Linn Foster Freedman

Linn Freedman practices in data privacy and security law, cybersecurity, and complex litigation. She is a member of the Business Litigation Group and the Financial Services Cyber-Compliance Team, and chair’s the firm’s Data Privacy and Security Team. Linn focuses her practice on compliance with all state and federal privacy and security laws and regulations. She counsels a range of public and private clients from industries such as construction, education, health care, insurance, manufacturing, real estate, utilities and critical infrastructure, marine and charitable organizations, on state and federal data privacy and security investigations, as well as emergency data breach response and mitigation. Linn is an Adjunct Professor of the Practice of Cybersecurity at Brown University and an Adjunct Professor of Law at Roger Williams University School of Law. Prior to joining the firm, Linn served as assistant attorney general and deputy chief of the Civil Division of the Attorney General’s Office for the State of Rhode Island. She earned her J.D. from Loyola University School of Law and her B.A., with honors, in American Studies from Newcomb College of Tulane University. She is admitted to practice law in Massachusetts and Rhode Island. Read her full rc.com bio here.

Subscribe to all posts by Linn Foster Freedman

Ransomware Attacks Predicted to Occur Every 11 Seconds in 2021 with a Cost of $20 Billion

By Linn Foster Freedman on February 13, 2020 Posted in Cybersecurity

Confirming what we are seeing in the field, cybersecurity firm Cybersecurity Ventures has predicted that, globally, businesses in 2021 will fall victim to a ransomware attack every 11 seconds, down from every 14 seconds in 2019. That figure is based on historical cybercrime figures. It is estimated that the cost of ransomware to businesses will … Continue Reading

Frequency and Cost of Insider Threats Continue to Increase

By Linn Foster Freedman on February 13, 2020 Posted in Cybersecurity

The Ponemon Institute recently issued its 2020 Cost of Insider Threats Global Report (Report), which finds that the frequency and cost of insider threats continues to increase. Sponsored by ObserveIT and IBM, the 2020 Report is the third consecutive one to study insider threats and their impact on businesses in terms of frequency, cost, and … Continue Reading

Ransomware—to Pay or Not to Pay and Should We Get a Bitcoin Wallet Just in Case?

By Linn Foster Freedman on February 13, 2020 Posted in New + Now, Virtual Currency

There’s nothing worse than paying criminals. And paying a ransom for data is just that—paying criminals for a criminal act. All you get out of the payment is access to your data. It doesn’t fix the vulnerability or the root problem. Let the record reflect that the FBI does not recommend paying ransoms to cyber … Continue Reading

Privacy Tip #226 – Beware – Well-Known Brands Used for Phishing Schemes

By Linn Foster Freedman on February 13, 2020 Posted in Privacy Tips

A new study by Check Point Research shows that cyber criminals are using well-known brands to lure victims into clicking on nefarious links, providing personal information or credentials, or getting users to transfer money. This is an old malware trick that we used to see and now recognize. Scammers send a phishing email after copying … Continue Reading

Frequency and Cost of Insider Threats Continue to Increase

By Linn Foster Freedman on February 10, 2020 Posted in Cybersecurity, Data Breach

The Ponemon Institute recently issued its 2020 Cost of insider Threats Global Report, which finds that the frequency and cost of insider threats is continued to increase. Sponsored by ObserveIT and IBM, the 2020 report is the third consecutive report that studies insider threats and their impact on businesses in terms of frequency, cost and … Continue Reading

Industrial Control Systems at Risk from Targeted Snake Malware

By Linn Foster Freedman on February 6, 2020 Posted in Cybersecurity

Researchers at Sentinel One and Dragos have detected malicious code, called EKANS or Snake, that has been designed specifically to target industrial control systems (ICS), including those of oil refineries, manufacturing sites, and electrical and power grids. Although there have been a few successful attacks against ICS in the past, including the destruction of a … Continue Reading

30,000 Cannabis Users’ Data Exposed

By Linn Foster Freedman on February 6, 2020 Posted in Cannabis, Data Breach, Health Information Privacy, HIPAA and Health Information

A point of sale vendor for at least three cannabis dispensaries in the United States exposed the personal data of at least 30,000 cannabis users, including full names, photo IDs, dates of birth, telephone numbers, home addresses, medical ID numbers, email addresses, signatures, cannabis variety and quantity purchased, and sales figures when it failed to … Continue Reading

Privacy Tip #225 – Tax Identity Theft Awareness Week

By Linn Foster Freedman on February 6, 2020 Posted in Privacy Tips

Tax identity theft continues to be a significant problem for taxpayers. Tax identity theft occurs when criminals use the personal information of individuals and file fraudulent tax returns before the taxpayer does, requesting a refund. When the real taxpayer files his or her tax return, the IRS kicks it back, explaining that it has already … Continue Reading

Cyber Criminals Using Coronavirus Concern to Assist with Intrusions

By Linn Foster Freedman on February 4, 2020 Posted in Cybersecurity, Health Information Privacy

Concern over the spreading coronavirus from China is legitimate and real. The World Health Organization (WHO) has declared the coronavirus a global health emergency, and the United States and other countries are limiting travel of individuals from the affected areas in China. As we have seen with other public concerns, cyber criminals and threat actors … Continue Reading

Ransomware Attacks More Frequent and Recovery Efforts Extended in 2020

By Linn Foster Freedman on January 30, 2020 Posted in Cybersecurity

A new report published by Coveware concludes that companies hit with ransomware attacks spend an average of 16 days recovering from the attack. Think about being offline and unable to do business for 16 business days. It is extremely disruptive and costly. It takes larger organizations longer to recover than smaller ones, and larger organizations … Continue Reading

Privacy Tip #224 – Please Prepare for a Ransomware Attack

By Linn Foster Freedman on January 30, 2020 Posted in Privacy Tips

I am on vacation this week in beautiful Jackson Hole. The skiing is epic, the restaurants amazing, 1921 silver dollars inlaid in the tops of two bars, elk and moose abound, and I’ve had a sighting of several coyotes, a badger, and owls. Sounds idyllic. It is for the most part, except for ransomware attacks. … Continue Reading

Crime-as-a-Service Targets Popular Platforms

By Linn Foster Freedman on January 23, 2020 Posted in Cybersecurity

It’s getting difficult to keep up with the jargon of all of the new digital scams. The SaaSes in the beginning became regular business terms, such as Software-as-a-Service (SaaS), and Business Processes-as-a-Service (BPaaS). But then the criminal enterprises came up with Malware-as-a-Service (MaaS), Ransomware-as-a-Service (RaaS) and now Crime-as-a-Service (CaaS). A new Crime-as-a-Service offering is targeting … Continue Reading

Changing the Conversation About Sharing and Using Health Information

By Linn Foster Freedman on January 23, 2020 Posted in Health Information Privacy, HIPAA and Health Information, New + Now

Some app developers know more about our health than our doctors do. Take, for instance, FitBit, which is attached to our wrist and measuring in real time our temperature, our heart rate, our steps and whether we have had enough exercise for our age in a day. Some people sleep with their phones on their … Continue Reading

Privacy Tip #223 – Navigating Individual Data Privacy in a World with AI

By Linn Foster Freedman on January 23, 2020 Posted in Privacy Tips

The same week that the National Institute of Standards and Technology came out with its Privacy Framework [view related post], highlighting how privacy is basically a conundrum, news articles also highlighted a new technology, Clearview AI, that allows someone to snap a picture of anyone walking down the street and instantly find out that person’s … Continue Reading

NIST Releases Privacy Framework: A Tool for Improving Privacy Through Enterprise Risk Management

By Deborah George and Linn Foster Freedman on January 22, 2020 Posted in Cybersecurity

The National Institute of Standards and Technology (NIST) released its first privacy framework tool (the Privacy Framework) on January 16, 2020. In the Executive Summary, NIST states that with the unprecedented flow of data of individuals through a complex digital ecosystem, individuals may not be able to understand the potential consequences for their privacy as they … Continue Reading

FBI Warns of Retaliatory Cyber-Attack from Iran

By Linn Foster Freedman on January 16, 2020 Posted in Cybersecurity

The Federal Bureau of Investigation (FBI) is warning of a heightened likelihood of Iranian cyber-attacks following the escalation of tension between the U.S. and Iran. This follows the warning last week by the Department of Homeland Security (DHS). The FBI and DHS issued a bulletin to law enforcement groups warning of potential physical and cyber-attacks … Continue Reading

Privacy Tip #222 – The Dating App Privacy Secret

By Linn Foster Freedman on January 16, 2020 Posted in Privacy Tips

I don’t know much about dating apps. I met my husband decades ago, long before the Internet, and the old-fashioned way—in college. But I know people who have used them, have been happy with them, have found their life partner through them, have funny stories about using them and the people they met through them. … Continue Reading

States and Municipalities on High Alert for Iranian Originated Cyber-Attacks

By Linn Foster Freedman on January 9, 2020 Posted in New + Now

The Department of Homeland Security (DHS) is warning critical infrastructure operators to be on high alert for Iranian backed cyber-attacks because of the vulnerability of state and municipal computer systems, they are at high risk for attack from Iranian-based hackers. We have seen states and municipalities get hammered with ransomware in the past year. Now … Continue Reading

Privacy Tip #221 – How Do We Personally Prepare for a Cyber-Attack on Critical Infrastructure?

By Linn Foster Freedman on January 9, 2020 Posted in Privacy Tips

Pretty much the only time I don’t feel like I am Chicken Little predicting a massive cyber-attack is when I am with my colleagues at the FBI, Secret Service, NSA and my students in the Brown Executive Masters of Cybersecurity who are members of the military. They don’t respond to my thoughts and fears of … Continue Reading

Department of Homeland Security Warns of Cyber-Attacks by Iran

By Linn Foster Freedman on January 8, 2020 Posted in Cybersecurity

The Department of Homeland Security (DHS) issued a grave warning to U.S. businesses and critical infrastructure operators on January 6, 2020, alerting the public that Iran poses a cyber terrorism threat to the United States following the death of Iranian Quds Force commander Gen. Qassem Soleimani. The bulletin explains that Iran’s previous plots against the … Continue Reading

CCPA Recap for the New Year

By Linn Foster Freedman, Deborah George and Kathryn Rattigan on January 2, 2020 Posted in Data Privacy, New + Now, Websites

After much anticipation and trepidation, the California Consumer Privacy Act (CCPA) went into effect on January 1, 2020. Many companies are understandably still grappling with the details of the law, the amendments, and the proposed regulations and how to comply with them. If you have not determined whether the CCPA applies to your company, and … Continue Reading

LifeLabs Pays Ransom to Retrieve Patient Data

By Linn Foster Freedman on December 19, 2019 Posted in Cybersecurity

It is being reported that LifeLabs, a Canadian lab company that is the largest provider of laboratory diagnostics and lab testing services in Canada, recently paid an undisclosed ransom to hackers who compromised its computer system that housed patient lab data. The hackers apparently compromised the system, exfiltrated data and demanded that the company pay … Continue Reading

Biometric Suit Not Preempted by Workers’ Compensation Statute

By Linn Foster Freedman on December 19, 2019 Posted in New + Now

An Illinois employee of Power Solutions International Inc. (Power Solutions) filed suit against his employer alleging violations of the Illinois Biometric Information Privacy Act (BIPA) when Power Solutions collected his fingerprints through a timekeeping system without providing consent to do so. Under BIPA, companies, including employers, are required to provide notice and consent to employees … Continue Reading

This Blog/Website is made available by the lawyer or law firm publisher for educational purposes only as well as to give you general information and a general understanding of the law, not to provide specific legal advice. By using this blog site you understand that there is no attorney client relationship between you and the Blog/Website publisher. The Blog/Website should not be used as a substitute for competent legal advice from a licensed professional attorney in your state. Any opinions expressed on this Blog/Website are opinions only of the author, expressed at the time the material is written based on information available to the author at that time, and are not opinions of the author's law firm or any of the author's or the law firm's clients. This Blog/Website is not intended to be attorney advertising. To the extent it might be deemed to be attorney advertising, it should not be considered advertising or to be seeking legal work in any jurisdiction in which the author is not admitted to practice law (i.e., jurisdictions other than Connecticut, Massachusetts, and various federal courts).