Linn Foster Freedman

Linn Foster Freedman

Linn Freedman practices in data privacy and security law, and complex litigation. She is a member of the Business Litigation Group and chair’s the firm’s Data Privacy and Security Team. She currently serves as general counsel to the Rhode Island Quality Institute. Linn focuses her practice on compliance with all state and federal privacy and security laws and regulations, as well as emergency data breach response and mitigation. She counsels clients on state and federal data privacy and security investigations and data breaches. Prior to joining the firm, Linn was a partner at Nixon Peabody, where she served as leader of the firm’s Privacy & Data Protection Group. She also served as assistant attorney general and deputy chief of the Civil Division of the Attorney General’s Office for the State of Rhode Island. She earned her J.D. from Loyola University School of Law and her B.A., with honors, in American Studies from Newcomb College of Tulane University. She is admitted to practice law in Massachusetts and Rhode Island. Read her full rc.com bio here.

Subscribe to all posts by Linn Foster Freedman

Financial Conduct Authority Warns Banking Industry of ICOs and Cryptocurrency

Writing a “Dear CEO” letter to banking executives, the Financial Conduct Authority (FCA) warned executives on June 11, 2018, to perform enhanced due diligence on clients who use or trade cryptocurrency for business transactions. The letter urges banks to check the use and value of cryptocurrencies in the same manner as banks check their clients’ … Continue Reading

MA Clean Energy Center Victim of Wire Fraud

A recent State audit has discovered that the Massachusetts Clean Energy Center wired $93,679 to a cyber-criminal in February 2017, and didn’t advise its board about the incident for 7 months. Following the audit, the auditor recommended that the agency conduct a risk assessment, develop written policies and procedures to address the potential for cybercrime, … Continue Reading

Bitfinex Stops Trading After Cyber-Attack

Bitfinex, a global digital currency exchange, paused trading last week when it experienced a distributed denial-of-service attack. During the pause in trading, it announced to users that “Bitfinex is currently under extreme load. We are investigating the issue and will keep you all up to date as we learn more.” The company resumed trading after … Continue Reading

Privacy Tip #143 – North Korea/U.S. Summit Gift Bags Remind us of Dangers of USB Devices

The Singapore summit was the focus of news stories this week. The media descended on Singapore to capture all of the news. When journalists started posting pictures of the contents of the gift bags that they were given at the summit by a company associated with the local government, cybersecurity experts from around the world … Continue Reading

VPNFilter Worse Than Previously Reported

We previously reported that the FBI has warned consumers about a nasty malware, known as VPNFilter and believed to have been launched by a Russian government hacking group is infecting hundreds of thousands of small business and home router [view related post here]. Apparently the malware is much worse than anyone thought and Cisco’s Talo … Continue Reading

FBI Warning: Russian Hackers Attacking Routers

Late last week, the Federal Bureau of Investigation (FBI) issued a warning to U.S. consumers that Russian hackers (dubbed Sofacy and a/k/a Fancy Brear and APT28, and believed to be backed by the Russian government) had compromised “hundreds of thousands” of home and office routers through malware known as VPNFilter in order to collect information … Continue Reading

Criminals Cashing in on GDPR Privacy Notices

Over the past several weeks, as the GDPR deadline of May 25 loomed, thousands of organizations sent individuals, including U.S. citizens, notices requesting consent and opt-in to receive further communications. Riding on that wave of confusion and inundating emails, criminals have used the implementation of GDPR to their advantage by impersonating legitimate businesses, including financial … Continue Reading

Privacy Tip #141 – Teen Safe App Exposes Parents’ and Teens’ Information

Admittedly, parents of teens have unique worries about their children. So-called “helicopter parents” worry more than others. A perfect app for such parents is Teen Safe, which allows those worried parents to monitor their children’s location, text messages, call history, app downloads and browsing history. Yikes—the only monitor I ever had with my kids was … Continue Reading

South Carolina Enacts Insurance Data Security Act

South Carolina Governor Henry McMaster signed the South Carolina Insurance Data Security Act into law on May 3, 2018. The law, parts of which become effective January 1, 2019, requires entities licensed by the Department of Insurance to, “develop, implement and maintain a comprehensive information security program based on the licensee’s Board of Directors, if … Continue Reading

Privacy Tip #140 – Your Cellphone Location Is Being Sold and Leaked

I have been watching several articles published by ZDNet with interest. First, ZDNet reported that “four of the largest cell giants in the US are selling your real-time location data to a company that you’ve probably never heard about before.” That company is LocationSmart, which touts itself as a data aggregator that has “direct connections” … Continue Reading

Cyber Fraud Cost $1.4 Billion in 2017

The Federal Bureau of Investigation’s Internet Crime Complaint Center (IC3) recently released its yearly internet crime report, which states that more than 300,000 consumers reported cyber-fraud and malware attacks in 2017, costing over $1.4 billion. Yes, that is with a “b.” The threats at the top of the list reported by consumers include phishing, ransomware … Continue Reading

Lincare Settles Class Action Data Breach Case with Employees

Lincare Holdings Inc. (Lincare), recently entered into a mediated settlement with its employees regarding a data breach that took place on February 3, 2017. On that date, a cyber-criminal posing as a high-level Lincare executive emailed a human resources employee requesting W-2 data for some of its employees. The human resources employee emailed the information … Continue Reading

Privacy Tip #139 – Update on Removing Your Name from Offers of Credit or Insurance and Access to Disclosure Report from NCTUE

Update on Removing Your Name from Offers of Credit or Insurance and Access to Disclosure Report from NCTUE Last week’s Privacy Tip touched a nerve with many readers, and I received numerous comments and thank you’s from loyal readers who, like me, also had no idea about NCTUE or that they could opt out of … Continue Reading

SAMHSA and ONC Issue Fact Sheets on Confidentiality of Substance Use Disorder Information

In response to the opioid crisis, the Substance Abuse and Mental Health Services Administration (SAMHSA), in collaboration with the Office of the National Coordinator (ONC), recently issued two fact sheets to provide clarity on the updated 42 CFR Part 2 regulations in the context of health information exchanges and provider health settings. The fact sheets … Continue Reading

AICPA Survey Shows U.S. Adults Worried About Identity Theft and Financial Fraud and Concerned Businesses Can’t Protect Their Data

A new Harris Poll for the American Institute of CPAs (AICPA), which called 1,006 U.S. adults for the report, shows interesting statistics regarding American adults’ attitudes and fears about identity theft and financial loss as a result of cyber intrusions. The poll’s conclusion is that 48 percent of U.S. adults believe that identity theft will … Continue Reading

Bezop Cryptocurrency Investors’ Personal Information Exposed

Kromtech Security has reported that the sensitive personal information of more than 25,000 investors of Bezop cryptocurrency was exposed when a MongoDB database was left unsecured. The security incident is reported to be linked to a distributed-denial-of-service attack that occurred earlier this year. The investors’ compromised information included their names, addresses, email addresses, photocopies of … Continue Reading

Thousands of Patients’ PHI Exposed By Transcription Provider MEDantex

Medical transcription provider MEDantex has reportedly exposed the protected health information of thousands of patients through its unsecured provider portal, which did not require a password for access. According to reports, including KrebsOnSecurity, the patients’ audio medical notes were uploaded to MEDantex’s website, which were then to be transcribed and uploaded to a portal accessible … Continue Reading

Paper Records Still Problematic for Healthcare Providers

Data breaches continue to be an issue for healthcare providers, as indicated when looking at breaches reported to the Office for Civil Rights (OCR), as required by HIPAA. In the first three months of 2018, there were 77 breaches of protected health information (PHI) reported to OCR, which included more than one million patient records. … Continue Reading
LexBlog