No Password Required: An FBI Special Agent's Journey from Submarines to Anti-Corruption to Cybersecurity
Life With GDPR: Episode 22- Morrisons’ and vicarious liability
This Week in FCPA-Episode 55, the Covfefe Edition
In the privacy world, confidential information relating to the nature, amount, or use of telecommunications services has always been subject to separate rules from other types of customer data. Prior to the advent of...more
In a recent post, we highlighted the need for a privacy and cybersecurity training program, one not solely focused on spotting phishing attempts (although that is quite important as well). A primary reason, quite simply, is...more
As if 2020 hasn’t caused enough hardship and headaches for employers already, the FBI and U.S. Cybersecurity Infrastructure Security Agency (“CISA”) recently issued a joint Cybersecurity Advisory Alert warning employers about...more
In this month's edition, we examine the Court of Justice of the European Union's decision invalidating the EU-U.S. Privacy Shield framework, as well as the U.S. government's response to the decision. We also examine two...more
As the COVID-19 pandemic presses on, privacy and security matters continue to be at the forefront for federal and state legislature. We recently reported that Washington D.C. updated its data breach notification law. Now, the...more
In the midst of COVID-19 challenges, privacy and security matters continue to be at the forefront for federal and state legislature. In late March, the Washington D.C. (“D.C.”) legislature amended its data breach notification...more
In this episode, I visit with Jonathan Armstrong on the recent UK court of appeals decision in the Morrisons’ case. This decision stretched the limits of vicarious liability for a corporation to the absolute breaking point...more
On June 7, 2018, the French Data Protection Authority (the CNIL) published a decision (issued one month earlier) in which it imposed a record 250,000 euros fine on Optical Center (which, although its name does not indicate,...more
Darkreading.com reported that “Federal agencies must protect sensitive data and both thwart bad guys hunting for citizens’ private data and nation-state hackers with their own agendas — in addition to grappling with perennial...more
Alabama has joined the “crazy quilt” of state data breach notification laws with the governor’s signature of the Alabama Data Breach Notification Act of 2018. Things to take note of under the Alabama law...more
We are anxiously waiting to learn the fate of the data breach notification statute recently passed by state lawmakers in New Mexico. The bill remains on the desk of the governor who has until the end of the week to sign the...more
Adobe Systems, Inc. (“Adobe”) agreed to settle an investigation by 15 states related to an incident in 2013 in which Adobe was the victim of a data security breach that exposed the user name, account information, and credit...more
As has become typical in the data security space, there was quite a bit of activity in state legislatures over the previous year concerning data breach notification statutes. Lawmakers are keenly aware of the high profile...more
Academia’s cyber preparedness (or lack thereof) has received less media attention than that of certain retailers and financial institutions, but nonetheless the cyber risks confronting universities are pervasive and alarming....more
Washington and Oregon both recently updated laws that define data security and incident response requirements for breaches of consumers’ personal information. Details of these new requirements for each state are below. ...more