AI has great capability to both harm and to protect in a cybersecurity context. As with the development of any new technology, the benefits provided through correct and successful use of AI are inevitably coupled with the...more
On July 10, 2023, the EU Commission approved the EU-U.S. Data Privacy Framework (“EU-US DPF”) as a valid transfer mechanism for sharing personal data from European Economic Area countries (those in the EU plus Iceland,...more
7/13/2023
/ Adequacy Requirement ,
Data Privacy ,
EU ,
EU-US Privacy Shield ,
European Commission ,
European Economic Area (EEA) ,
Framework Agreement ,
Iceland ,
International Data Transfers ,
Liechtenstein ,
Norway ,
Popular ,
Self-Certification ,
Switzerland ,
UK
2023 is shaping up to be a landmark year for data privacy, as comprehensive consumer privacy laws take effect in four states and a fifth state expands its already robust privacy compliance requirements. As part of Womble Bond...more
In May 2017, the world of data privacy was irreparably changed when four members of the Chinese military hacked into credit-reporting company Equifax, exposing the personal information of nearly 150 million Americans. The...more
6/22/2022
/ California Consumer Privacy Act (CCPA) ,
Compliance ,
Compliance Dates ,
Consumer Privacy Rights ,
Corporate Counsel ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Popular ,
State Privacy Laws ,
Surveys
This week I read a worried headline claiming that, in a recent consumer data breach, the hackers had managed to access consumers’ telephone numbers. This was treated as an important and troubling revelation....more
11/19/2021
/ ATDS ,
Bots ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Digital Wallets ,
Hackers ,
Mobile Apps ,
Multi-Factor Authentication ,
Online Banking ,
Phishing Scams ,
Phone Numbers ,
Popular ,
Spyware
The recent spate of apparently eastern European cyberattacks on important U.S. commercial interests—from SolarWinds to Colonial Pipeline—should force all of us to step back and review how we organize our world. Many crucial...more
I have written recently about the crashing tsunami of change in legal attitudes toward the largest U.S. data, technology and internet companies, especially in the antitrust realm. As we consider whether GAFA critic Tim Wu...more
The movement to localize some or all of internet data has grown over the past five years as countries introduce new laws restricting data flows, and others try to boost local businesses by placing burdens on international...more
2/23/2021
/ Algorithms ,
Authoritarian Regimes ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Data Localization Law ,
EU-US Privacy Shield ,
Foreign Relations ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Popular ,
Privacy Concerns ,
Schrems I & Schrems II ,
Surveillance ,
Technology Sector
How is a refrigerator like a stoplight camera and a delivery drone?
Each of these devices and hundreds of millions of others are part of the internet of things (IoT), meaning that manufacturers are building them with sensors...more
Definitions are important.
How we define words sets the context for how we regulate them. In the U.S., the definitions of legally defended private information are changing, affecting the entire scope of information...more
Historians believe we have started a fourth industrial revolution where physical, digital, and biological worlds will merge to form the basis of a new economy. One of the key elements of this transformation is the emergence...more
Most people have a warped and deeply unrealistic understanding of data security.
There is no such thing as absolute security. For a thing to have value, you must be able to access the value – in effect, to use it. In order...more
On Tuesday I wrote about how Epic Games’ CEO Tim Sweeney was engaging Apple on at least three battlefronts. I missed a battlefront and I’m here today to rectify that mistake.
I mentioned Epic’s groundbreaking and lucrative...more
8/20/2020
/ Anti-Competitive ,
Anticompetitive Behavior ,
Antitrust Violations ,
App Developers ,
App Store ,
Apple ,
Big Tech ,
Competition ,
Games ,
Gaming ,
Google ,
Microsoft ,
Mobile Apps ,
Monopolization ,
Nintendo ,
Popular ,
Software Developers ,
Sony ,
Video Games
Tim Sweeney, the Colossus of Cary, is fighting even bigger foes – Apple and Google. The multibillionaire chief executive of Epic Games has opened a multi-front war on the tribute that app developers are forced to pay to reach...more
8/18/2020
/ Antitrust Litigation ,
Antitrust Violations ,
App Developers ,
App Store ,
Apple ,
Big Tech ,
Competition ,
Games ,
Google ,
Microsoft ,
Mobile Apps ,
Monopolization ,
Popular ,
Video Games
When was the last time you talked about blockchain?
Maybe 18 months to 2 years ago when the world was new, Broadway was open, and blockchain was everywhere. And then it wasn’t.
Blockchain didn’t leave us, its golden promise...more
7/24/2020
/ Artificial Intelligence ,
Blockchain ,
Cryptocurrency ,
Digital Assets ,
Digital Currency ,
Distributed Ledger Technology (DLT) ,
Initial Coin Offering (ICOs) ,
Internet of Things ,
Popular ,
Technology Sector ,
Token Sales
Now a business that was hacked may be successfully sued under state common law by data subjects whose information was compromised in the crime. For the first time, a state supreme court has held that a company that was...more
1/3/2019
/ Breach of Duty ,
Cybersecurity ,
Data Breach ,
Data Security ,
Economic Loss Doctrine ,
Employer Liability Issues ,
Negligence ,
PA Supreme Court ,
Personally Identifiable Information ,
Popular ,
Reasonable Care
Tacking an entirely new direction from other US states, Ohio has decided to offer defensive legal protection to businesses who have built a cybersecurity regime around well-known industry standards, even where those...more
11/7/2018
/ Blockchain ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Federal Information Security Modernization Act (FISMA) ,
GLBA Privacy ,
Health Insurance Portability and Accountability Act (HIPAA) ,
New Legislation ,
NIST ,
Popular ,
Safe Harbors ,
Smart Contracts
“New threats and a new era of strategic competition” have prompted the White House to roll out a new National Cyber Strategy. As identified below, the Strategy contains important priority initiatives that will advantage many...more
9/28/2018
/ Critical Infrastructure Sectors ,
Cyber Crimes ,
Cybersecurity ,
Data Security ,
National Security ,
Popular ,
Private Sector ,
Risk Mitigation ,
Technology Sector ,
Telecommunications ,
Transportation Industry
You may be paying for cyber insurance that will not cover the most significant cyber risks faced by your business.
Recent studies call into question whether a company can insure against the unprecedented huge fines for...more
9/20/2018
/ Corporate Counsel ,
Cyber Insurance ,
Cybersecurity ,
Data Protection ,
Data Security ,
EU ,
Extraterritoriality Rules ,
Fines ,
General Data Protection Regulation (GDPR) ,
Member State ,
Popular
Throughout history, people have waged sectarian fights to protect their beliefs. The Europeans, sitting at a crossroads of two major religions charged with converting the unenlightened, have a particularly combative...more
8/16/2018
/ Cybersecurity ,
Data Controller ,
Data Processors ,
Data Protection ,
Data Protection Officers (DPOs) ,
EU ,
EU Data Protection Laws ,
Extraterritoriality Rules ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Popular
In February 2014 the U.S. National Institute of Standards in Technology (‘NIST’) published the ?rst NIST Cybersecurity Framework, responding to an Executive Order on improving critical infrastructure cybersecurity issued by...more
4/23/2018
/ Cloud Service Providers (CSPs) ,
Critical Infrastructure Sectors ,
Cyber Attacks ,
Cybersecurity ,
Cybersecurity Framework ,
Data Protection ,
Data Protection Officers (DPOs) ,
Executive Orders ,
Hackers ,
Internet of Things ,
NIST ,
Point of Sale Terminals ,
Popular ,
Public Safety ,
Regulatory Requirements ,
Risk Management ,
Self-Regulatory Organizations ,
Trump Administration
For retailers, speed and efficiency in supply chains are paramount. With the possibility of a "hard" or "no deal" Brexit, retailers must adapt to a new operating environment. The UK government is exploring the potential for...more
11/15/2017
/ AEO ,
Blockchain ,
Cross-Border Transactions ,
Customs and Border Protection ,
Cybersecurity ,
Distributed Ledger Technology (DLT) ,
General Data Protection Regulation (GDPR) ,
GPS ,
Internet of Things ,
Popular ,
Port Authority ,
Retailers ,
Singapore ,
Theresa May ,
UK Brexit ,
Websites
The EU’s General Data Protection Regulation goes into effect on May 25, 2018. GDPR replaces the EU Data Protection Directive. GDPR can apply to US-based businesses even if they do not have offices or employees in the EU. It...more
The cyber war battlefield has expanded, and your business is now a fighter and a target.
A new U.S. Government report explains many reasons for identifying and penalizing Russian hackers, the Russian intelligence...more
In Travelers Indemnity Co. of America v. Portal Healthcare Solutions, LLC, the Fourth Circuit Court of Appeals reverses the recent trend of insurance companies avoiding any liability for data breaches under commercial general...more