On May 25, 2022, following markup in the Judiciary Committee, Senator Amy Klobuchar introduced an amended version of the American Innovation and Choice Online Act (“AICOA”), an antitrust bill we previously reported on that aims to curtail self-preferential conduct by certain online platforms. The revised bill now carves out telecommunications providers and financial service companies from the bill’s prohibitions, and reduces potential penalties for violations. Additionally, the revision now creates an exception to the bill’s technical interoperability requirements “where such access would lead to significant cybersecurity risk.” Although critics complain the revisions do not go far enough to address the bill’s shortcomings, Senator Klobuchar and other bi-partisan supporters are pushing for a Senate floor vote this summer.Continue Reading Senate Revises Antitrust Bill Aimed at Curbing Self-Preferential Conduct by Online Platforms
Cybersecurity
IoT Goes Federal under Newly Signed Law
Last week, the President signed the Internet of Things (IoT) Cybersecurity Improvement Act into law, kicking off a multi-year process that will culminate in the first-ever federal requirements for IoT devices. Under the law, the National Institute of Standards & Technology (NIST) is now charged with drafting and finalizing security requirements for IoT devices, as…
Highlights from the National Law Journal Regulatory Summit 2014
At this year’s National Law Journal (NLJ) Regulatory Summit in Washington, DC, held on December 1, 2014, speakers focused on the current and future of the federal regulatory landscape in the United States. Highlights included:
- Former Congressional Leaders Speak on Future Trends in Health Care and Other Sectors
The featured speakers included former U.S. Senate Majority Leader Tom Daschle and Former Speaker of the House of Representatives Dennis Hastert.The former congressional leaders spoke of the current political division between what Daschle described as “rugged individualism versus collective action.” While acknowledging an increased divide between political parties, the speakers hoped to see possible movement in some areas, possibly in the areas of Medicare, Medicaid or tax reform.Much of their discussion focused on health care issues as prominent areas of focus going forward, although they predicted more action in the courts and at the state level than at the federal level.Trends to watch for included a movement away from fee for service, and also continued emphasis on wellness extending beyond the health care sector and into businesses themselves as a way to reduce health care costs.
Continue Reading Highlights from the National Law Journal Regulatory Summit 2014
Data Breach Class Action Against Barnes & Noble Dismissed for Lack of Standing
On September 3, 2013, the U.S. District Court for the Northern District of Illinois dismissed a class action complaint against Barnes & Noble seeking damages based on a data security incident, finding that the plaintiffs lacked standing to bring the claims. This decision reaffirms that retailers may be able to avoid damages for data breaches…
Allegation of Data Breach Alone Insufficient to Sustain Claims Based on Inadequate Cybersecurity Under California Law
On March 6, 2013, the United States District Court for the Northern District of California held that a putative class of LinkedIn premium users lacked standing to pursue state law unfair competition, breach of contract, and negligence claims resulting from a hacking incident. The court dismissed the complaint, concluding that the plaintiffs failed to establish any legally cognizable injury and any causation between the alleged incident and any alleged economic harm.
LinkedIn, the online community for professional networking, offers both free and premium paid accounts to consumers. The Privacy Policy applicable to both types of accounts provides that user information will be protected with “industry standard protocols and technology,” but notes that it provides no guarantee that LinkedIn’s security will be able to prevent all security breaches. On June 6, 2012, hackers infiltrated LinkedIn’s computer systems and posted 6.5 million user passwords and email addresses. LinkedIn subsequently updated its password encryption method to prevent future breaches.
A putative class of premium LinkedIn users filed an amended complaint alleging unfair competition, breach of contract, and negligence claims. LinkedIn filed a motion to dismiss for lack of standing, which the court granted.Continue Reading Allegation of Data Breach Alone Insufficient to Sustain Claims Based on Inadequate Cybersecurity Under California Law