The Federal Trade Commission has announced an agreement with electronic toy manufacturer VTech Electronics Limited and its US subsidiary settling charges that VTech violated the Children's Online Privacy Protection Act by collecting personal information from hundreds of thousands of children without providing direct notice or obtaining their parent's consent and failing to take reasonable steps to secure the data that it had collected.
To date, data breach plaintiffs have struggled to find a way to access insurance monies in directors and officers (D&O) liability insurance policies. Recently, plaintiffs have pivoted to securities suits as a potential new way to trigger the deeper pockets associated with D&O policies. Insurers are no doubt monitoring this growing trend of litigation, so insureds should pay close attention to cyber-related exclusions in their D&O policies.
The US District Court for the District of New Jersey recently granted Travelers' motion to dismiss Posco Daewoo America Corporation's suit for coverage under the computer fraud provision of its crime insurance policy. Daewoo had sought coverage for amounts that had been designated for payment to it by a third-party supplier and stolen after a criminal impersonated a Daewoo employee. The court held that the crime policy did not cover the lost sums because Daewoo had not owned the stolen money.
Recent judicial interpretations of the Illinois Biometric Information Privacy Act present potential litigation risks for retailers that employ biometric-capture technology. Federal judges in various district courts have allowed cases to move forward against companies such as Facebook, Google and Shutterfly, and retailers that use biometric data may also become litigation targets as federal judges decline to narrow the statute's applicability and additional states consider passing copycat statutes.