Encryption

News & Analysis as of

DOJ Criminal Chief Continues Push For More Access To Encrypted Data

On June 6, 2016, during a speech at a Cybercrime Symposium co-organized by the Centers for Strategic and International Studies and the Department of Justice’s (“DOJ”) Computer Crime and Intellectual Property Section,...more

Tennessee Updates Data Breach Notification Law

The State of Tennessee recently amended its data breach notification statute, Tenn. Code Ann. § 47-18-2107, which is set to go into effect on July 1, 2016. Numerous commentators have proclaimed that the amendment marks a...more

Illinois Joins the Fray: Strengthens its Laws Around Data Breach Notification and Data Security

Sophisticated phishing scams and muscular hacking efforts continue to compromise personal and sensitive information held by insurers, hospital systems, and businesses large and small. In response, many states have...more

Blockchain Catches a Righteous Break and Avoids Becoming Unchained

Just before the 2016 Memorial Day holiday weekend in the United States, which falls at the end of May, news outlets reported that the bipartisan effort to revolutionize the regulation of cryptography in the United States was...more

Tennessee Legislature Amends Data Breach Notification Statute - Encryption is No Longer an Automatic Safe Harbor

On March 24, 2016, Governor Haslam signed S.B. 2005 which amends Tennessee's data breach notice statute. The amended statute will go into effect on July 1, 2016. The new Tennessee breach notice requirements are triggered by...more

Privacy Tip #37 – Beware of fake USB drives and phone chargers

USB drives and phone chargers are expensive. Hackers know that. One way hackers are gaining access to get into computers to steal data is by planting USB drives and phone chargers in public areas, hoping someone will pick it...more

Illinois strengthens, expands scope of personal information protections

With the passage of the Illinois Personal Information Protection Act (HB1260) last month, Illinois substantially broadened the definition of personally identifiable information, and imposed requirements on data collectors for...more

Innocents Abroad: Lost laptop with customer data

Carrie, A couple of weeks ago, you wrote me about an employee who will be engaging in a six-month temporary assignment around Europe to scope market opportunities. The employee was Abbie Absent-Minded. Well, we hit a...more

LinkedIn Grapples with the Ripples of a 2012 Data Breach

Last week on the official LinkedIn blog, the company’s chief information security officer, Cory Scott, reported the company had become aware of an additional set of data that has just been released consisting of e-mail and...more

TeslaCrypt Ransomware Developers Retire, Release Master Decryption Key

Ransomware is a particularly nefarious type of malware that hijacks computers and forces victims to pay a ransom in order to access their files. One of the reasons it is so successful is because ransomware developers use...more

Tennessee’s Data-Breach Notice Requirements Among the Nation’s Toughest

On July 1, 2016, Tennessee’s new notice requirements for breaches of data security systems which compromise an individual’s personal information will take effect. The amendments to Tennessee’s current rules, found at T.C.A....more

The Scariest Hack So Far

Hackers have upped the ante. Data controllers wax fondly about the good old days when data was outright stolen. Back then, in 2013, there was a sense of fair play. Trolls did troll things. Assuming the victim implemented and...more

Trusts and Estates Group News: Estate Planning Enters the Digital Age

One reality of modern life is our increasing reliance on digital information and services. It’s difficult to take and then order prints of photographs, accumulate travel rewards, book travel, sort through financial records,...more

Office of the Comptroller of the Currency Issues Guidance on Banks' Maintenance and Retention of Records and Examiner Access

The OCC issued a bulletin reminding all OCC-supervised banks of their obligations to maintain and retain their records and the OCC’s authority to obtain prompt and complete access to each bank’s books and records and...more

PCI SSC Releases Version 3.2 of Data Security Standard

On April 28, 2016, the Payment Card Industry Security Standards Council (the “PCI SSC” or “Council”) released a new version of its Data Security Standard (“PCI DSS”), version 3.2. Significantly, the updated standard requires...more

Nebraska Amends Data Breach Notification Law

On April 13, 2016, Nebraska’s breach notification statute was amended when Governor Pete Ricketts signed LB835 into law. The Amendment included a variety of changes, including a regulator notification requirement and...more

Privacy & Cybersecurity Update - April 2016

In this edition of our Privacy & Cybersecurity Update, we examine changes to EU privacy and data protection laws, new state laws addressing data breach notifications, Congress' review of cyber insurance, and recent court...more

New Encryption Guidance Published by the ICO

The UK Information Commissioner’s Office (ICO) has released updated guidance on the use of encryption. The guidance highlights that in many areas, the ICO expects encryption software to be used, and in the future where data...more

Nebraska Amends Its Data Breach Notification Statute

Since the beginning of 2015, numerous states have amended their data breach notification statutes to include expanded definitions of personal information, clarifications on encryption standards, and new notice content and...more

Bypassing Encryption Under Court Orders: New Bill Scares the Privacy Community

Senators Diane Feinstein and Richard Burr have released a discussion draft on providing technical assistance to law enforcement seeking to gain access to encrypted information pursuant to a court order. The draft has been...more

Need to Decrypt an iPhone? There’s an “Act” for That

A pair of recent cases pitted the U.S. Department of Justice (DOJ) against Apple, Inc. (Apple) in a Herculean struggle between asserted interests in national security and privacy. In both cases, the DOJ relied on the same...more

Senators Release Draft Of Bill To Require Technology Companies To Assist Law Enforcement With Access To Encrypted Data

On April 13, 2016, Senate Intelligence Committee Chairman Richard Burr (R-NC) and Vice Chairwoman Dianne Feinstein (D-CA) released a new draft of a bill that would effectively prohibit unbreakable encryption and require...more

Tennessee Gives Businesses 45 Days for Data Breach Notice

Recent amendments to the State’s data breach statute give a hard deadline for a business to provide consumer notice, removes encryption safe harbor, exempts entities that are subject to the Health Insurance Portability and...more

Nebraska Makes Changes to Data Breach Statute

Nebraska Governor Pete Ricketts has signed LB835 into law, updating the state’s data breach notification statute. The changes take effect on July 20, 2016. With the updates, Nebraska joins a growing number of states...more

Tennessee Amends Its Data Breach Notification Laws

Removes the Encryption Safe Harbor, Limits the Timing of Notice, and Expands “Unauthorized Persons” - Effective July 1, 2016, Tennessee becomes the first state to remove the encryption safe harbor from its data breach...more

223 Results
|
View per page
Page: of 9
JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×