Encryption

News & Analysis as of

5 Compliance “Hot Spots” for Technology Companies Under Export Controls and Sanctions Laws

Increasingly interconnected global businesses need to focus on how export controls and trade sanctions can affect their cross-border activities in unexpected ways. For decades, the US Government has used trade...more

Software Companies Now on Notice That Encryption Exports May Be Treated More Seriously: $750,000 Fine Against Intel Subsidiary

The Bureau of Industry and Security (BIS) recently issued a $750,000 fine against an Intel subsidiary for the unlawful exportation of software products that enable encryption. This is a sharp departure from BIS’s historical...more

Head In The Clouds About Cloud Storage

Did you know there are many cloud service providers in the cyber industry? Probably so. But did you know that cloud service providers may be operating in a country outside the United State? Whether you did or not, you may not...more

Google Street View Plaintiffs on the Hunt for “a Needle in a Haystack” to Demonstrate Standing, but District Court Grants...

Back in April, Google filed a Petition for Certiorari with the U.S. Supreme Court in the Street View case, seeking review of the Ninth Circuit’s decision holding that unencrypted Wi-Fi signals are protected from interception...more

Cliff Notes from the Joint OCR/NIST HIPAA Security Conference

As a service to our readers, we have distilled last week’s joint HHS Office of Civil Rights (OCR) and National Institute of Standards in Technology (NIST) conference, “Safeguarding Health Information: Building Assurance...more

Emerging Technologies Push the Boundaries of Privacy Law

As technology developers continue to push the envelope on services and applications affecting the daily lives of consumers, the intersection of technology and privacy is becoming increasingly fraught with legal implications...more

Massachusetts High Court Permits Compelled Decryption of Seized Digital Evidence

Today, in Commonwealth v. Gelfgatt, No. SJC-11358 (Mass. June 25, 2014), a divided Massachusetts Supreme Judicial Court held that under certain circumstances, a court may compel a criminal defendant to provide the password to...more

Financial Services Report, Summer 2014

In This Issue: - Beltway Report - Bureau Report - Mobile Payments - Mortgage and Fair Lending Report - Operations Report - Preemption Report - Privacy Report - Arbitration Report - TCPA...more

Failure to Encrypt Mobile Devices = Nearly $2 Million in Settlements

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) settled for the collective amount of $1,975,220 with Concentra Health Services (Concentra) and QCA Health Plan, Inc. (QCA). The settlements stem...more

New rules for biometric data

New rules on the usage of biometric data issued by the Italian data protection authority (the “Garante” or “DPA“) are meant to clarify the applicable obligations with the purpose to ease the adoption of technologies relying...more

Stolen Laptops Lead to $2 Million Fine To Settle HIPAA Violations

Lost or stolen unencrypted mobile devices — commonly laptops — are the primary cause of major healthcare data breaches. This unfortunate trend persists, despite warnings from the Office for Civil Rights (OCR) of the U.S....more

Physical Therapy Provider Enters into HIPAA Settlement

U.S. Department of Health and Human Services Office for Civil Rights (OCR) recently announced yet another enforcement action. Specifically, OCR opened a compliance review of Concentra Health Services (Concentra) upon...more

No More Excuses: Encrypt Your Laptops or Pay Big $

Two companies were hit with fines equaling a total of almost $2 million to settle alleged Health Insurance Portability and Accountability Act (HIPAA) violations involving stolen, unencrypted laptops, the U.S. Department of...more

The Heartbleed Lesson for All Companies? Manage the Risk...

Threats to data privacy are not going away, but establishing appropriate security measures up-front, performing regular stress-tests on a security system, putting in place procedures to address a data breach and implementing...more

Agencies Issue Denial of Service Guidance and Guidance on ATMs

On April 3, the members of the Federal Financial Institutions Examination Council (FFIEC), including the Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation, the National Credit Union...more

First Glance: Legal Implications of the Heartbleed OpenSSL Bug?

The vulnerability caused by the Heartbleed bug circumvents the purpose of OpenSSL: encryption. Therefore, the conclusion would appear to be that any data breach during the time of OpenSSL vulnerability would be reportable...more

Data-Encryption Is Patent Eligible Despite Not Being Tied to a Particular Machine - TQP Development, LLC v. Intuit Inc.

Addressing an argument that a data-encryption patent was directed to non-eligible subject matter because it covered an abstract idea divorced from a particular machine, Judge William Bryson, sitting by designation in the U.S....more

Do Not Forget to Lock the Backdoor: Adopting a Holistic Approach to Cybersecurity

While cybersecurity has traditionally focused on blocking attacks from the outside through perimeter defenses (e.g., firewalls, intrusion detection, penetration testing), unfolding facts concerning the recent Target data...more

Data Breach Wall of Shame: 2013's Highlights and Lessons

Since 2009, the HHS Office for Civil Rights (“OCR”) has posted all large data breaches – those that involve 500 or more individuals – online on its so-called “Wall of Shame.” In 2013, 160 large data breaches were reported to...more

Covered Entity Fined $150,000 For Stolen Unencrypted Thumb Drive

HHS recently announced that it fined a dermatology practice $150,000 for failing to reasonably safeguard an unencrypted thumb drive and failing to conduct an accurate and thorough risk analysis of electronic PHI....more

Another major medical data breach in California

Or….why are health care institutions still leaving laptops containing PHI unencrypted???? The Los Angeles Times (the “Times”) reported this week the theft of two laptops from an administrative office of hospital group...more

9th Circuit Joffe v. Google "Street View" Decision Raises Questions About Wiretap Act's "Radio Transmissions" Exception

Last week, the Ninth Circuit held that the Wiretap Act prohibits the kind of “interception” and collection of transmissions from unencrypted Wi-Fi networks that Google reportedly followed in compiling Street View data....more

Securing The Package Before It Goes Out: A Guide To Encryption

Preparing a production to opposing counsel is no longer a simple matter of Bates labeling paper documents, making copies of them, and putting the copies in a FedEx box. The advent of electronic discovery has made the...more

Free network feed-in for public channels in Germany

The German district court in Bremen held on the 9th of August 2013 that Kabel Deutschland (plaintiff), the biggest cable network company in Germany, is legally obliged to carry public channels, including that of Radio Bremen,...more

California Attorney General’s Report Reveals Millions Affected By Data Breaches In 2012

A report recently issued by the California Attorney General reveals that millions of Californians were the victims of a data breach in 2012, mostly due to intentional intrusions by outsiders or by unauthorized insiders....more

50 Results
|
View per page
Page: of 2