The Department of Energy (DOE) has announced that it will invest $34M to the University of Arkansas and the University of Illinois for two projects designed to “improve and enhance” the protection of the U.S. electric grid,...more
We have been reporting on the success of the Department of Justice in combatting cybercrime through prosecutions of hackers. But we never expected this. Following Chinese President Xi’s visit to the U.S., and for the first...more
A lot has happened since the European Court of Justice’s declaration that the EU-US safe harbor framework is invalid.
First, the Article 29 Working Party, an organization comprised of representatives from each data...more
10/23/2015
/ Article 29 Working Group ,
Cybersecurity ,
Data Protection Authority ,
Edward Snowden ,
EU Data Protection Laws ,
European Commission ,
European Court of Justice (ECJ) ,
Facebook ,
Federal Trade Commission (FTC) ,
International Data Transfers ,
Ireland ,
Judicial Redress Act ,
National Security ,
National Security Agency (NSA) ,
Personal Data ,
Privacy Laws ,
Right to Privacy ,
Safe Harbors ,
Schrems I & Schrems II ,
US-EU Safe Harbor Framework
An anonymous hacker has contacted the New York Post to explain how he was able to hack into the CIA Director’s AOL email account. According to several reports, a high school student and his two friends implemented social...more
10/23/2015
/ AOL ,
Criminal Investigations ,
Cyber Attacks ,
Cyber Crimes ,
Data Breach ,
Data Privacy ,
Email ,
FBI ,
Hackers ,
Telecommunications ,
Twitter
Sony Pictures (Sony) agreed on Monday (October 19, 2015) to pay at least $2M and up to $4.5M to employees whose personal information was breached and posted online during the massive hack that hit Sony in 2014....more
American Thrift Stores announced this week that like other retailers, it has been hit with a security breach “that occurred through software used by a third-party service provider” that allowed “criminals from Easter Europe”...more
10/16/2015
/ Credit Cards ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Debit Cards ,
Hackers ,
Identity Theft ,
Malware ,
Retail Market ,
Retailers ,
Secret Service ,
Third-Party Service Provider
Last Thursday, Governor Jerry Brown signed the California Electronic Communications Privacy Act (CalECPA) into law, which requires law enforcement to obtain a warrant before accessing or searching individuals’ digital...more
10/16/2015
/ American Civil Liberties Union (ACLU) ,
Apple ,
Cell Phones ,
Chamber of Commerce ,
Data Privacy ,
ECPA ,
Email ,
Google ,
Microsoft ,
Mobile Devices ,
New Legislation ,
Personal Data ,
Right to Privacy ,
Search Warrant ,
Smartphones ,
Text Messages ,
Warrantless Searches
On October 6, 2015, the Office of Inspector General (OIG) of the Department of Health and Human Services issued OIG Policy Reminder: Information Blocking and the Federal Anti-Kickback Statute, which “reminds” providers that...more
The Judicial Panel on Multidistrict Litigation has decided that the three lawsuits filed against the OPM by the National Treasure Employees Union, the American Federation of Government Employees and Mary Woo, a former...more
We previously reported that the Federal Communications Commission (FCC) released an Omnibus Order on July 10, 2015 regarding the rules and regulations implementing the Telephone Consumer Protection Act (TCPA), specifically...more
10/16/2015
/ Class Action ,
Compliance ,
FCC ,
Federal Register ,
Marketing ,
Omnibus Guidance ,
Prior Express Consent ,
Right to Privacy ,
Robocalling ,
TCPA ,
Telecommunications ,
Telemarketing ,
Text Messages ,
VoIP
The Office for Civil Rights (OCR) of the Department of Health and Human Services has launched a web based portal so medical mobile app developers can ask their “burning” questions about HIPAA compliance....more
10/16/2015
/ Compliance ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Health and Human Services (HHS) ,
Enforcement Actions ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Mobile Apps ,
OCR
Significantly, the Eleventh Circuit issued an opinion on October 9th that consumers who download and use free mobile apps do not fall within the definition of a “subscriber” under the Video Privacy Protection Act (VPPA)....more
10/16/2015
/ Cartoon Network ,
Class Action ,
Digital Media ,
Disclosure ,
Mobile Apps ,
Privacy Concerns ,
Privacy Laws ,
Right to Privacy ,
Subscribers ,
Video Privacy Protection Act ,
VPPA ,
Wireless Devices ,
Wireless Technology
Sergey Vovnenko, a Ukrainian hacker, was charged in New Jersey federal court this week for wire fraud conspiracy, unauthorized computer access and aggravated identity theft for allegedly hacking into networks of financial...more
10/15/2015
/ Banking Sector ,
Banks ,
Computer Fraud and Abuse Act (CFAA) ,
Cyber Attacks ,
Cyber Crimes ,
Data Breach ,
Federal Employees ,
Financial Institutions ,
Hackers ,
Identity Theft ,
LA Times ,
Military Service Members ,
Personally Identifiable Information ,
Secret Service ,
Social Media ,
Ukraine ,
Websites ,
Wire Fraud
We have reported before how CEOs, GCs and Boards are struggling with understanding and responding to cybersecurity risks within their organizations....more
Two new bugs, dubbed Stagefright 2.0 have impacted up to one billion Android phones since 2008. When the bugs are triggered, they allow attackers to use booby-trapped audio or video files to put malicious code on the phones....more
The Department of Veterans Affairs’ Office of Inspector General recently issued a report, following a complaint that the VA Palo Alto Health Care System put veterans’ health information at risk when it allowed personnel of a...more
The European Court of Justice, (the EU’s highest court), ruled on Tuesday, October 6th that the safe harbor pact between the EU and the U.S. should be declared invalid because it fails to provide adequate protection for EU...more
10/9/2015
/ Cybersecurity ,
Data Protection Authority ,
EU Data Protection Laws ,
European Commission ,
European Court of Justice (ECJ) ,
Facebook ,
Federal Trade Commission (FTC) ,
International Data Transfers ,
Ireland ,
National Security ,
National Security Agency (NSA) ,
Personal Data ,
Privacy Laws ,
Right to Privacy ,
Safe Harbors ,
Schrems I & Schrems II ,
US-EU Safe Harbor Framework
We’ve all gotten them–the dreaded letter that informs us that our data has been compromised, including our Social Security number. Some have received so many of these “notifications” that they are de-sensitized, throw their...more
10/9/2015
/ Breach Notification Rule ,
Credit Monitoring ,
Credit Reports ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
Fraud ,
Hackers ,
Identity Theft ,
Personally Identifiable Information
Late last week, the American Bankers Association disclosed that its computer systems had been compromised exposing thousands of members’ personal information. The hacking occurred through its website’s shopping cart tool,...more
Scottrade, a retail brokerage firm, announced late last week that it suffered an intrusion by cyber hackers who stole client contact information of 4.6 million customers. The intrusion occurred between late 2013 and early...more
10/9/2015
/ Brokerage Accounts ,
Class Action ,
Cyber Attacks ,
Cyber Crimes ,
Data Breach ,
Hackers ,
Identity Theft ,
Investment Companies ,
Investment Management ,
Negligence ,
Personally Identifiable Information ,
Scottrade ,
Target
Although the Office for Civil Rights (OCR) has indicated in the past that it would start its next round of HIPAA audits, apparently it means business now. In the wake of an Inspector General report that the OCR was merely...more
10/2/2015
/ Audits ,
Compliance ,
Consumer Complaint Management ,
Covered Entities ,
Data Breach ,
Data Privacy ,
Data Protection ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Inspector General ,
OCR ,
Popular ,
Privacy Laws
Systema Software, which provides software solutions for claims management, is investigating a breach (although it was discovered, accessed and confirmed by an independent third party) involving information of 1.5 million...more
The National Institute of Standards and Technology has announced that due to stakeholder feed-back, the period to submit comments for the draft guide, “Securing Electronic Health Records on Mobile Devices” has been extended...more
10/2/2015
/ Comment Period ,
Cybersecurity ,
Data Protection ,
Data Security ,
EHR ,
Electronic Medical Records ,
Extensions ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Medical Records ,
Mobile Devices ,
NIST ,
Personally Identifiable Information ,
Popular ,
Privacy Laws ,
Security Rule
Everyone loves their smartphone. Everyone loves the newest app. Angry Birds has lots of company now. But most people don’t know the back end of apps and how they are accessing, using and selling your data. Why? Because no one...more
10/2/2015
/ Apple ,
Cell Phones ,
Consumer Information ,
Data Collection ,
Data-Sharing ,
Geolocation ,
Grocery Stores ,
iPhone ,
Location Data ,
Location Privacy ,
Mobile Apps ,
Mobile Device Management ,
Mobile Devices ,
Mobile Privacy ,
Personal Data ,
Privacy Concerns ,
Privacy Policy ,
Privacy Settings ,
Resorts & Restaurants ,
Retailers ,
Right to Privacy ,
Smartphones
Last week, (September 23, 2015), Advocate General Yves Bot (AG), an adviser to Europe’s highest court, issued a nonbinding opinion that the agreement between the EU and the U.S. for data transfers from the EU to the U.S....more