Linn Foster Freedman

Linn Foster Freedman

Linn Freedman practices in data privacy and security law, and complex litigation. She is a member of the Business Litigation Group and chair’s the firm’s Data Privacy and Security Team. She currently serves as general counsel to the Rhode Island Quality Institute. Linn focuses her practice on compliance with all state and federal privacy and security laws and regulations, as well as emergency data breach response and mitigation. She counsels clients on state and federal data privacy and security investigations and data breaches. Prior to joining the firm, Linn was a partner at Nixon Peabody, where she served as leader of the firm’s Privacy & Data Protection Group. She also served as assistant attorney general and deputy chief of the Civil Division of the Attorney General’s Office for the State of Rhode Island. She earned her J.D. from Loyola University School of Law and her B.A., with honors, in American Studies from Newcomb College of Tulane University. She is admitted to practice law in Massachusetts and Rhode Island. Read her full rc.com bio here.

Subscribe to all posts by Linn Foster Freedman

Security Researchers Find Biometric Data on 28 Million Records Is Exposed

It was reported this week by The Guardian and Forbes that security researchers from Vpnmentor have discovered and published a report that Suprema, a company that collects and monitors biometric information such as fingerprints and facial recognition data, has left exposed the biometric information of 28 million records and 23 gigabytes of data insecure. Suprema … Continue Reading

Privacy Tip #203 – Cryptocurrency Woes

As cryptocurrency becomes more popular with investors, CipherTrace recently issued its Q2 2019 Cryptocurrency Anti-Money Laundering Report, which finds that “[O]utright thefts as well as scams and other misappropriation of funds from cryptocurrency users and exchanges continued apace, netting criminals and fraudsters approximately $4.26 billion in aggregate for 2019.” Yikes—that’s billion with a “b”. The … Continue Reading

Delta Sues Vendor for Causing Data Breach

In an unusual move, Delta Airlines (Delta) sued one of its vendors last week for the data breach it experienced in 2017. It’s an unusual move for several reasons. First, in our experience when a vendor causes a data breach, there is usually a contractual provision that can be followed that outlines the responsibility of … Continue Reading

New Threat to Companies: Warshipping

It is so hard to keep up with the latest ways the bad guys try to infiltrate company data. One new technique is called warshipping, and its implementation is pretty simple and a little old school. IBM X-Force Red investigated the technique to give its customers an idea of the newest threats to enterprise systems. … Continue Reading

Clever Call Center Concept

My husband was recently booking some travel for us and had an interesting experience that he thought was worth sharing. While he was providing his credit card number to the person who was assisting with the booking, that person told him before he gave the credit card number and CVV number to wait a moment, … Continue Reading

New Hampshire Enacts Insurance Data Security Law

New Hampshire Governor Chris Sununu recently signed the New Hampshire Insurance Data Security Law, which “establishes the exclusive state standards applicable to licensees for data security, the investigation of a cybersecurity event…, and notification to the commissioner.” The law is applicable to all persons or entities licensed, authorized to operate, registered or required to be … Continue Reading

Louisiana Governor Declares Statewide Emergency After Cyber-Attacks Against School Systems

Louisiana Governor John Bel Edwards, for the first time in history, declared a statewide cybersecurity emergency last week, following cyber-attacks against several school systems in the state. By declaring a cybersecurity emergency, the state is able to garner needed resources, including cybersecurity experts from the Louisiana National Guard, State Police, the Office of Technology Services, … Continue Reading

Pay Attention to Your Firewalls

After the Capital One data breach, which was reportedly caused by an improperly configured firewall, every company should be paying attention to its firewalls. This is not the first data breach that has occurred because a firewall was not properly in place for data stored in the Cloud. I’m a lawyer, and I know very … Continue Reading

Business Email Compromises Bilking U.S. Companies Out of $301M Per Month

The United States Treasury Department came out with a report last week that concludes that business email compromises (BEC) are costing U.S. companies more than $301 million per month. The report confirms that the two industries hit the hardest by these scams are manufacturing and construction. The report, issued by the Treasury Department’s Financial Crimes … Continue Reading

Privacy Tip #200 – Iranian Backed Hacking Group Using LinkedIn To Deliver Malicious Documents

Fireeye published research last week that it has identified a phishing campaign by APT34, which is known to be a hacking group out of Iran, that all LinkedIn users should be aware of when considering adding a LinkedIn contact. In particular, if you receive a LinkedIn request from someone named Rebecca Watts from Cambridge University, … Continue Reading

Premera Blue Cross Settles for $10M with 30 States for 2014 Data Breach

Following an investigation led by the Washington Attorney General, Premera Blue Cross has agreed to pay $10 million to 30 states after experiencing a data breach in 2014 that compromised the Protected Health Information of over 10 million individuals. $5.4 million of the settlement amount will be paid to the Washington State Attorney General’s Office … Continue Reading

DNA Information of Thousands of Individuals Exposed Online for Years

It is being reported that Vitagene, a company that provides DNA testing to provide customers with specific wellness plans through personalized diet and exercise plans based on their biological traits, left more than 3,000 user files publicly accessible on Amazon Web Services servers that were not configured properly. The information that was involved included customers’ … Continue Reading

Cities Consider Banning the Use of Facial Recognition Technology

In the footsteps of San Francisco’s ban of the use of facial recognition technology, the cities of Somerville, Massachusetts, Oakland, California, and Berkeley, California are considering banning the use of facial recognition technology by municipal agencies. The proposed ban is in the midst of more and more cameras and smart technology being used for traffic … Continue Reading

Privacy Tip #199 – Guard Your Cryptowallet: Cryptoheist in Japan Drains $32 million from Exchange

The U.S. government continues to be wary of cryptocurrency, and presently, no cryptocurrency exchange is protected by the FDIC. When you put your money in a FDIC-insured bank, if the bank becomes insolvent customers will not lose their deposits, usually up to a maximum of $250,000 per depositor per insured bank. But if you deposit … Continue Reading

AT&T Sued by CA Customers for Selling Location Data to Aggregators

AT&T was sued this week in the Northern District of California by customers alleging that AT&T sold their location data to data aggregators without their consent. The proposed class action suit was filed on behalf of all AT&T wireless customers from 2011 to date. The suit alleges that AT&T sold customers’ location data to LocationSmart … Continue Reading

U.S. Cyber Command Issues Warning About Microsoft Outlook Vulnerability

Hackers are targeting U.S. government networks, according to U.S. Cyber Command, which says there is a vulnerability of CVE-2017-1174, which is a two year old flaw in Microsoft Outlook that is being used by attackers to install remote access Trojans and other malware. U.S. Cyber Command recommends that the vulnerability be patched to prevent exploitation. … Continue Reading

2018 Cyber Incident & Breach Trends Report “All Bad”

The Internet Society’s Online Trust Alliance just released its “2018 Cyber Incident & Breach Trends Report, which says “2018–Some Better, Some Worse, All Bad.” That’s our experience, too. Here are the highlights from the report, which can be accessed here. Although the number of data breaches and exposed records decreased, and ransomware and DDoS (distributed … Continue Reading
LexBlog