As the world grapples with the COVID-19 pandemic, the legal community has ramped up efforts to identify challenges and manage risks. In recognition of the employment implications of the COVID-19 pandemic, the Journal of Regulatory Compliance invites original submissions for publication in our Spring 2021 issue. The official Journal of Regulatory Compliance is a bi-annual …
Read more
It cannot be denied that the COVID-19 pandemic has led to many novel legal and regulatory issues. One topic of major concern both domestically and abroad is how to manage the massive amounts of consumer data being collected in the attempt to quell the spread of the virus. This issue is especially complicated to address in the United States, where a convoluted patchwork of state and federal laws interact to create a relentlessly fragmented data regulation system. Now, as state and local governments, along with tech giants like Apple and Google, continue to roll out contact tracing applications, the need for comprehensive data privacy regulation is more pressing than ever.
Complex litigation in data breach disputes is not surprising due to the reliance on information technology infrastructure. The Identity Theft Resource Center defines a data breach as “an incident in which an individual name plus a Social Security number, driver’s license number, medical record or financial record is potentially put at risk because of exposure.” However, the issue that challenges most plaintiffs’ in a data breach lawsuit is the ability to establish an injury-in-fact sufficient to support Article III standing. Injury-in-fact is harm that is concrete and particularized, and actual or imminent. Currently, the United States Court of Appeals fails to uniformly decide this issue, creating “splits” in the Circuits regarding Article III standing in data breach litigation. The Supreme Court ruled in fact-distinguishable cases concerning standing, but not in the data breach litigation context. Until the Supreme Court renders guidance, Americans face significant judicial patchwork in privacy protection.
Due to the COVID-19 pandemic, state and local municipalities have issued emergency proclamations requiring small businesses to either shut down or limit their business operations. This has caused small businesses to suffer substantial profit losses. In response, small businesses have filed business interruption claims with their insurance providers to recover their profit losses. However, insurance companies have mostly rejected their insureds’ business interruption claims because there has not been a direct physical loss or damage to the insureds’ properties, which is required to grant business interruption coverage. Businesses have been forced to file lawsuits against their insurers, hoping that the courts will compel insurance companies to provide business interruption coverage to their insureds during the pandemic. Business owners have also asked their elected officials to intervene and help them by passing legislation that would require insurance companies to provide business interruption coverage.
There is no doubt that working from home has become a new normal for millions of employees worldwide, and for some, this may be the future of their employment. When the workforce made the shift to remote work and online meeting navigation, Zoom Video Communications, Inc. (“Zoom”) quickly became the frontrunning platform. Many companies flocked to Zoom because of its alleged higher levels of security and encryption capabilities. However, a recent lawsuit against Zoom, by nonprofit group Consumer Watchdog, reveals that Zoom may not actually be as safe for users as it once claimed to be. Other lawsuits allege privacy concerns including Zoom sending user data to Facebook. Most recently, the FTC filed a suit against Zoom on November 9th for allegations of unfair, deceptive, or abusive acts or practices (“UDAAP”) related to encryption, cloud storage, third-party safeguards, and failure to disclose information to users. Though various privacy concerns arise, the platform’s popularity continues to increase given its newfound necessity.
It is clear that COVID-19 is not going away anytime soon. Cases today are skyrocketing and that means restrictions like we had at the beginning of this pandemic are likely to follow. Since March, Chicago has had an array of different orders and guidelines they have followed both from the City of Chicago and from Governor J.B. Pritzker. In May, Chicago announced the “Protecting Chicago” framework which set out five phases depending on COVID numbers to guide citizens on what re-opening Chicago would look like. With the warm weather behind us, what does this mean for the future of dining for the rest of 2020?
As the United States continues to grapple with the effects of the coronavirus epidemic, the U.S. Department of Health and Human Services (“HHS”) announced new rules extending compliance dates and timeframes under the Cures Act. The agency’s new rules—most of which take effect on Dec. 4, 2020—are aimed at giving IT developers and health care providers flexibility in responding to the coronavirus pandemic.
The current social and political climate, as well as our planet’s environmental climate, have shown the new role that corporations play in society. The pandemic and the current social upheaval seen worldwide have increased the need for real and meaningful corporate commitment to social responsibility.
The coronavirus is still rampant in our country rendering an average of 96,275 new cases per day, and legislatures are attempting to stop the spread by any means necessary. One of the most recent innovative ideas by some state lawmakers is to emphasize the use of wearing masks by eliminating the sales tax on the purchase of Personal Protective Equipment (PPE).
The Federal Bureau of Investigation (“FBI”), the Department of Health and Human Services (“HHS”), and the Department of Homeland Security Cybersecurity and Infrastructure Security Agency (“CISA”) recently announced that hackers have been and will continue to target the United States hospitals and health-care providers. These attacks are cyber in nature and often lead to ransomware attacks, data left, and inevitable disruption of health care services when patient information is locked until the ransom can be paid.