October 02, 2020

MONTH-IN-BRIEF: Internet Law & Cyber-Security

Juliet Moringiello, Sara Beth A.R. Kohut

Data Privacy

Dunkin’ and NY AG Resolve Breach Claims

By Sara Beth A.R. Kohut, Young Conaway Stargatt & Taylor, LLP

The New York Attorney General and Dunkin’ Brands, Inc., recently reached a settlement to resolve a New York state court complaint that Dunkin’ violated state consumer protection and data breach laws in connection with incidents in 2015 and 2018 that compromised the data relating to thousands of Dunkin’s rewards program members. New York v. Dunkin’ Brands, Inc., No. 451787/2019 (NY Supr. Ct.). Dunkin’ has agreed to maintain a comprehensive security program that includes reasonable measures to protect against brute force attacks. The company also must promptly investigate suspicious events and notify customers when their accounts are logged into by unauthorized third parties, reset their passwords, and refund amounts to rewards cards that were subject to unauthorized use. Dunkin’ also will pay $650,000 in penalties and costs to the state.

Ninth Circuit Criticizes NSA Surveillance But Upholds Use

By Sara Beth A.R. Kohut, Young Conaway Stargatt & Taylor, LLP

A three-member panel of the U.S. Court of Appeals for the Ninth Circuit unanimously held that collection of telephone metadata on millions of Americans by the National Security Agency violated the Foreign Intelligence Surveillance Act. U.S. v. Moalin, No. 13-50572 (9th Cir. Sept. 2, 2020). Additionally, the data collection, which Edward Snowden made public in 2013, potentially violated the Fourth Amendment of the U.S. Constitution. The opinion came out of an appeal brought by four Somalis who had immigrated to California and were convicted of supporting terrorist groups based on their phone data that was collected pursuant to electronic surveillance. Despite its legal conclusions, the Court of Appeals went on to affirm the defendants’ convictions, declining to suppress the evidence and finding the jury verdict was supported. 

Juliet Moringiello

Commonwealth Professor of Business Law, Widener University Commonwealth Law School

Juliet Moringiello is the Commonwealth Professor of Business Law at Widener University Commonwealth Law School in Harrisburg, PA, where she teaches Property, Bankruptcy, Secured Transactions, Sales, and a seminar on Cities in Crisis. She earned her B.S.F.S. at Georgetown University, her J.D. at Fordham University School of Law, and her LL.M in Legal Education at Temple University School of Law. Professor Moringiello is Chair of the Pennsylvania Bar Association Business Law Section, a Uniform Law Commissioner for Pennsylvania, and a member of the American Law Institute. She is also a Fellow of the American College of Commercial Finance Lawyers and has held several leadership positions in the American Bar Association Business Law Section.

Sara Beth A.R. Kohut

Co-Chair; Cybersecurity, Privacy, and Data Protection Group; Young Conaway

Sara Beth’s practice focuses on advising legal representatives for future claimants in connection with asbestos mass tort insolvency matters and settlement trusts. She has also represented national and local businesses in cases involving intellectual property, corporate and commercial issues in the federal and state courts in Delaware. Sara Beth has advised clients on strategies for protecting intellectual property rights and complying with obligations governing the privacy and security of sensitive data. She currently co-chairs Young Conaway’s Cybersecurity, Privacy, and Data Protection group.