No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
Life With GDPR: Episode 104 – Solar Winds and Your Mother – Tell The Truth
No Password Required: American University’s Vice Provost for Research and Innovation and a Tracker of (Cyber) Unicorns
Snooping Sadia Talks to Former Official Gene Fishel — Unauthorized Access Podcast
Life With GDPR: Critical Perspectives on Big Law Firm Cybersecurity
No Password Required: Chief Adversarial Officer at Secure Yeti, a DEF CON Groups Global Ambassador, and a World-Class Awkward Hugger
2023 DSIR Deeper Dive: How International and Domestic Regulatory Enforcement Spotlights the Information Governance Tensions Between ‘There’ and ‘Here’ and Between ‘Keep’ and ‘Delete’
Marketing Minute with NP Strategy (Video): How to Respond to a Cyber Security Breach
Life With GDPR – Lessons Learned from The Singtel Opus Data Breach
State AG Pulse | CT AG Reacts to Genetic Data Breach
Cybersecurity in Video Games & Esports
2023 DSIR Deeper Dive: State Privacy and Data Collection
Introduction - In recent years, Ohio has made unique and nationally-mirrored efforts toward advancing a goal of protecting the personal data of its residents. In addition to joining other U.S. states in 2005 by requiring...more
Introduction - Illinois has enacted laws addressing rights and obligations related to data privacy. Companies and organizations that handle, collect, disseminate, or otherwise deal in nonpublic information have a number of...more
The American Hospital Association (AHA) has warned that information technology (IT) help desks are being targeted in a social engineering scheme that uses the stolen identity of revenue cycle employees or employees in other...more
A slew of consumer protection laws have been introduced throughout the country this year, with many taking notes from California’s Consumer Protection Act (CCPA). In the last month alone, in fact, Colorado, Nevada, Texas, and...more
Florida may soon join the growing number of states that have enacted comprehensive consumer privacy legislation. Backed by Governor Ron DeSantis, Florida House Bill 969 (HB 969) would create new obligations for covered...more
United States Senator Jerry Moran (R. Kan.), Chairman of Commerce Subcommittee on Consumer Protection, has introduced legislation, Senate Bill 3456, to establish a national standard for protecting consumer data and personal...more
Ransomware Attacks Predicted to Occur Every 11 Seconds in 2021 with a Cost of $20 Billion - Confirming what we are seeing in the field, cybersecurity firm Cybersecurity Ventures has predicted that, globally, businesses in...more
We are a little more than two weeks into the new year and we’ve already seen several states introduce comprehensive privacy legislation on the heels of California’s Consumer Privacy Act (CCPA). It is no easy task to stay on...more
SDNY Rejects Standing under “Increased Risk” Theory Where Data Not Targeted or Stolen - The Southern District of New York rejected a settlement that would have resolved a class action based on the unauthorized (and...more
In May of 2018, the European Union enacted the General Data Protection Rules, or GDPR, a legal framework that outlines not only how companies may collect and process personal information of EU residents, but how that data is...more
California Adds Biometric Restrictions to Data-Breach Law, Potentially Creating a De Facto Biometric Privacy Law Subject to the governor’s signature, California’s breach-notification law will gain additional requirements...more
As more and larger data breaches come to light, states continue to update and expand their breach notification statutes, adding to the patchwork of notification obligations that now exists in every state. Generally speaking,...more
As Congress continues to wrestle with federal privacy legislation, the states have been lining up alternative proposals. North Carolina has introduced its own bipartisan bill. The bill, H.B 904, will not pass this year. Even...more
New York’s state legislature is considering a new data privacy law that would set the standard for data privacy in the U.S. The New York Privacy Act (the “NYPA” or the “Act”), which is currently being considered by the state...more
Early last year, I posted about tougher, bi-partisan privacy and data security legislation in the works in North Carolina. North Carolina State Representative Jason Saine (R), Senior Appropriations Chair, teamed-up with North...more
Florida Introduces BIPA Legislation - A Florida state senator has introduced an identical version of the Illinois Biometric Information Privacy Act (BIPA)....more
As discussed in our prior post, the California Consumer Privacy Act of 2018 (the “Act”) is expected to be modified by the California legislature prior to its January 1, 2020, enforcement deadline. ...more
“Accurate Labels Act” Introduced in Congress - U.S. Sen. Jerry Moran (R-Kan.) and Reps. Adam Kinzinger (R-Ill.) and Kurt Schrader (D-Ore.) have introduced the Accurate Labels Act, a proposed amendment to the Fair Packaging...more
Businesses are understandably focused this week on the looming effective date for the European Union’s General Data Protection Regulation (GDPR). For U.S. businesses, however, a proposed law closer to home would raise similar...more
SB 1121, which is making its way through the California Legislature, would allow businesses to be sued for data breaches even when no one was actually injured. This includes being sued for failing to implement and maintain...more
On its face, last week’s report that the number of data breaches reported last year to New York’s Attorney General spiked to an all-time high of 1,583 – up 23 percent from 2016 – was not good news....more
On March 1, 2018, the Alabama Senate unanimously passed the Alabama Data Breach Notification Act of 2018 (SB 318). On March 22, 2018, the House of Representatives, following an amendment by the Technology and Research...more
The last two states which have not passed data breach notification laws are Alabama and South Dakota. Sometimes we make jokes about these states as they are so late to the data breach notification table (California was the...more
What would companies need to do to comply with the law? The Stop Hacks and Improve Electronic Data Security (SHIELD) Act imposes requirements in two areas: cybersecurity and data breach notification. The cybersecurity...more
Any entity that does business in these states or maintains confidential information of their residents should monitor the proposed data breach legislation discussed below: Oregon, New York, Alabama, and Rhode Island....more