Linn Foster Freedman

Linn Freedman practices in data privacy and security law, and complex litigation. She is a member of the Business Litigation Group and chair’s the firm’s Data Privacy and Security Team. She currently serves as general counsel to the Rhode Island Quality Institute. Linn focuses her practice on compliance with all state and federal privacy and security laws and regulations, as well as emergency data breach response and mitigation. She counsels clients on state and federal data privacy and security investigations and data breaches. Prior to joining the firm, Linn was a partner at Nixon Peabody, where she served as leader of the firm’s Privacy & Data Protection Group. She also served as assistant attorney general and deputy chief of the Civil Division of the Attorney General’s Office for the State of Rhode Island. She earned her J.D. from Loyola University School of Law and her B.A., with honors, in American Studies from Newcomb College of Tulane University. She is admitted to practice law in Massachusetts and Rhode Island. Read her full rc.com bio here.

Subscribe to all posts by Linn Foster Freedman

Almost Entire Ecuadorian Population Affected by Massive Data Breach

By Linn Foster Freedman on September 19, 2019 Posted in Cybersecurity

The Ecuadorian Ministry of Telecommunications and Information Security has announced an investigation into data analytics company Novaestrat after news broke this week that the company left an Elasticsearch server open without any password protection, allowing open access to the data. According to officials, Novaestrat was not supposed to have the data in the first place. … Continue Reading

Why Having a Chief Data Ethics Officer is Worth Consideration

By Linn Foster Freedman on September 19, 2019 Posted in New + Now

Emerging technology has vastly outpaced corporate governance and strategy, and the use of data in the past has consistently been “grab it” and figure out a way to use it and monetize it later. Today’s consumers are becoming more educated and savvy about how companies are collecting, using and monetizing their data, and are starting … Continue Reading

Privacy Tip #208 – Last Pass Patches Bug that Leaks Passwords

By Linn Foster Freedman on September 19, 2019 Posted in Privacy Tips

I am not a big fan of putting all of one’s passwords in one place, but many people use password managers. If you use Last Pass (see previous blog posts about Last Pass here and here), be aware that it was recently advised by a Google Project Zero researcher that there was a vulnerability that made … Continue Reading

School System Victimized by Second Ransomware Attack in Months

By Linn Foster Freedman on September 12, 2019 Posted in Cybersecurity

The Wolcott school system in Wolcott, Connecticut has been recovering for four months from a ransomware attack that hit its system at the end of the school year. Last week, it was hit with a second attack. According to reports, the cyber criminals behind the recent ransomware attack were holding teacher lesson plans hostage. The … Continue Reading

Municipalities and School Systems: Educate Your Employees

By Linn Foster Freedman on September 12, 2019 Posted in New + Now

The pace and number of cyber-attacks against municipalities and school systems is staggering and likes of which we have never seen. Municipalities and school systems are obvious targets for cyber criminals as it is well known that resources are scarce to implement measures to combat cyber-attacks. Nearly all of the attacks that we’ve written about … Continue Reading

Privacy Tip #207 – Digital Assets

By Linn Foster Freedman on September 12, 2019 Posted in Digital Assets, Privacy Tips

I haven’t written about digital assets in a while [view related posts] and I was reminded of the importance of putting digital assets into your estate plan this week in a conversation with a colleague. After my experience of serving as the executor of three estates, it became clear to me how important it is … Continue Reading

July 2019 Ranks Highest in History for Health Care Data Breaches

By Linn Foster Freedman on September 5, 2019 Posted in Cybersecurity

July 2019 was the worst month in history for health care data breaches, with a total of 50 breaches that affected more than 500 records reported to the Office for Civil Rights (OCR), according to HIPAA Journal. Those 50 reportable data breaches exposed more than 35 million individuals’ health care records. HIPAA Journal opines that … Continue Reading

Keep Privacy Shield Certification on the Radar Screen

By Linn Foster Freedman on September 5, 2019 Posted in New + Now, Websites

After all of the GDPR compliance assessments, implementation and hullaballoo in the last year or so, many companies chose to certify that they are compliant with the EU-U.S. Privacy Shield framework rather than implementing a full-blown GDPR compliance program. To attain Privacy Shield certification, companies must submit an application and certify that when consumer data … Continue Reading

Privacy Tip #206 – Be Mindful of Calendar Invites—They Can Contain Spam

By Linn Foster Freedman on September 5, 2019 Posted in Privacy Tips

Spam is invading all aspects of our online life, and of late, even our online calendars. I hadn’t thought about embedded malware in calendar invites until I read an informative krebsonsecurity.com blog article this week. I think this is something everyone should know about and be mindful of when receiving calendar invites. Calendar invites are … Continue Reading

Colleges and Universities at Risk for Cyber-Attacks as School Year Starts

By Linn Foster Freedman on August 29, 2019 Posted in Cybersecurity

It’s a busy time for colleges and universities as the fall semester starts and campuses are bustling with activity. It’s also the perfect time for cyber criminals to create mayhem for institutions of higher education with a cyber-attack. That is exactly what happened to Regis University in Denver, Colorado. The university had to shut down … Continue Reading

One-Third of Security Vulnerabilities Remain Unpatched

By Linn Foster Freedman on August 29, 2019 Posted in Cybersecurity

Although the number of security vulnerabilities reported in the first half of 2019 have dropped a bit from last year, a new report by Risk Based Security states that 34 percent of the 11,092 vulnerabilities identified have not been patched to date. The key findings of the report include the following: Web-related vulnerabilities accounted for … Continue Reading

Marketing Teams: Be Mindful of Robocalling

By Linn Foster Freedman on August 29, 2019 Posted in New + Now

No one likes a robocall. Yet, we all get them, and the increased frequency of robocalls is astounding. I now don’t pick up any calls on either my residential line or my cell phone unless it is a known number. It can be quite frustrating for consumers and the Federal Trade Commission (FTC) is hearing … Continue Reading

Privacy Tip #205 – MoviePass Subscribers’ Card, Debit and Credit Card Information Exposed

By Linn Foster Freedman on August 29, 2019 Posted in Privacy Tips

There are a numerous subscription based services available to consumers that allow us to provide our debit or credit card numbers to obtain a subscription for services. Providing a debit or credit card number for these services for an automatic charge means that the company has your number and it can be exposed, putting you … Continue Reading

Twenty-three Texas Municipalities Crushed by Coordinated Ransomware Attack

By Linn Foster Freedman on August 22, 2019 Posted in Cybersecurity

We have definitely seen an uptick in the number of ransomware attacks against municipalities around the country. Thus far, the attacks have been against single cities, towns, and court systems, and recently against a Louisiana school system. The pace and coordination of these attacks have magnified, as evidenced by the coordinated and simultaneous ransomware attacks this … Continue Reading

Choice Hotels Contacts 700,000 Customers About Data Breach Caused by Vendor

By Linn Foster Freedman on August 22, 2019 Posted in Data Breach

In another example of a data breach allegedly caused by a vendor, Choice Hotels is contacting approximately 700,000 of its customers regarding a data breach caused by a third-party vendor that “copied the impacted data from our environment without authorization” to its server. While the data was being transferred to the third-party vendor’s server, it … Continue Reading

Initial Coin Offerings (ICOs) on SEC’s Radar

By Linn Foster Freedman on August 22, 2019 Posted in New + Now

This month, the Securities and Exchange Commission (SEC) announced that it has entered into a settlement with SimplyVital Health, Inc., a blockchain company that offered and sold approximately $6.3 million worth of securities to the public. The SEC alleged that the plan to conduct an initial coin offering (ICO) to raise money to develop a … Continue Reading

Privacy Tip #204 – Has Your Doctor (or other Professional) Downloaded Apps With Microphone Access?

By Linn Foster Freedman on August 22, 2019 Posted in Privacy Tips

I have the great pleasure to present annually to doctors who are in their fellowship (which means they are post-med school and continuing their training in a particular specialty) about lawyerly things before they go out into the real world. I have been doing it for years for an old friend of mine who is … Continue Reading

Security Researchers Find Biometric Data on 28 Million Records Is Exposed

By Linn Foster Freedman on August 15, 2019 Posted in Cybersecurity

It was reported this week by The Guardian and Forbes that security researchers from Vpnmentor have discovered and published a report that Suprema, a company that collects and monitors biometric information such as fingerprints and facial recognition data, has left exposed the biometric information of 28 million records and 23 gigabytes of data insecure. Suprema … Continue Reading

Privacy Tip #203 – Cryptocurrency Woes

By Linn Foster Freedman on August 15, 2019 Posted in Privacy Tips, Virtual Currency

As cryptocurrency becomes more popular with investors, CipherTrace recently issued its Q2 2019 Cryptocurrency Anti-Money Laundering Report, which finds that “[O]utright thefts as well as scams and other misappropriation of funds from cryptocurrency users and exchanges continued apace, netting criminals and fraudsters approximately $4.26 billion in aggregate for 2019.” Yikes—that’s billion with a “b”. The … Continue Reading

Delta Sues Vendor for Causing Data Breach

By Linn Foster Freedman on August 14, 2019 Posted in Data Breach, Enforcement & Litigation, International Privacy Laws, Websites

In an unusual move, Delta Airlines (Delta) sued one of its vendors last week for the data breach it experienced in 2017. It’s an unusual move for several reasons. First, in our experience when a vendor causes a data breach, there is usually a contractual provision that can be followed that outlines the responsibility of … Continue Reading

New Threat to Companies: Warshipping

By Linn Foster Freedman on August 8, 2019 Posted in Cybersecurity

It is so hard to keep up with the latest ways the bad guys try to infiltrate company data. One new technique is called warshipping, and its implementation is pretty simple and a little old school. IBM X-Force Red investigated the technique to give its customers an idea of the newest threats to enterprise systems. … Continue Reading

Clever Call Center Concept

By Linn Foster Freedman on August 8, 2019 Posted in New + Now

My husband was recently booking some travel for us and had an interesting experience that he thought was worth sharing. While he was providing his credit card number to the person who was assisting with the booking, that person told him before he gave the credit card number and CVV number to wait a moment, … Continue Reading

New Hampshire Enacts Insurance Data Security Law

By Linn Foster Freedman on August 8, 2019 Posted in Data Security

New Hampshire Governor Chris Sununu recently signed the New Hampshire Insurance Data Security Law, which “establishes the exclusive state standards applicable to licensees for data security, the investigation of a cybersecurity event…, and notification to the commissioner.” The law is applicable to all persons or entities licensed, authorized to operate, registered or required to be … Continue Reading

Privacy Tip #202 – Check the Privacy Settings on Your Phone Frequently

By Linn Foster Freedman on August 8, 2019 Posted in Privacy Tips

I once again had the pleasure of presenting Cybersecurity for Tax Professionals at the IRS Nationwide Tax Forum today. The conference is designed for tax professionals in small- to medium-sized businesses. It is always a lively bunch, but following the afternoon session, a crowd of folks got in line to chat more, and they were … Continue Reading

This Blog/Website is made available by the lawyer or law firm publisher for educational purposes only as well as to give you general information and a general understanding of the law, not to provide specific legal advice. By using this blog site you understand that there is no attorney client relationship between you and the Blog/Website publisher. The Blog/Website should not be used as a substitute for competent legal advice from a licensed professional attorney in your state. Any opinions expressed on this Blog/Website are opinions only of the author, expressed at the time the material is written based on information available to the author at that time, and are not opinions of the author's law firm or any of the author's or the law firm's clients. This Blog/Website is not intended to be attorney advertising. To the extent it might be deemed to be attorney advertising, it should not be considered advertising or to be seeking legal work in any jurisdiction in which the author is not admitted to practice law (i.e., jurisdictions other than Connecticut, Massachusetts, and various federal courts).