Category: Cybersecurity Law
Plunging into the unknown: companies should look to sound privacy practices as they integrate AI
How would you like to dive off a cliff with no idea how far you will drop, how deep the water is, and zero training on how to properly position your body to minimize impact once you hit the water? That’s how we approach artificial intelligence these days. Or perhaps more aptly put: How would… Read More
For the Children!: Children’s Online Safety Becomes Focus of State and Federal Law
Have you seen the latest craze in babysitting? If you are ever out in public, you have. Think of the last time you were at a restaurant, stoplight, or airport, and noticed a child, aged between tot and tween, fixated on his or her device. That’s the craze: the cheapest, most available babysitting option these… Read More
The California Consumer Privacy Act: The Who, What, When, Why…and How.
Make room Europe: California is taking on the data privacy challenge. For the last year or so, the privacy world has been abuzz with how to implement the E.U.’s General Data Protection Regulation. The buzz died down once GDPR went into effect in late May. But no rest for the weary. A little over a… Read More
FTC Focuses on Kids’ Geo-Location Devices in Latest COPPA Warnings
A public service announcement of yesteryear posed the following question to parents: “It’s 8:00. Do you know where your children are?” Today’s technology allows parents to answer that question regardless of the time of day. That technology, however, has recently drawn scrutiny for violating the parental notice and consent provisions of the Federal Trade Commission’s… Read More
SEC’s Updated Cybersecurity Disclosure Guidelines Leave Questions Unanswered
As previewed in our previous post, the United States Securities and Exchange Commission (“SEC”) unanimously approved new cybersecurity interpretive guidance—a format used to clarify the SEC’s views on security laws and regulations—on Wednesday of last week. The guidelines make no mention of how they affect and interplay with other regulators’ data privacy requirements, so whether… Read More
Customer Data Collection: GDPR Changes Everything.
Beginning on May 25, 2018, companies which process the personal data of European Union residents will be expected to comply with the General Data Protection Regulation, or GDPR. Even companies located in the United States are subject to this regulation, and violating its terms may result in class actions and hefty fines. If your company… Read More
Can Your Pacemaker Be Hacked?
Tom Kellermann, CEO of Strategic Cyber Ventures guest co-authored this post. A famous Homeland episode involved a terrorist gaining access to the Vice-President’s pacemaker. Accessing medical devices to wreak havoc was one of the motivations behind certain provisions of the Digital Millennium Copyright Act (aka the DMCA). The DMCA makes it “illegal to circumvent technological… Read More
How The FTC Guides Businesses Through Data Breaches
The Federal Trade Commission (“FTC”) recently released a data breach guide for businesses, along with a video and blog to help companies following the immediate aftermath of a data breach. The FTC also provides a model data breach letter to notify individuals of a breach. The agency – which views itself as the nation’s primary… Read More
Data Breach Lawsuits: Challenges Persist After Spokeo v. Robins
Data breaches are as common as the common cold—unfortunately, just as incurable. Run a news search on “data breaches” and you’ll find that all kinds of institutions—major retailers, tech companies, universities, even government agencies—have been vulnerable at some point. Now run a search on “data breaches,” but include the word “lawsuit.” You’ll find that many… Read More
Judge Flunks Case Against LabMD, FTC Appeals
In March 2015, I wrote about the ongoing dispute between the FTC and LabMD, an Atlanta-based cancer screening laboratory, and looked at whether the FTC has the authority to take enforcement action over data-security practices alleged to be insufficient and therefore “unfair” under section 5(n) of the Federal Trade Commission Act (“FTCA”). On November 13,… Read More
IFRAH Law