Let the Professionals Build Your Social Media Networks

Target proposes $10M settlement in data breach class-action suit



Target has proposed a $ 10 million settlement to a class-action lawsuit brought against it by consumers affected by the infamous credit card data breach of 2013. The settlement, if it’s approved, could offer affected consumers up to $ 10,000 each. (Most people are likely to receive far less than that; $ 10,000 is just the maximum.)

The data breach was said to have affected 40 million credit cards when hackers were able to infect the point-of-sale systems at most of the company’s 1,934 stores in the United States. As many as 110 million people had other information, such as their email addresses and phone numbers, stolen as a result of the data breach.

Consumers aren’t the only ones who will be allowed to sue Target over the breach. A judge ruled in December 2014 that banks could seek reimbursement from the company for the costs associated with replacing so many consumers’ credit cards. The ruling could convince companies that data breaches shouldn’t be taken lightly.

Those suits might cost much more than this one: According to the New York Times, banks spent a collective $ 400 million in their response to Target’s data breach. And because the company ignored warnings about its security problems, the judge ruled that it could be held responsible for the damages incurred in the breach’s aftermath.

Data breaches are becoming increasingly common. Everyone from the Home Depot to PF Chang’s has suffered hacks of varying severity. Target is simply the most high-profile of these attacks; other companies could face similar suits in the future.

A hearing concerning the proposed settlement is scheduled for today. This post will be updated when the government decides if it will accept or reject Target’s proposal.

[illustration by Brad Jonas]



FTC Proposes Ban on Ad Network’s Use of History-Sniffing Cookies


online privacy, consumer privacy,

Lightspring / Shutterstock.com

The FTC has put forward a draft order requiring Epic Marketplace, Inc., to destroy all of the consumer data it obtained through history-sniffing cookies and barring the company from future use of the technology.

The case illustrates how sophisticated digital behavior-monitoring technology has become and how limited the government’s ability to curtail the practice remains.

Despite a privacy policy that claimed that it collected information only about consumers’ visits to sites in its network, Epic was allegedly using history-sniffing technology that allowed it to collect data on their visits to sites and advertisements on more than 50,000 Web domains. Anytime a consumer visited one of the 45,000 sites that host Epic advertisements, s/he received a cookie that stored information about their online movements on those domains, which included pages relating to fertility issues, impotence, incontinence, disability insurance, credit repair, debt relief and personal bankruptcy.

The information gathered allowed Epic to serve consumers targeted advertisements.   

The FTC was able to act only because Epic misrepresented its actions in its privacy policy. The consent agreement requiring Epic to destroy the data it has collected and abandon the practice, if it becomes final after a 30-day public comment period, carries the force of law but applies only to the company in question. A single violation of the order would carry a civil penalty of up to $ 16,000.

New Career Opportunities Daily: The best jobs in media.