On October 1, 2015, a substantial portion of the liability associated with in-store fraudulent credit card purchases will shift from credit card issuers, such as banks or credit unions, to retail merchants. Credit card...more
Based upon the way modern computers are designed, there are certain tasks they are much better at performing than humans. It wouldn’t be pedantic to point the fact that’s the purpose of a computer in the first place: to do...more
On June 26, Rhode Island Governor Gina Raimondo (D) signed into law Senate Bill 0134, the Rhode Island Identity Theft Protection Act of 2015 (the Act), which clarifies data security measures, expands protection to health data...more
On July 1, 2015, a new law, Virginia Code Section 40.1-28.7:5 went into effect that prohibits Virginia employers from requiring current or prospective employees: (1) to disclose their social media account usernames and/or...more
Until very recently, it was considered matter of course in a services agreement for any data disclosure or loss, regardless of cause, to be excluded from any and all limitations of the vendor’s liability. However, as data...more
As already stated in a previous blog post, on May 13, 2015, the Belgian Data Protection Authority issued a recommendation in which it expressed its concern about Facebook tracking users, non-users and logged-out users without...more
Even the French Data Protection Authority (CNIL – Commission Nationale de l’Information et des Libertés) can be sued for the violation of its own recommendations. Following is its recommendation regarding the anonymization of...more
One, of course, recalls the May 13, 2014 decision of the Court of Justice of the European Union (CJEU) on the “right to be forgotten”. As a result, the French Data Protection Authority (CNIL – Commission Nationale de...more
6/17/2015
/ CNIL ,
Data Protection ,
Data Protection Authority ,
Delisting ,
Domain Names ,
EU ,
France ,
Google ,
Notice of Intent ,
Right to Be Forgotten ,
Sanctions ,
Search Engines
More details continue to emerge about the cyber attack and data breach disclosed last week of the U.S. federal government’s Office of Personnel Management (OPM), and those details continue to get worse. While original reports...more
A few weeks ago, your humble blogger looked into how difficult it was for someone to crack encryption in light of debates on Capitol Hill about whether policies should be put in place to limit its strength. In March and May,...more
The redesigned account page does not offer any additional privacy or security options over those previously offered. Instead, it consolidates all of Google’s privacy and security settings, thus making it easier for a customer...more
This week, the social networking service Facebook quietly announced that it will begin making PGP encryption available for communications from Facebook to its users. While this step, in itself, is a small one not likely to...more
Earlier this month, fitness-tracking company Fitbit, Inc. filed a Form S-1 Registration Statement for an IPO of up to $100 million that exhaustively disclosed potential cybersecurity risks with respect to the personal data...more
Fast approaching is the June 1 expiration of certain provisions of the Patriot Act, including § 215 (codified as 50 U.S.C § 1861), which is the basis for the National Security Agency’s (NSA) bulk telephone metadata collection...more
BREAKING NEWS: Health insurer CareFirst BlueCross BlueShield disclosed today that hackers gained access to one of its databases, exposing personally identifiable information for approximately 1.1 million people....more
5/21/2015
/ Blue Cross ,
Blue Shield ,
CareFirst ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Hackers ,
Health Insurance ,
Healthcare ,
Identity Theft ,
Information Technology
The U.S. Securities and Exchange Commission’s (“SEC”) Division of Investment Management (“Division”) recently released a Guidance Update (“Guidance”) highlighting the importance of cybersecurity for registered investment...more
Whether it’s in discussions of public policy or discussions of best practices, encryption is all the rage right now. ...more
The Information Technology Subcommittee of the Committee on Government Oversight and Reform of the US of House of Representatives last Wednesday held a hearing on encryption technology and potential US policy responses....more
Last week, in conjunction with the Criminal Division’s Cybersecurity Industry Roundtable, the U.S. Department of Justice released its “Best Practices” guide for preparing for and responding to a cyber incident....more
The English Court of Appeal has recently handed down a landmark decision confirming that an individual can recover damages under the UK’s Data Protection Act 1998 (the “Act”) for non-financial losses....more
By some estimates, cybercrime costs the global economy $445 billion annually. If cybercrime were a single country, this dollar amount would place it within the world’s top 30 countries in terms of gross domestic product, and...more
4/16/2015
/ Contract Negotiations ,
Cross-Border Transactions ,
Cyber Crimes ,
Cybersecurity ,
Due Diligence ,
Gramm-Leach-Blilely Act ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Integration ,
PHI ,
Popular ,
Security and Privacy Controls
The Federal Trade Commission (FTC) recently announced formation of its Office of Technology Research and Investigation (OTRI), an office meant to “ensure that consumers enjoy the benefits of technological progress without...more
While others were waiting for spring to arrive, community bank officers and directors were waiting for the Federal Financial Institutions Examination Council (FFIEC) to provide additional guidance on its cybersecurity...more
On March 23, 2015, Virginia Gov. Terry McAuliffe approved a social media password privacy bill (H.B. 2081) that limits employers access to employees’ and job applicants’ personal social media accounts....more
Back on February 12th 2015, Max Schrems, the Austrian law student who began Europe v. Facebook, posted a tweet suggesting that the Court of Justice of the European Union (CJEU) may hear his case as soon as this month. Since...more