ICYMI, on Wednesday, January 6, 2021, the United States Department of Justice (DOJ) issued an update about what it termed “a major incident under the Federal Information Security Modernization Act”: the global SolarWinds cyberattack that had compromised its email system. (SolarWinds is a software provider. In December, 2020, SolarWinds revealed that cybercriminals had injected malware … Continue Reading
It has been widely reported that hackers are taking advantage of the pandemic to perpetrate scams and frauds. We have seen attacks against workers of companies through phishing emails that include an attachment or link offering information or access to specialized treatment for COVID-19 to lure people to click on them. Once they click on … Continue Reading
The Department of Justice recently indicted four men—two of whom are located in Canada and two in New York—for a mass-mailing scheme that bilked thousands of senior citizens out of tens of millions of dollars. According to the indictments, the accused Canadian fraudsters sent mail to thousands of elderly individuals whose names and addresses they … Continue Reading
Last week, authorities from the United States, United Kingdom and Canada accused a well-known hacker group tied to the Russian government, APT29 a/k/a Cozy Bear of using malware to exploit security vulnerabilities to enable it to steal COVID-19 vaccine research from companies located in these countries working to develop a vaccine. This was after a … Continue Reading
In its second quarter Securities Exchange Commission (SEC) filing, Allscripts addressed its announced agreement in principle with the Department of Justice (DOJ) to resolve investigations into certain alleged practices of Practice Fusion, an electronic health records (EHR) vendor acquired by Allscripts in February 2018 for $100 million. Allscripts indicated the agreement is still subject to … Continue Reading
In the Federal Reserve’s July 11, 2019 White Paper, “Synthetic Identity Fraud in the U.S. Payment System, A Review of Causes and Contributing Factors,” the authors conclude that synthetic identity fraud is a serious and growing problem for the U.S. payments ecosystem that can only be addressed by a collaborative effort among all payments industry … Continue Reading
The Department of Justice (DOJ) recently announced two high-dollar False Claims Act (FCA) enforcement actions involving allegedly fraudulent arrangements tied to the implementation and use of electronic health record systems (EHRs). The respective settlements enable recovery by DOJ of over $100 million, and immediately precede the government’s recent proposal of new rules to promote the … Continue Reading
Secretary of Homeland Security, Kirstjen M. Nielsen, wrote in an op-ed piece in the Washington Post, that the Department of Homeland Security (DHS) has been worrying about the dangers of drones for years; so much so, that DHS has sought legal authority in the past (and continues to do so) to protect the U.S. and … Continue Reading
On April 30, 2018, a Massachusetts physician was convicted of a criminal violation of the Health Insurance Portability and Accountability Act of 1996 (HIPAA), as well as one count of obstruction of a criminal health care investigation, in a Massachusetts federal court. The convictions relate to the purported sharing of confidential patient information by the … Continue Reading
Last month, the Federal Aviation Administration (FAA) received recommendations regarding remote identification of drones in a report from the unmanned aircraft Identification and Tracking (UAS ID) Aviation Rulemaking Committee (ARC). One of the topics at issue: whether we need remote identification (ID) of all drones in the national airspace. Beyond the FAA, the Department of … Continue Reading
In an order issued on October 16, 2017, the U.S. Supreme Court granted certiorari in United States v. Microsoft Corporation, a case with potentially far-reaching implications for the privacy of electronic data maintained by technology companies across the globe. The case, which Robinson+Cole has previously discussed here, here, and here, arises from a warrant obtained … Continue Reading
The U.S. Supreme Court recently indicated that it will consider the federal government’s petition for a writ of certiorari in United States v. Microsoft Corp. at its conference scheduled for October 6, 2017. United States v. Microsoft is a “cutting edge” case that concerns the ability of law enforcement to obtain electronic documents stored abroad … Continue Reading
The U.S. Department of Health and Human Services Office for Civil Rights (OCR) is responsible for enforcing the HIPAA Privacy and Security Rules. Any person who believes that a covered entity or business associate is not complying with HIPAA may file a complaint with OCR (complaints may also be submitted directly to a covered entity). … Continue Reading
This morning, the U.S. Department of Justice (DOJ) announced an initiative aimed at “examining and strengthening forensic science.” Presumably, the initiative will impact how the DOJ approaches digital forensic evidence in criminal prosecutions. Deputy Attorney General Rod J. Rosenstein made the announcement at the International Association for Identification’s (IAI) conference in Atlanta, Georgia. The IAI … Continue Reading
On June 23, 2017, the Office of the Solicitor General (OSG) filed a petition for a writ of certiorari with the United States Supreme Court requesting reversal of a 2016 decision in which the U.S. Court of Appeals for the Second Circuit quashed a warrant obtained by the Department of Justice (DOJ) under the Stored … Continue Reading
While drone delivery services are certainly on the agendas of large retailers like Amazon, inmates in jails across the U.S. are already using drones to receive their own aerial contraband shipments. Through a Freedom of Information Act (FOIA) request, the Department of Justice (DOJ) revealed that there have been many attempts over the past five … Continue Reading
On February 22, 2017, the Department of Justice (DOJ) and Department of Education (DOE) withdrew their May 13, 2016 “Dear Colleague” letter that provided guidance on steps to protect transgender students under Title IX of the Educational Amendments of 1972 (Title IX) as well as the Family Educational Rights and Privacy Act (FERPA). Although the … Continue Reading
On January 24, 2017, the U.S. Court of Appeals for the Second Circuit denied the Department of Justice’s request for an en banc rehearing in In the Matter of a Warrant to Search a Certain Email Account Controlled and Maintained by Microsoft Corp. a/k/a Microsoft Corp. v. United States (No. 14-2985). The denial leaves in place … Continue Reading
This year has been a busy year for education law in the area of data privacy. Educational institutions continue to be a rich target for hackers. Additionally, there were some important developments in the interpretation of Family Educational Rights and Privacy Act (FERPA) and the Telephone Consumer Protection Act (TCPA) as it applies to educational … Continue Reading
The Department of Justice (DOJ) yesterday announced that it has charged a Maryland man, Harold Thomas Martin III with theft of government property and unauthorized removal and retention of classified materials by a government employee or contractor. According to the criminal complaint against Martin that was unsealed yesterday, Martin was a contractor with the federal … Continue Reading
On May 13, 2016, the Department of Justice and the Department of Education issued a “Dear Colleague Letter” (DCL) describing reasonable steps to protect transgender students under Title IX of the Educational Amendments of 1972 (Title IX) as well as the Family Educational Rights and Privacy Act (FERPA). Title IX prohibits discrimination on the basis … Continue Reading
The filing of fraudulent tax returns continues to be a serious problem in this country. Last year alone, the IRS has admitted that up to 720,000 taxpayers were victims. Last week, a Georgia couple pled guilty to filing fraudulent tax returns by using the IRS’ “Get Transcript” site. The couple used the personal information (including … Continue Reading
The Department of Justice has announced that two hackers who built and sold the Trojan called SpyEye, that caused close to $1 billion in banking losses, have been sentenced for a combined 24 1/2 years in federal court in Atlanta, Georgia. According to evidence presented in Court, provided by the able investigation of the FBI, … Continue Reading
Just a week after we reported [view related post] that the FBI warned international law firms that they are targets for cyber hackings, multiple (reportedly up to 50) BigLaw firms have confirmed that they have been victims of hackings and intrusions. Further attempts are expected. The FBI and Department of Justice have reportedly opened an … Continue Reading