News & Analysis as of

Passwords Corporate Counsel

Proskauer - Employee Benefits & Executive...

DOL Updates Guidance on Pension and Health & Welfare Plan Cybersecurity Best Practices

In 2021, the U.S. Department of Labor (DOL) issued 3 documents outlining guidance on cybersecurity practices for benefits plans, which we discussed in a blog post at the time. The DOL recently issued revised versions of the...more

Davis Wright Tremaine LLP

NY Attorney General Settlement Highlights Challenges of Username and Password Breaches

October was a busy month in New York for cybersecurity enforcement. In addition to a $4.5 million settlement between the New York Department of Financial Services and EyeMed Vision Care (discussed in a forthcoming blog post),...more

A&O Shearman

Hong Kong Court of First Instance confirms SFC's powers to seize digital devices and demand passwords

A&O Shearman on

The recent High Court decision of Cheung Ka Ho Cyril v Securities and Futures Commission and another [2020] HKCFI 270 confirmed the powers of the Securities and Futures Commission (SFC) to (i) seize digital devices such as...more

King & Spalding

EU Data Protection Authority Rewards “Exemplary Cooperation” With Moderate Fine

King & Spalding on

On November 21, 2018, the data protection authority of the German state of Baden-Württemberg (“LfDI”) imposed a fine of EUR 20,000 on a German social media company for failing to encrypt user passwords, the first fine issued...more

Robinson+Cole Data Privacy + Security Insider

UK Information Commissioner’s Office Issues Guidance on Use of Encryption and Passwords in Connection with GDPR

The “security principle” under the General Data Protection Regulation (GDPR) requires that organizations process personal data securely by means of “appropriate” technical and organizational measures....more

Morgan Lewis

United Kingdom Establishes IoT Security Principles

Morgan Lewis on

The UK government recently released a policy paper outlining proposed requirements for makers of Internet of Things (IoT) devices to take certain actions to better protect IoT devices from growing cybersecurity threats....more

Morgan Lewis

Three States Join Others to Expand Personal Information Definition to Include Usernames or Email Addresses

Morgan Lewis on

Businesses should take steps to protect usernames, email addresses, passwords, and security questions and answers. A key issue in determining whether notification is required following a data breach is whether...more

Pillsbury Winthrop Shaw Pittman LLP

Redefining U.S. Export Controls: Takeaways from Key Changes Effective September 1st

On September 1, 2016 new rules previously published by the U.S. Department of Commerce, Bureau of Industry and Security (BIS)1 and the U.S. Department of State, Directorate of Defense Trade Controls (DDTC)2 will become...more

Constangy, Brooks, Smith & Prophete, LLP

Court Upholds Conviction Of Ex-Employee For Conspiring To Access Company Data Through “Shared” Password

Is password sharing a crime? It can be under the right circumstances, according to last week’s decision in United States v. Nosal. In Nosal, the U.S. Court of Appeals for the Ninth Circuit upheld the conviction of a former...more

Proskauer - New Media & Technology

CFAA Double Feature: Ninth Circuit Issues Two Important Decisions on the Scope of Liability Related to Data Scraping and...

This past week, the Ninth Circuit released two important decisions that clarify the scope of liability under the federal Computer Fraud and Abuse Act (CFAA), 18 U.S.C. § 1030. The Act was originally designed to target...more

Ogletree, Deakins, Nash, Smoak & Stewart,...

New Maine Social Media Privacy Law Takes Effect October 15, 2015

Maine has become the latest state to restrict employers’ ability to access social media accounts of employees and applicants. A new Maine statute, which will go into effect on October 15, 2015, prohibits a broad range of...more

Bilzin Sumberg

New Potential Liability for Data Security: U.S. Court of Appeals for the Third Circuit Announces FTC has Authority to Scrutinize a...

Bilzin Sumberg on

The U.S. Court of Appeals for the Third Circuit announced that the Federal Trade Commission (FTC) has the authority to scrutinize a business’s data security protocol -- and to file a complaint if the FTC finds that protocol...more

Littler

Trendsetter or Outlier? Oregon Adds New Twist to Password Protection Laws

Littler on

Since early 2012, 21 states have enacted some form of "password protection" law. Although these laws vary substantially by state, their common thread is the intention to restrict employers' ability to access content in...more

Littler

Virginia's Password Protection Law Continues the Trend Toward Increasing Legislative Protection of Personal Online Accounts

Littler on

March 30, 2015 Authors: Philip Gordon and Joon Hwang As many state legislatures open their 2015 sessions, Virginia has become the first this year — and most likely not the last — to continue the legislative trend towards...more

Bradley Arant Boult Cummings LLP

Tennessee’s New Social Media Law Gives Employers Dos and Don’ts Regarding Employee Privacy

All Tennessee employers and their agents must now comply with the “Employee Online Privacy Act of 2014,” a new law that prohibits employers from asking their employees for their usernames and passwords to social media sites,...more

Proskauer Rose LLP

Louisiana Has Joined 16 Other States and Prohibits Employers from Accessing Employee Online Accounts

Proskauer Rose LLP on

Effective August 1, 2014, Louisiana joined at least sixteen other states that have enacted laws prohibiting or restricting employers from accessing employees' personal online accounts – including social media (Twitter,...more

16 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide