Linn Foster Freedman

Linn Freedman practices in data privacy and security law, and complex litigation. She is a member of the Business Litigation Group and chair’s the firm’s Data Privacy and Security Team. She currently serves as general counsel to the Rhode Island Quality Institute. Linn focuses her practice on compliance with all state and federal privacy and security laws and regulations, as well as emergency data breach response and mitigation. She counsels clients on state and federal data privacy and security investigations and data breaches. Prior to joining the firm, Linn was a partner at Nixon Peabody, where she served as leader of the firm’s Privacy & Data Protection Group. She also served as assistant attorney general and deputy chief of the Civil Division of the Attorney General’s Office for the State of Rhode Island. She earned her J.D. from Loyola University School of Law and her B.A., with honors, in American Studies from Newcomb College of Tulane University. She is admitted to practice law in Massachusetts and Rhode Island. Read her full rc.com bio here.

Subscribe to all posts by Linn Foster Freedman

NCCoE Seeks Comment from Manufacturing Sector for Industrial Control Systems

By Linn Foster Freedman on June 13, 2019 Posted in Cybersecurity

Protection of industrial control systems is crucial to the security of our country. The National Cybersecurity Center of Excellence (NCCoE) has announced a project for which it is seeking comment: Detecting and Protecting Against Data Integrity Attacks in Industrial Control System (ICS) Environments. The project scope is to assist manufacturing organizations in taking a comprehensive … Continue Reading

KiK Sued by SEC Over $100M Initial Coin Offering

By Linn Foster Freedman on June 13, 2019 Posted in Virtual Currency

In a contentious move, the Securities and Exchange Commission (SEC) recently sued Kik Interactive Inc. for its Initial Coin Offering of $100 million, alleging it violated securities laws by not registering the offering with the SEC. The SEC alleges that the fundraising of $100 million was illegal because it did not provide proper disclosures to … Continue Reading

Employers and Wellness Plans: Questions about Quest Breach?

By Linn Foster Freedman on June 13, 2019 Posted in New + Now

Last week, we wrote that Quest Diagnostics reported in a security filing that a collection agency performing collections for the company had suffered an intrusion that exposed almost 12 million individuals’ personal and financial information [view related post]. Another lab company reported days later that it was notified that the information of 8 million of … Continue Reading

Privacy Tip #194 – NSA Issues Alert to Microsoft Windows Users

By Linn Foster Freedman on June 13, 2019 Posted in Privacy Tips

Many individuals and not-for-profit organizations, including those in the health care industry, believe that they do not have the resources to update to the newest versions of software. However, the newest versions are introduced by manufacturers to patch older versions that have known security flaws and vulnerabilities. Microsoft Windows users have been warned repeatedly over … Continue Reading

China-Based Company is Believed to be Behind HiddenWasp Malware

By Linn Foster Freedman on June 6, 2019 Posted in Uncategorized

Vicious malware continues to be deployed by China-based attackers. A new strain of malware, dubbed “HiddenWasp,” which has the ability to remotely infect computers, has been discovered by a security researcher at Intezar. The malware is believed to have originated from a Chinese forensics firm; the malware is hosted by servers owned by a Hong … Continue Reading

Quest Diagnostics Reports Data Breach Affecting 11.9M Patients in Securities Filing

By Linn Foster Freedman on June 6, 2019 Posted in Data Breach

Another day in the healthc are industry, another big data breach. This week, Quest Diagnostics announced in a security filing with the Securities and Exchange Commission, that a collection agency vendor that it uses for collection services notified it that for eight months, an unauthorized user had access to Quest patients’ records, including credit card … Continue Reading

CCPA Update

By Linn Foster Freedman on June 6, 2019 Posted in New + Now, Websites

We have been watching all of the activity around the proposed amendments to the California Consumer Privacy Act (CCPA) to see where the law settles to assist with compliance. Not surprisingly, but nonetheless important to know, is the fact that the California Assembly on May 29, 2019, unanimously passed an amendment to CCPA that excludes … Continue Reading

Privacy Tip #193 – FBI Issues Warning to Parents about Sextortion

By Linn Foster Freedman on June 6, 2019 Posted in Privacy Tips

Summer vacation is almost here for school-age children, which means that kids will have more free time to roam the Internet. Unfortunately, according to the FBI, this means that the threat of online predators is high and the FBI is warning parents that it has seen an increase—a whopping 60 percent increase—in the number of … Continue Reading

Health Care and Manufacturing Industries Still Threatened by WannaCry

By Linn Foster Freedman on May 30, 2019 Posted in Cybersecurity, Health Information Privacy, HIPAA and Health Information

Although many thought that WannaCry was in the rear view mirror, a recent report by Artemis, based on client experience, found that health care organizations and manufacturing companies are still being hit with the ransomware that affected hundreds of thousands of machines in 2017. According to the report, 40 percent of Artemis’ health care clients … Continue Reading

Questions to Consider Asking Your Broker About Cyberliability Coverage

By Linn Foster Freedman on May 30, 2019 Posted in International Privacy Laws, New + Now, Telephone Consumer Protection Act, Websites

One of the first questions we ask our clients when they call about a security incident is whether they have insurance that may cover the costs associated with investigating the incident, potential forensic analysis, and coverage for a data breach. Sometimes the client will say “Yes, we have cyber coverage.” However, when reviewing the coverage … Continue Reading

Privacy Tip #192 – Combating Robocallers: California AG Hits Scam Telemarketers with $1.5M in Judgments

By Linn Foster Freedman on May 30, 2019 Posted in Privacy Tips, Telephone Consumer Protection Act, Websites

Like many of you, I don’t answer my cell phone unless the number pops up as someone I know, because a majority of the calls I get are spam or robocalls. It’s so frustrating. Although these calls are probably a violation of the Telephone Consumer Protection Act (TCPA), the Federal Trade Commission (FTC) – the … Continue Reading

Model Rule for Securities Administrators Approved by NASAA

By Linn Foster Freedman on May 23, 2019 Posted in Cybersecurity

The North American Securities Administrators Association (NASAA) this week approved an information security model rule package aimed at improving the cybersecurity posture of the 17,543 state-registered advisers. The proposed model would require state-registered investment advisers to establish written cybersecurity policies and procedures designed to safeguard clients’ records and information, and to deliver its privacy policy … Continue Reading

Law Firm Domain Names Spoofed to Launch Phishing Scams

By Linn Foster Freedman on May 23, 2019 Posted in Cybersecurity

It is not unusual for lawyers to send emails to individuals and businesses they are about to sue to engage them before they do file suit to see if a settlement can be discussed or reached. The lawyer will reach out via email with a copy of the proposed Complaint, and tell the individual or … Continue Reading

Fully Executed Contracts are Preferred

By Linn Foster Freedman on May 23, 2019 Posted in New + Now

We have been involved in several situations lately with security incidents where we ask our clients for the final executed contract with the vendor that we believe caused the incident, but the contract that we receive has not been fully executed by both parties. Without getting into the legal implications of not having a fully … Continue Reading

Privacy Tip #191 – Trying to Protect Your Medical Information—Let’s Ask Questions About Data Security

By Linn Foster Freedman on May 23, 2019 Posted in Privacy Tips

In the top three of the list of highly sensitive personal data to be concerned about is our medical information. It’s so sensitive because it is so personal. It used to be that our medical information was located in paper charts at our doctor’s office, the hospital, the pharmacy and our health insurer. Now it’s … Continue Reading

FBI Flash: Ryuk Ransomware Continues to Attack U.S. Businesses

By Linn Foster Freedman on May 16, 2019 Posted in Cybersecurity

According to a recent FBI Flash, Ryuk ransomware has hit more than 100 U.S. companies since August 2018, with a “disproportionate impact on logistics companies, technology companies, and small municipalities.” The Flash, “provided in order to help cyber security professionals and system administrators to guard against the persistent malicious actions of cyber criminals,” seeks information … Continue Reading

Tech Company Execs Sweat Personal Liability for Privacy Violations

By Linn Foster Freedman on May 16, 2019 Posted in New + Now

In the Privacy Law classes I teach in the Brown University Executive Masters of Cybersecurity and at Roger Williams University School of Law, we discuss the enforcement authority that the Federal Trade Commission (FTC), the Office for Civil Rights (OCR) and other federal and state agencies have over data privacy and security, including how effective … Continue Reading

Privacy Tip #190 – Internet of Medical Things (IoMT)

By Linn Foster Freedman on May 16, 2019 Posted in Internet of Things, Privacy Tips

These days, pretty much everyone is aware of potential security incidents and the risks involved with Internet of Things (IoT) devices because security was not built into the device during the manufacturing process, but there is less awareness of the risks associated with the Internet of Medical Things (IoMT). Just like IoT devices, such as … Continue Reading

Hotel Chain Hit with Class Action Alleging “Misuse” of Biometric Data

By Linn Foster Freedman on May 9, 2019 Posted in Cybersecurity

Hotel chain Fillmore Hospitality, LLC is the latest target of a proposed class action complaint filed this week, alleging violation of the Illinois Biometric Information Privacy Act (BIPA). We don’t usually discuss the specific allegations in BIPA cases, but since they continue to populate the litigation landscape, we thought it would be instructive to take … Continue Reading

City of Baltimore Shuts Down Servers Following Ransomware Attack

By Linn Foster Freedman on May 9, 2019 Posted in Cybersecurity

Another city, another ransomware attack. Cities and municipalities continue to be targeted with ransomware campaigns. Fortunately, in this case, essential services such as fire, police, Emergency Medical Services and 311 service were still operational despite the attack. According to a tweet by Mayor Bernard Young, Baltimore shut down its servers in response to the ransomware … Continue Reading

Supply Chain (and Vendor) Security and Contract Management

By Linn Foster Freedman on May 9, 2019 Posted in New + Now

We continue to see clients hit with notifications from vendors about security incidents caused by either the vendor or the vendor’s downstream supply chain. Often, the client didn’t even know that its vendor was outsourcing part or all of the work to another vendor. When a security incident occurs down the line, the entity that … Continue Reading

Privacy Tip #189 – Online Dating

By Linn Foster Freedman on May 9, 2019 Posted in Children's Privacy, Privacy Tips

As someone who has been married a long time (longer than the Internet has existed), I never experienced the online dating scene. Everyone has their own opinion on the topic, and without getting into the merits of online dating, there is risk for children, which is the subject of this privacy tip. The Federal Trade … Continue Reading

Phishing Continues to Be Seen as Biggest Cybersecurity Threat to Companies

By Linn Foster Freedman on May 2, 2019 Posted in Cybersecurity, Internet of Things

According to a recent survey of cybersecurity professionals by AT&T Cybersecurity entitled “Confidence: the perception and reality of cybersecurity threats,” phishing and cloud security threats are keeping them up at night. The survey polled 733 cybersecurity professionals attending the RSA conference and asked the respondents about what they perceive to be the biggest internal and … Continue Reading

Limitation of Liability

By Linn Foster Freedman on May 2, 2019 Posted in New + Now

I continuously confront vendors who say I am “the only” lawyer who objects to limitation of liability provisions that attempt to limit the liability of a security incident to the amount of the contract. That is very hard for me to believe. The value of the contract has no relevance to the actual damages and … Continue Reading

This Blog/Website is made available by the lawyer or law firm publisher for educational purposes only as well as to give you general information and a general understanding of the law, not to provide specific legal advice. By using this blog site you understand that there is no attorney client relationship between you and the Blog/Website publisher. The Blog/Website should not be used as a substitute for competent legal advice from a licensed professional attorney in your state. Any opinions expressed on this Blog/Website are opinions only of the author, expressed at the time the material is written based on information available to the author at that time, and are not opinions of the author's law firm or any of the author's or the law firm's clients. This Blog/Website is not intended to be attorney advertising. To the extent it might be deemed to be attorney advertising, it should not be considered advertising or to be seeking legal work in any jurisdiction in which the author is not admitted to practice law (i.e., jurisdictions other than Connecticut, Massachusetts, and various federal courts).