18.5 million being paid (the largest State AG data breach settlement amount to date), it is the promised remedial … Continue reading

Australian Mandatory Data Breach Regime Moves Closer to Reality

By on April 18, 2016 Posted in Regulatory response

As mentioned in our previous legal update, the Australian Attorney-General’s Department released and sought comments on an exposure draft of a mandatory data breach notification bill, the Privacy Amendment (Notification of Serious Data Breaches) Bill 2015 (Cth) (Exposure Bill). The time for submissions has now closed, and the Attorney-General’s Department has published a number of the non-confidential … Continue reading

New data security law in Connecticut imposes new requirements on businesses, regulated entities, and state contractors

By on July 27, 2015 Posted in Regulatory response

On June 11, 2015, Connecticut Governor Dannel Malloy signed Senate Bill 949 (“S.B. 949”) into law. This new law imposes a various new requirements relating to data breach response and notification, including imposing a hard 90-day deadline for data breach reporting and requiring that entities regulated by the Connecticut Insurance Department to implement and maintain … Continue reading