Encryption

News & Analysis as of

Digital Disruption When You Least Expect (Or Want) It

In this Presentation: - Introduction - Chocolate, Cookies, Coffee and Biscuits - Privacy, Legislation, Underworld behaviour - Even manufacturers have secrets to protect! - Invention, 1%’ers and...more

Proposed Change to Export Controls Would Allow Use of the Cloud for Encrypted Data

On June 3, 2015 the State Department’s Directorate of Defense Trade Controls (DDTC) and the Commerce Department’s Bureau of Industry and Security (BIS) published proposed regulations which would change the definition of the...more

FINRA Fines Financial Firm for Failing to Encrypt Customer Data on Lost Laptop

Like other federal agencies exercising regulatory power in the data privacy and security arena, the Financial Industry Regulatory Authority (“FINRA”) is cracking down on firms that fail to meet required data security...more

Largest Breach in U.S. Government History Is a Wake-Up Call on Need for Encryption

Employees are reasonable in assuming that their employer is protecting their personal information from compromise. The obvious way to do that is to maintain appropriate encryption technology. Simply put: encryption,...more

The USA Freedom Act: What it Changes and (Mostly) Doesn't for Cloud Services--And is it Really the Issue

The recent showdown over renewal of certain provisions of the USA Patriot Act (often called simply the Patriot Act) and the subsequent enactment of the USA Freedom Act have raised a number of questions about the ongoing...more

Encryption and the Consequences of Public Policy

In a world where the development of technology moves quickly and governments tend to move slowly, it is common for public policy to become out of sync with the realities of the market. In many cases, this proves to be a...more

Heartland Payment Systems suffers another data breach

Heartland Payment Systems suffered one of the largest breaches in history in 2008, when over 100 million credit and debit cards issued by hundreds of financial service companies were stolen from their payroll payment...more

Encryption and the Consequences of Policy

A few weeks ago, your humble blogger looked into how difficult it was for someone to crack encryption in light of debates on Capitol Hill about whether policies should be put in place to limit its strength. In March and May,...more

User Beware: Facebook’s Internet.org Platform Considered to be “Privacy Nightmare”

On May 4, 2015, Facebook introduced Internet.org Platform, an open program for developers to create services that integrate with Internet.org. However, many privacy advocates have deemed the Internet.org Platform to be a...more

Facebook Takes a First Step Toward Mass Adoption of Encryption

This week, the social networking service Facebook quietly announced that it will begin making PGP encryption available for communications from Facebook to its users. While this step, in itself, is a small one not likely to...more

Lost, Unencrypted Laptop Leads FINRA to Fine a Broker-Dealer $225,000 for Violating Reg S-P

With the recent focus by the SEC and FINRA on cybersecurity for broker-dealers and investment advisers as a backdrop, FINRA recently brought and settled an enforcement action under SEC Regulation S-P against broker-dealer...more

Strict Controls Proposed on the Export of Cybersecurity Items

On May 20, 2015, the Commerce Department Bureau of Industry and Security (BIS) proposed to establish controls on the export of cybersecurity items. These items would be classified under new Export Control Classification...more

FINRA settles data breach enforcement action

The Financial Industry Regulatory Authority (FINRA) agreed to settle its enforcement action with Sterne Agee & Leach, Inc. (Sterne) this week for $225,000. The enforcement action followed the loss of an unencrypted laptop by...more

Nevada Expands PI Definition under Data Breach Law

Becomes the fifth state to amend its data breach statute since January 2015 The definition of “personal information” (“PI”) just got a little bit bigger in the Silver State. On May 13, Nevada Governor Brian Sandoval signed...more

A Year in Review: Key HIPAA Settlement Agreements by HHS’s Office for Civil Rights

The U.S. Department of Health and Human Services Office for Civil Rights had another busy year in 2014. More resolution agreements were signed by HHS and Covered Entities than in the previous year, and several Covered...more

PCI SSC Releases Version 3.1 of Data Security Standard

On April 15, 2015, the Payment Card Industry Security Standards Council (the “PCI SSC” or “Council”) released a new version of its Data Security Standard (“PCI DSS”), version 3.1, which contains numerous updates including,...more

2015 BakerHostetler Incident Response Report Deeper Dive—Retailer Liability Arising from Stolen Payment Cards

We released the inaugural BakerHostetler Data Security Incident Response Report, which provides insights generated from the review of more than 200 incidents that our attorneys advised on in 2014. Over the next four weeks, we...more

How Difficult is it to Break Encryption?

Whether it’s in discussions of public policy or discussions of best practices, encryption is all the rage right now. ...more

Congress Talks Encryption

The Information Technology Subcommittee of the Committee on Government Oversight and Reform of the US of House of Representatives last Wednesday held a hearing on encryption technology and potential US policy responses....more

The Nevada Data Breach Law

Nevada, like most states, has a data security statute that addresses what to do when there’s a data breach. Here’s a quick summary of the Nevada law, which is found at N.R.S. § 603A.010 et seq, “Security of Personal...more

The Arizona Data Breach Law

Almost all U.S states have laws about data security and what to do when there’s a data breach. Here is what’s in the Arizona law. Who The Law Applies To. The law applies to anyone who conducts business in Arizona and...more

Legal Departments: New PCI DSS Requirements Mandatory in June

PCI Council publishes new PCI Data Security Standard Version 3.1 and provides very short time to implement new encryption standards. The PCI Council just published a new version of the PCI Data Security Standard (PCI...more

Data Encryption and Its Potential Effect on Litigation and Discovery

In September 2014, Apple introduced a new mobile-operating system called iOS8. iOS8 offers enhanced data-encryption protection to Apple users and the content stored on their mobile devices. Apple's advancements in...more

Data breach class action suit against Horizon Blue Cross dismissed

Late last week, a federal court judge in New Jersey dismissed a putative class action lawsuit against Horizon Blue Cross for a data breach involving two unencrypted laptops that were lost in 2013. The case alleged that close...more

Is Your Company Ready to Comply with Encryption of Individually Identifiable Health Information?

New Jersey’s new data privacy standard, signed into law as S. 562 by Gov. Chris Christie on January 9, requires health insurance carriers that are authorized to issue health benefit plans in New Jersey to protect individually...more

93 Results
|
View per page
Page: of 4

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×