The Cybersecurity Information Sharing Act of 2015 (CISA) was intended to incentivize private entities to share threat intelligence information with the federal government (specifically the Department of Homeland Security), allowing all parties to react more quickly and efficiently to cyber threats. The vision was that thousands of companies would sign on, creating a powerful network … Continue Reading
The cyber insurance market continues to evolve, and major questions remain unanswered. Should policies cover regulatory fines? Should first- and third-party claims be addressed in separate policies? The list goes on. For the consumer, here is an interesting thought experiment: Is a company having limited access to cyber insurance actually a good thing? Aside from … Continue Reading
The 2016 U.S. Presidential election demonstrated the importance of digital campaigning. President Trump’s campaign was vastly outspent by Hillary Clinton’s campaign, and placed little emphasis on traditional ground-game tactics. Instead, Trump focused his campaign on digital strategies to target “persuadable voters” via social media. The outcome of the election demonstrated the efficacy of this strategy; … Continue Reading
During WWII, Morse Code was an indispensable asset that allowed the allies to transmit sensitive information over long distances with great accuracy. However, it contained an obvious, and potentially fatal, flaw — it provided no built in mechanism for identifying the sender of the messages. In order to combat this, U.S. intelligence officers implemented a … Continue Reading
The 2019 calendar year had a rough beginning with several massive data breaches. Just this week, more than 600 million account details were stolen from 16 different websites: Dubsmash MyFitnessPal MyHeritage ShareThis HauteLook Animoto EyeEm 8fit Whitepages Fotolog 500px Armor Games BookMate CoffeeMeetsBagel Artsy DataCamp The account details being sold on the dark web from … Continue Reading
The deservedly well-publicized arrest of the Golden State Killer last fall was a coup for law enforcement, and a marvelous use of modern technology. Sequencing the DNA profile of material left by the killer at a crime scene 40 years ago, then scouring publicly available databases for a genetic match, and ultimately making the arrest … Continue Reading
The biggest sporting event of the year is now over— and the Patriots, with the help of NFL super duo Tom Brady (the oldest quarterback to ever win the Super Bowl) and Bill Belichick (the oldest head coach to ever win the Super Bowl) took the title—New England’s sixth since 2002. Over 100 million people … Continue Reading
On September 28, 2018, California passed Senate Bill No. 327, Chapter 886, which regulates the security of all internet of things (IoT) devices sold in California. Collectively, IoT broadly refers to all internet-enabled devices and includes everything from doorbells and lamps to cell phones and wearable devices. This bill, beginning on January 1, 2020, will … Continue Reading
In an effort to reduce liability from spills and other hazards, a few grocery store chains will now have a new employee on the ground: a six to seven-foot tall, googly-eyed robot named Marty. Marty is an autonomous robot with a “sensing tower on it with various cameras” giving it the ability to scan the … Continue Reading
These days, it is not uncommon to see drones flying overhead. But employers beware…you might see one during your next workplace inspection. Earlier this year, OSHA issued a memo formalizing its use of drones for inspection activities, and, according to a recent report by Bloomberg Law, it used drones for 9 inspections this year. The memo indicates … Continue Reading
On June 27, 2018, the State of Connecticut Treasurer’s Office announced that about $1.4 million had been stolen from Connecticut Higher Education Trust (CHET) college-savings accounts. This theft resulted from data security breaches that occurred in early June, 2018. Connecticut State Treasurer Denise L. Nappier confirmed that TIAA-CREF Tuition Financing Inc. (TIAA-CREF), the CHET Direct … Continue Reading
The General Data Protection Regulation (GDPR) (EU) 2016/679 of 27 April 2016 which comes into force in May 2018, will introduce major changes to the law on the processing of personal data in the European Union. Over the next several months, several European Union law firms we work very closely with will join us in … Continue Reading
The General Data Protection Regulation (GDPR) (EU) 2016/679 of 27 April 2016 which comes into force in May 2018, will introduce major changes to the law on the processing of personal data in the European Union. Over the next twelve (12) months, several European Union law firms we work very closely with will join us … Continue Reading
The General Data Protection Regulation (GPDR) (EU) 2016/679 of April 27, 2016, which comes into force in May 2018, will introduce major changes to the law on the processing of personal data in the European Union. Over the next twelve (12) months, several European Union law firms we work very closely with will join us … Continue Reading
The GDPR will apply as of May 25, 2018. It provides a single set of very innovative rules directly applicable in the entire European Union (EU), without the need for national implementing measures—which means that any personal data processing ongoing at this date shall be in compliance with the GDPR. This leaves one year for … Continue Reading
For decades, it has been assumed that MacBook and iPhone devices are hack proof and virus free. Their advertisements and claims for being indestructible were never questioned. Yet, nothing is truly immune to intrusion. Consumers pay a high premium for the slick and glossy Apple devices. Their superior brand has continued to sell and grow … Continue Reading
This article courtesy of guest blogger Prof. Peter Margulies of Roger Williams University School of Law. In the wake of Edward Snowden’s disclosures, the United States administration faced a daunting series of challenges on surveillance, cybersecurity, and privacy. Congress was reluctant to enact comprehensive legislation. Moreover, Snowden’s revelations had triggered an international trust deficit. To deal with … Continue Reading
On December 28, 2016, the Food and Drug Administration (FDA) issued guidance on Postmarket Management of Cybersecurity in Medical Devices. The guidance clarified aspects of the reporting requirements under Part 806 (21 CFR part 806), which require device manufacturers and importers to report certain device corrections and removals to the FDA. Most actions taken by … Continue Reading
Serious trouble for all health and care providers looms large. High risk women in labour and major trauma cases are being diverted to other hospitals after a cyber-attack recently shut down services at a hospital in the East of England, Northern Lincolnshire and Goole Hospitals NHS Foundation Trust. Putting aside why anyone would want to … Continue Reading
The EU-US Privacy Shield, designed to protect EU citizens’ personal data when it is transferred to US organisations, has now been in place for a couple of months. How is it shaping up? How we arrived at the Privacy Shield… Under current EU data protection laws, as well as under the forthcoming General Data Protection Regulation … Continue Reading
This article co-authored with guest blogger Leonel Gonzalez, a R+C summer associate and student at Roger Williams University School of Law Niantic Inc. (Niantic), developer of the mobile game “Pokemon GO,” was sued in Florida court on July 27, 2016. The named plaintiff, David Beckman filed the complaint against Niantic claiming the game’s terms of service and … Continue Reading
This article co-authored with guest blogger Leonel Gonzalez, a R+C summer associate and student at Roger Williams University School of Law An investigation by France’s National Data Protection Commission (CNIL) has found that Windows 10 has been “collecting excessive user data” and has been tracking users’ web browsing without their consent. The CNIL has ordered Microsoft to … Continue Reading
Employers are increasingly being contacted by individuals, their insurance and payroll providers, the IRS and/or police about employees who are possibly involved in identity theft. If an employee steals a name and matching social security number and has a fraudulent identity document and social security card, this can be very difficult to detect. A strong … Continue Reading
This article co-authored with guest blogger Leonel Gonzalez, a R+C summer associate and student at Roger Williams University School of Law Back in May of this year, Wendy’s reported “fewer than 300” locations had been hacked by malicious malware that targeted customer credit card information. Last week, Wendy’s released a list of 1,025 restaurant locations that were … Continue Reading
