Introduction -
Cybersecurity was a prominent factor in 2016 in all aspects of government, business and personal affairs. Russian and other foreign national hacking has the potential to spark a new form of cold...more
2/16/2017
/ Cloud Computing ,
Cloud Service Providers (CSPs) ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Cybertheft ,
Energy Sector ,
Federal Trade Commission (FTC) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Information Sharing ,
Internet of Things ,
Popular ,
Ransomware ,
Trade Secrets
Editor’s note: This is the sixth and last in our end-of-year series. See our previous posts on trade secrets, state regulation and law enforcement, HIPAA compliance, emerging threats, and energy. See you in...more
In Case You Missed It: The Federal Trade Commission has opened a public comment period to evaluate its Safeguards Rule (16. C.F.R. § 314.3). Under the Gramm-Leach-Bililey Act (GLBA), which regulates financial institutions,...more
In Case You Missed It: In a sign of the growing importance of cyber operations in warfare, the Obama administration plans to elevate the status of the Pentagon’s Cyber Command. The U.S. Cyber Command, or USCYBERCOM, was...more
In Case You Missed It: The Federal Trade Commission issued an opinion in the LabMD case, overturning an ALJ’s November 2015 decision holding that the FTC failed to meet its burden to prove that LabMD’s data security...more
8/1/2016
/ Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Security ,
Federal Trade Commission (FTC) ,
FTC Act ,
Hackers ,
Hillary Clinton ,
LabMD ,
Political Campaigns ,
Section 5 ,
Unfair or Deceptive Trade Practices
In Case You Missed It: The EU/US Privacy Shield is set to go into effect this Tuesday, July 13, pending a decision today by the EU’s College of Commissioners. On Friday, July 8, the Privacy Shield agreement (entered into in...more
In Case You Missed It: Ruling in FTC v. Amazon Suggests a Way Forward for Companies Responding to Actions Brought by the FTC after a Data Breach. The FTC’s recent actions in the realm of data security have been predicated on...more
7/6/2016
/ Administrative Authority ,
Amazon ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Breach ,
Data Security ,
Department of Homeland Security (DHS) ,
Federal Trade Commission (FTC) ,
Google ,
Invasion of Privacy ,
Viacom ,
VPPA
In Case You Missed It -
The FTC settled with mobile advertising company InMobi for $950,000 in civil penalties, along with the implementation of a privacy program, based on the FTC’s charges that InMobi impermissibly...more
In Case You Missed It: The SEC fined Morgan Stanley $1 million for a 2014 data breach. While the FTC had declined to pursue an enforcement action, blaming the breach on technical issues rather than any actions or omissions...more
In Case You Missed It: US and EU officials signed on to the so-called “Privacy Umbrella” deal last week. The agreement is designed to protect the personal data of EU citizens when it is transferred to the US for law...more
6/7/2016
/ Cybersecurity ,
Data Protection ,
Enforcement Actions ,
EU ,
Facebook ,
Hackers ,
International Data Transfers ,
LinkedIn ,
Mark Zuckerberg ,
Personal Data ,
Privacy Umbrella ,
Ransomware ,
Social Media
As litigators, we help clients resolve conflicts that have matured into disputes. In the realm of cybersecurity, we defend claims brought by private parties or governmental entities against companies facing the fallout from...more
How much does the question of harm matter in cybersecurity law? The answer is: It depends on who is bringing the claim.
Businesses confronting data breaches can face litigation from private consumers as well as from...more
2/18/2016
/ Article III ,
Clapper v. Amnesty International ,
Cybersecurity ,
Data Breach ,
Enforcement Actions ,
FTC v Wyndham ,
Injury-in-Fact ,
LabMD ,
Neiman Marcus ,
Securities and Exchange Commission (SEC) ,
Standing ,
Unfair or Deceptive Trade Practices ,
Wyndham
The scaffolding of the FTC’s powers in the realm of cybersecurity continues to be built. On Monday, the FTC’s Chief Administrative Law Judge D. Michael Chappell issued an initial decision in the FTC’s closely watched...more
I had the pleasure of moderating an excellent panel at the Advanced Cyber Security Center’s annual conference on November 4. The panel’s topic for discussion was “What is Reasonable in Cybersecurity: Responsibility and...more
11/5/2015
/ Audits ,
Best Practices ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Employee Training ,
Information Technology ,
Popular ,
Risk Management ,
Risk Mitigation
A timely new resource for business executives, technology professionals, and lawyers alike is the newly-published Navigating the Digital Age: The Definitive Cybersecurity Guide for Directors and Officers from the New York...more
10/26/2015
/ Board of Directors ,
Corporate Officers ,
Crisis Management ,
Cyber Incident Reporting ,
Cyber Insurance ,
Cyber Threats ,
Cybersecurity ,
Data Breach Plans ,
Data Management ,
Data Privacy ,
Data Protection ,
Data Security ,
Directors ,
Employee Training ,
Information Technology ,
Personal Data ,
Popular ,
Risk Management ,
Risk Mitigation
The Cybersecurity and Information Sharing Act (S.754), or CISA, cleared an important hurdle on October 22, 2015 when the Senate voted 83-14 to end debate on several amendments to the bill. CISA creates a cyberthreat...more
Data breaches are crisis moments that business must prepare for in many ways: not just in taking steps at prevention, but also mitigating losses, arranging for business continuity, complying with legal and regulatory...more
10/19/2015
/ Business Continuity Plans ,
Crisis Management ,
Cybersecurity ,
Data Breach ,
Data Breach Plans ,
Data Privacy ,
Data Protection ,
Data Security ,
Loss Mitigation ,
Popular ,
Public Relations ,
Reputation Management
What makes data privacy law interesting for academics, challenging for lawyers, and frustrating for businesses its shape-shifting structure in the face of rapidly changing technology. The recent change in the invalidation of...more
10/19/2015
/ Administrative Authority ,
Breach Notification Rule ,
Cyber Attacks ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Breach ,
Data Breach Plans ,
Data Privacy ,
Data Protection ,
Data Security ,
EU ,
EU Data Protection Laws ,
Federal Trade Commission (FTC) ,
FTC v Wyndham ,
GLBA Privacy ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Personal Data ,
Popular ,
Unfair or Deceptive Trade Practices ,
US-EU Safe Harbor Framework ,
Wyndham
A key distinguishing feature of U.S. data privacy laws is their patchwork nature. There are industry-specific data privacy laws at the federal level (think HIPAA or the GLBA), yet there are no comprehensive federal standards...more
7/27/2015
/ Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Security ,
Data Security and Breach Notification Act of 2015 ,
Electronic Medical Records ,
Medical Records ,
Personally Identifiable Information ,
Privacy Legislation ,
Proposed Legislation ,
Uniformity