Linn Foster Freedman

Linn Foster Freedman

Linn Freedman practices in data privacy and security law, cybersecurity, and complex litigation. She is a member of the Business Litigation Group and the Financial Services Cyber-Compliance Team, and chair’s the firm’s Data Privacy and Security Team. Linn focuses her practice on compliance with all state and federal privacy and security laws and regulations. She counsels a range of public and private clients from industries such as construction, education, health care, insurance, manufacturing, real estate, utilities and critical infrastructure, marine and charitable organizations, on state and federal data privacy and security investigations, as well as emergency data breach response and mitigation. Linn is an Adjunct Professor of the Practice of Cybersecurity at Brown University and an Adjunct Professor of Law at Roger Williams University School of Law.  Prior to joining the firm, Linn served as assistant attorney general and deputy chief of the Civil Division of the Attorney General’s Office for the State of Rhode Island. She earned her J.D. from Loyola University School of Law and her B.A., with honors, in American Studies from Newcomb College of Tulane University. She is admitted to practice law in Massachusetts and Rhode Island. Read her full rc.com bio here.

Subscribe to all posts by Linn Foster Freedman

Crime-as-a-Service Targets Popular Platforms

It’s getting difficult to keep up with the jargon of all of the new digital scams. The SaaSes in the beginning became regular business terms, such as Software-as-a-Service (SaaS), and Business Processes-as-a-Service (BPaaS). But then the criminal enterprises came up with Malware-as-a-Service (MaaS), Ransomware-as-a-Service (RaaS) and now Crime-as-a-Service (CaaS). A new Crime-as-a-Service offering is targeting … Continue Reading

Changing the Conversation About Sharing and Using Health Information

Some app developers know more about our health than our doctors do. Take, for instance, FitBit, which is attached to our wrist and measuring in real time our temperature, our heart rate, our steps and whether we have had enough exercise for our age in a day. Some people sleep with their phones on their … Continue Reading

Privacy Tip #223 – Navigating Individual Data Privacy in a World with AI

The same week that the National Institute of Standards and Technology came out with its Privacy Framework [view related post], highlighting how privacy is basically a conundrum, news articles also highlighted a new technology, Clearview AI, that allows someone to snap a picture of anyone walking down the street and instantly find out that person’s … Continue Reading

NIST Releases Privacy Framework: A Tool for Improving Privacy Through Enterprise Risk Management

The National Institute of Standards and Technology (NIST) released its first privacy framework tool  (the Privacy Framework) on January 16, 2020. In the Executive Summary, NIST states that with the unprecedented flow of data of individuals through a complex digital ecosystem, individuals may not be able to understand the potential consequences for their privacy as they … Continue Reading

FBI Warns of Retaliatory Cyber-Attack from Iran

The Federal Bureau of Investigation (FBI) is warning of a heightened likelihood of Iranian cyber-attacks following the escalation of tension between the U.S. and Iran. This follows the warning last week by the Department of Homeland Security (DHS). The FBI and DHS issued a bulletin to law enforcement groups warning of potential physical and cyber-attacks … Continue Reading

Health Information Sharing and Analysis Center Warns Health Systems to Be Wary of Iranian Cyber-Attacks

Following the escalation of tensions between the United States and Iran in the past week, the Health Information Sharing and Analysis Center (H-ISAC) is warning hospitals and health systems that Iran could attack health organizations, which are considered critical infrastructure, and that they make sure their systems are being updated with patches. H-ISAC further recommended … Continue Reading

States and Municipalities on High Alert for Iranian Originated Cyber-Attacks

The Department of Homeland Security (DHS) is warning critical infrastructure operators to be on high alert for Iranian backed cyber-attacks because of the vulnerability of state and municipal computer systems, they are at high risk for attack from Iranian-based hackers. We have seen states and municipalities get hammered with ransomware in the past year. Now … Continue Reading

Department of Homeland Security Warns of Cyber-Attacks by Iran

The Department of Homeland Security (DHS) issued a grave warning to U.S. businesses and critical infrastructure operators on January 6, 2020, alerting the public that Iran poses a cyber terrorism threat to the United States following the death of Iranian Quds Force commander Gen. Qassem Soleimani. The bulletin explains that Iran’s previous plots against the … Continue Reading

CCPA Recap for the New Year

After much anticipation and trepidation, the California Consumer Privacy Act (CCPA) went into effect on January 1, 2020. Many companies are understandably still grappling with the details of the law, the amendments, and the proposed regulations and how to comply with them. If you have not determined whether the CCPA applies to your company, and … Continue Reading

LifeLabs Pays Ransom to Retrieve Patient Data

It is being reported that LifeLabs, a Canadian lab company that is the largest provider of laboratory diagnostics and lab testing services in Canada, recently paid an undisclosed ransom to hackers who compromised its computer system that housed patient lab data. The hackers apparently compromised the system, exfiltrated data and demanded that the company pay … Continue Reading

Biometric Suit Not Preempted by Workers’ Compensation Statute

An Illinois employee of Power Solutions International Inc. (Power Solutions) filed suit against his employer alleging violations of the Illinois Biometric Information Privacy Act (BIPA) when Power Solutions collected his fingerprints through a timekeeping system without providing consent to do so. Under BIPA, companies, including employers, are required to provide notice and consent to employees … Continue Reading

Pensacola Hit with Cyber-Attack

Just hours after the shooting incident at the Pensacola Air Station last week, city officials in Pensacola discovered that the city was the victim of a ransomware attack. Many of the city’s computer systems were affected and were disconnected from the internet. City officials reported that all offices were open and that emergency services, including … Continue Reading

Banner Health Settles Data Breach Class Action Litigation for $6 Million

Arizona-based Banner Health has agreed to settle for up to $6 million a class action case filed against it following a 2016 incident that compromised the personal information of 3 million individuals. The breach compromised data on two information technology systems at the health system, including patient information and health insurance information on one system, … Continue Reading

Louisiana State Government Systems Down Following Ryuk Ransomware Attack

Louisiana Governor John Bel Edwards activated the State’s cybersecurity team recently after several State offices’ computers started acting strangely. The IT team identified an intrusion of Ryuk ransomware and which programs were affected, and shut down computers to avoid spread of the infection. During the outage, some state offices had no access to email, internet … Continue Reading

Veterinary Network Hit with Ransomware

National Veterinary Associates (NVA), a large network of veterinary hospitals and clinics, has reportedly been the victim of a ransomware attack. According to the reports, NVA employs more than 2,600 veterinarians, with over 700 veterinary hospitals and clinics in the U.S., Canada, Australia, and New Zealand. NVA was reportedly hit with the Ryuk ransomware virus, … Continue Reading

Medicare Beneficiary Cards of 220,000 Individuals Compromised

The Centers for Medicare and Medicaid (CMS) has announced that approximately 220,000 Medicare beneficiaries’ card numbers have been compromised “by an unknown person or organization.” That means CMS doesn’t know who or how the cards were compromised. Although CMS says it is working to “remedy the situation,” in the meantime, it is checking billing systems … Continue Reading

Privacy Tip #218 – FBI Considers FaceApp a Counterintelligence Threat

For those of you who have downloaded the face editing app FaceApp, please note that the Federal Bureau of Investigation (FBI) has classified FaceApp as a counterintelligence threat because of its Russian origins. According to the FBI, “[T]he FBI considers any mobile application or similar product developed in Russia, such as FaceApp, to be a … Continue Reading
LexBlog