Linn Foster Freedman

Linn Freedman practices in data privacy and security law, and complex litigation. She is a member of the Business Litigation Group and chair’s the firm’s Data Privacy and Security Team. She currently serves as general counsel to the Rhode Island Quality Institute. Linn focuses her practice on compliance with all state and federal privacy and security laws and regulations, as well as emergency data breach response and mitigation. She counsels clients on state and federal data privacy and security investigations and data breaches. Prior to joining the firm, Linn was a partner at Nixon Peabody, where she served as leader of the firm’s Privacy & Data Protection Group. She also served as assistant attorney general and deputy chief of the Civil Division of the Attorney General’s Office for the State of Rhode Island. She earned her J.D. from Loyola University School of Law and her B.A., with honors, in American Studies from Newcomb College of Tulane University. She is admitted to practice law in Massachusetts and Rhode Island. Read her full rc.com bio here.

Subscribe to all posts by Linn Foster Freedman

Security Researchers Find Biometric Data on 28 Million Records Is Exposed

By Linn Foster Freedman on August 15, 2019 Posted in Cybersecurity

It was reported this week by The Guardian and Forbes that security researchers from Vpnmentor have discovered and published a report that Suprema, a company that collects and monitors biometric information such as fingerprints and facial recognition data, has left exposed the biometric information of 28 million records and 23 gigabytes of data insecure. Suprema … Continue Reading

Privacy Tip #203 – Cryptocurrency Woes

By Linn Foster Freedman on August 15, 2019 Posted in Privacy Tips, Virtual Currency

As cryptocurrency becomes more popular with investors, CipherTrace recently issued its Q2 2019 Cryptocurrency Anti-Money Laundering Report, which finds that “[O]utright thefts as well as scams and other misappropriation of funds from cryptocurrency users and exchanges continued apace, netting criminals and fraudsters approximately $4.26 billion in aggregate for 2019.” Yikes—that’s billion with a “b”. The … Continue Reading

Delta Sues Vendor for Causing Data Breach

By Linn Foster Freedman on August 14, 2019 Posted in Data Breach, Enforcement & Litigation, International Privacy Laws, Websites

In an unusual move, Delta Airlines (Delta) sued one of its vendors last week for the data breach it experienced in 2017. It’s an unusual move for several reasons. First, in our experience when a vendor causes a data breach, there is usually a contractual provision that can be followed that outlines the responsibility of … Continue Reading

New Threat to Companies: Warshipping

By Linn Foster Freedman on August 8, 2019 Posted in Cybersecurity

It is so hard to keep up with the latest ways the bad guys try to infiltrate company data. One new technique is called warshipping, and its implementation is pretty simple and a little old school. IBM X-Force Red investigated the technique to give its customers an idea of the newest threats to enterprise systems. … Continue Reading

Clever Call Center Concept

By Linn Foster Freedman on August 8, 2019 Posted in New + Now

My husband was recently booking some travel for us and had an interesting experience that he thought was worth sharing. While he was providing his credit card number to the person who was assisting with the booking, that person told him before he gave the credit card number and CVV number to wait a moment, … Continue Reading

New Hampshire Enacts Insurance Data Security Law

By Linn Foster Freedman on August 8, 2019 Posted in Data Security

New Hampshire Governor Chris Sununu recently signed the New Hampshire Insurance Data Security Law, which “establishes the exclusive state standards applicable to licensees for data security, the investigation of a cybersecurity event…, and notification to the commissioner.” The law is applicable to all persons or entities licensed, authorized to operate, registered or required to be … Continue Reading

Privacy Tip #202 – Check the Privacy Settings on Your Phone Frequently

By Linn Foster Freedman on August 8, 2019 Posted in Privacy Tips

I once again had the pleasure of presenting Cybersecurity for Tax Professionals at the IRS Nationwide Tax Forum today. The conference is designed for tax professionals in small- to medium-sized businesses. It is always a lively bunch, but following the afternoon session, a crowd of folks got in line to chat more, and they were … Continue Reading

Louisiana Governor Declares Statewide Emergency After Cyber-Attacks Against School Systems

By Linn Foster Freedman on August 1, 2019 Posted in Cybersecurity

Louisiana Governor John Bel Edwards, for the first time in history, declared a statewide cybersecurity emergency last week, following cyber-attacks against several school systems in the state. By declaring a cybersecurity emergency, the state is able to garner needed resources, including cybersecurity experts from the Louisiana National Guard, State Police, the Office of Technology Services, … Continue Reading

New York Governor Signs Bill Expanding Data Breach Notification Law

By Linn Foster Freedman on August 1, 2019 Posted in Data Breach

New York Governor Andrew M. Cuomo signed a bill into law last week that expands New York’s data breach notification law. The Stop Hacks and Improve Electronic Data Security (SHIELD) Act brings the New York data breach notification law on par with other state data breach notification laws that have been amended in the last … Continue Reading

Pay Attention to Your Firewalls

By Linn Foster Freedman on August 1, 2019 Posted in New + Now

After the Capital One data breach, which was reportedly caused by an improperly configured firewall, every company should be paying attention to its firewalls. This is not the first data breach that has occurred because a firewall was not properly in place for data stored in the Cloud. I’m a lawyer, and I know very … Continue Reading

Privacy Tip #201 – Capital One Suffers Massive Data Breach

By Linn Foster Freedman on August 1, 2019 Posted in Privacy Tips

Many readers have reached out to learn about the Capital One data breach and how it affects us. If you haven’t been watching the story unfold as closely as I have, here is a summary of what happened, what information was included, and what to do about it. Capital One announced on July 29 that … Continue Reading

FIN8 Back in Business Stealing Credit Card Information with Badhatch

By Linn Foster Freedman on July 25, 2019 Posted in Cybersecurity

Security research firm Gigamon has reported that the nasty cybercriminal group FIN8 may have reappeared in June after a two year silence. FIN8 is known for implementing malware on point of sale systems to steal credit card information and selling it on the dark web. FIN8 appears to be back in business with a new … Continue Reading

Business Email Compromises Bilking U.S. Companies Out of $301M Per Month

By Linn Foster Freedman on July 25, 2019 Posted in New + Now

The United States Treasury Department came out with a report last week that concludes that business email compromises (BEC) are costing U.S. companies more than $301 million per month. The report confirms that the two industries hit the hardest by these scams are manufacturing and construction. The report, issued by the Treasury Department’s Financial Crimes … Continue Reading

Privacy Tip #200 – Iranian Backed Hacking Group Using LinkedIn To Deliver Malicious Documents

By Linn Foster Freedman on July 25, 2019 Posted in Privacy Tips

Fireeye published research last week that it has identified a phishing campaign by APT34, which is known to be a hacking group out of Iran, that all LinkedIn users should be aware of when considering adding a LinkedIn contact. In particular, if you receive a LinkedIn request from someone named Rebecca Watts from Cambridge University, … Continue Reading

GandCrab Ransomware Backers Working on New Ransomware REvil

By Linn Foster Freedman on July 18, 2019 Posted in Cybersecurity

We previously reported that the criminals behind the GandCrab Ransomware were retiring, and that a patch was discovered and companies are urged to implement the patch [view related post]. Why would cybercriminals who bilked more than $2 billion from companies with GandCrab retire when they have the resources and the ability to continue to steal? … Continue Reading

Premera Blue Cross Settles for $10M with 30 States for 2014 Data Breach

By Linn Foster Freedman on July 18, 2019 Posted in Data Breach, Health Information Privacy, HIPAA and Health Information

Following an investigation led by the Washington Attorney General, Premera Blue Cross has agreed to pay $10 million to 30 states after experiencing a data breach in 2014 that compromised the Protected Health Information of over 10 million individuals. $5.4 million of the settlement amount will be paid to the Washington State Attorney General’s Office … Continue Reading

DNA Information of Thousands of Individuals Exposed Online for Years

By Linn Foster Freedman on July 18, 2019 Posted in Data Breach

It is being reported that Vitagene, a company that provides DNA testing to provide customers with specific wellness plans through personalized diet and exercise plans based on their biological traits, left more than 3,000 user files publicly accessible on Amazon Web Services servers that were not configured properly. The information that was involved included customers’ … Continue Reading

Cities Consider Banning the Use of Facial Recognition Technology

By Linn Foster Freedman on July 18, 2019 Posted in New + Now

In the footsteps of San Francisco’s ban of the use of facial recognition technology, the cities of Somerville, Massachusetts, Oakland, California, and Berkeley, California are considering banning the use of facial recognition technology by municipal agencies. The proposed ban is in the midst of more and more cameras and smart technology being used for traffic … Continue Reading

Privacy Tip #199 – Guard Your Cryptowallet: Cryptoheist in Japan Drains $32 million from Exchange

By Linn Foster Freedman on July 18, 2019 Posted in Privacy Tips, Virtual Currency

The U.S. government continues to be wary of cryptocurrency, and presently, no cryptocurrency exchange is protected by the FDIC. When you put your money in a FDIC-insured bank, if the bank becomes insolvent customers will not lose their deposits, usually up to a maximum of $250,000 per depositor per insured bank. But if you deposit … Continue Reading

AT&T Sued by CA Customers for Selling Location Data to Aggregators

By Linn Foster Freedman on July 17, 2019 Posted in Enforcement & Litigation

AT&T was sued this week in the Northern District of California by customers alleging that AT&T sold their location data to data aggregators without their consent. The proposed class action suit was filed on behalf of all AT&T wireless customers from 2011 to date. The suit alleges that AT&T sold customers’ location data to LocationSmart … Continue Reading

U.S. Cyber Command Issues Warning About Microsoft Outlook Vulnerability

By Linn Foster Freedman on July 11, 2019 Posted in Cybersecurity

Hackers are targeting U.S. government networks, according to U.S. Cyber Command, which says there is a vulnerability of CVE-2017-1174, which is a two year old flaw in Microsoft Outlook that is being used by attackers to install remote access Trojans and other malware. U.S. Cyber Command recommends that the vulnerability be patched to prevent exploitation. … Continue Reading

Connecticut Budget Includes Insurance Data Security Law

By Linn Foster Freedman on July 11, 2019 Posted in New + Now

For those of you who don’t know, a fun fact is that Robinson+Cole one of the oldest law firms in Connecticut, and among our claims to fame is that we represented Mark Twain and Helen Keller. We are quite proud of our history and our reputation, and rightfully so. We are steeped in Connecticut law, … Continue Reading

Privacy Tip #198 – Cybersecurity for Tax Professionals

By Linn Foster Freedman on July 11, 2019 Posted in Privacy Tips

Yesterday, I was honored to again have the opportunity to participate as a speaker at the Internal Revenue Service’s Nationwide Tax Forum 2019 in Washington, D.C. Through a generous grant provided by the American Coalition for Taxpayer Rights to the Pell Center of Salve Regina University, we are able to educate small- and medium-sized tax … Continue Reading

2018 Cyber Incident & Breach Trends Report “All Bad”

By Linn Foster Freedman on July 10, 2019 Posted in Cybersecurity, Data Breach

The Internet Society’s Online Trust Alliance just released its “2018 Cyber Incident & Breach Trends Report, which says “2018–Some Better, Some Worse, All Bad.” That’s our experience, too. Here are the highlights from the report, which can be accessed here. Although the number of data breaches and exposed records decreased, and ransomware and DDoS (distributed … Continue Reading

This Blog/Website is made available by the lawyer or law firm publisher for educational purposes only as well as to give you general information and a general understanding of the law, not to provide specific legal advice. By using this blog site you understand that there is no attorney client relationship between you and the Blog/Website publisher. The Blog/Website should not be used as a substitute for competent legal advice from a licensed professional attorney in your state. Any opinions expressed on this Blog/Website are opinions only of the author, expressed at the time the material is written based on information available to the author at that time, and are not opinions of the author's law firm or any of the author's or the law firm's clients. This Blog/Website is not intended to be attorney advertising. To the extent it might be deemed to be attorney advertising, it should not be considered advertising or to be seeking legal work in any jurisdiction in which the author is not admitted to practice law (i.e., jurisdictions other than Connecticut, Massachusetts, and various federal courts).