Cybersecurity & Privacy

  • November 20, 2017

    GSA Awards 61 Companies Slots On $50B Alliant IT Contract

    The U.S. General Services Administration has awarded 61 companies a place on the latest iteration of its Alliant multiaward information technology services contract, a massive deal worth up to $50 billion, it announced Monday.

  • November 20, 2017

    Avis Reaches $2.7M Deal In FCRA Background Check Suit

    Car rental company Avis has agreed to pay about $2.7 million to resolve Fair Credit Reporting Act claims that it improperly acquired and used background checks to reject job applications, according to documents filed in New Jersey federal court on Friday.

  • November 17, 2017

    Abortion Foes Tell 9th Circ. Free Speech Trumps Tape Suit

    Planned Parenthood failed to properly fight off a free speech challenge to its suit over secretly recorded videos purporting to show the improper sale of fetal tissue, anti-abortion activists told a Ninth Circuit panel Friday, saying a lower court erred in finding in favor of the health care provider.

  • November 17, 2017

    Groups, Tech Experts Knock Automated Vetting Initiative

    A slew of tech experts and civil rights groups are raising the alarm over the Trump administration's proposed “extreme vetting initiative” for immigrants, sending letters to the Department of Homeland Security on Thursday arguing the program would likely be discriminatory.

  • November 17, 2017

    Facebook Sheds User Tracking MDL For Third And Final Time

    A California federal judge on Friday tossed for the third and final time sprawling multidistrict litigation accusing Facebook of unlawfully tracking users' browsing activity after they signed off, ruling that plaintiffs had failed to identify an actual contract that prohibited the social media site's behavior. 

  • November 17, 2017

    Ex-Bank Exec Gets 6.5 Years For Loan Fraud, ID Theft

    A former executive at Virginia Commerce Bank and Fulton Bank who admitted to forging signatures and stealing identities to get millions of dollars in loans and other financing approved has been ordered to serve 6 1/2 years in prison, the U.S. Attorney’s Office for the Eastern District of Virginia said Friday.

  • November 17, 2017

    Cybersecurity Veteran Joins Crowell & Moring's SF Office

    Crowell & Moring LLP has picked up Orrick Herrington & Sutcliffe LLP’s leading cybersecurity and data privacy attorney, who has experience representing major tech companies including Facebook and Microsoft, to serve as a partner in its San Francisco office.

  • November 17, 2017

    Dems Ask Trump DHS Pick To Address Immigration Concerns

    Senate Minority Whip Dick Durbin, D-Ill., ranking member of the immigration subcommittee, and 19 other Senate Democrats sent a letter Thursday to Secretary of Homeland Security nominee Kirstjen Nielsen asking if she’d advocate for legislation that protects young immigrants living in the country illegally from deportation.

  • November 17, 2017

    Insurer Doesn't Owe Defense Of Data Breach Suit, Judge Says

    The Hanover Insurance Co. doesn't have to defend Innovak International Inc. in a proposed class action claiming the information technology company failed to prevent a 2016 data breach that compromised users' personal information, a Florida federal judge ruled Friday, saying coverage doesn't exist because the data wasn't allegedly published by Innovak.

  • November 17, 2017

    House Committee Presses Equifax For More Breach Details

    House Energy and Commerce Committee leaders on Friday dialed up the heat on Equifax over a massive data breach that compromised 145.5 million Americans' personal and financial records, demanding more answers to questions related to the software vulnerability that was exploited, the credit bureau's response to the incident and a potential second compromise in mid-October.

  • November 17, 2017

    House Dems Want Trump To Reverse DOD Afghan Secrecy Policy

    A pair of senior House Democrats urged President Donald Trump Friday to reverse a U.S. Department of Defense policy to classify previously public information on the performance and strength of Afghanistan’s armed forces, saying it will harm the ability of Congress to properly oversee U.S. operations in Afghanistan.

  • November 17, 2017

    Avis Customers Score Cert. In E-Toll Hidden Fee Dispute

    A New Jersey federal judge granted class certification Thursday in litigation alleging that Avis secretly charged car renters for an electronic toll-payment service, noting that the requirements were clearly met by the class of nearly 18 million people united by common questions surrounding whether the fees were properly disclosed.

  • November 17, 2017

    Google Seeks Final Ruling Protecting Search Results

    Google urged a California federal judge Friday to permanently stop enforcement of an order from Canada’s highest court that would compel the tech titan to scrub worldwide searches of results from a company accused of selling products containing stolen trade secrets.

  • November 17, 2017

    City Firms Warned Of Supply Chain Cyber Dangers

    The Financial Conduct Authority warned banks and insurance firms on Friday that they will still face regulatory punishment for cybersecurity failures in their supply chain and that outsourcing compliance is not a credible defense.

  • November 16, 2017

    Forever 21 Says Unencrypted Payment Card Data Breached

    Forever 21 customers who swiped their payment cards between March and October at certain retail locations that weren’t using encryption and tokenization methods that the company rolled out two years ago may have had their personal information compromised in a recently discovered data breach, the apparel retailer said Tuesday.

  • November 16, 2017

    You've Been Warned, SEC Head Says Of Cryptocoin Offerings

    Federal regulators have so-called initial coin offerings — cryptocurrency fundraising methods that have ballooned in popularity — squarely in their sights, the head of the U.S. Securities and Exchange Commission said Thursday.

  • November 16, 2017

    Class Deal OK'd After 9th Circ. Ruling Saves TCPA Suit

    A California federal judge on Thursday preliminarily approved a deal settling putative class claims for 8,313 car dealership customers accusing the business and its marketer of violating the Telephone Consumer Protection Act, an agreement reached after the case was revived based on a recent Ninth Circuit ruling.

  • November 16, 2017

    Ill. Parking Ticket Suit Has Expired, 7th Circ. Rules

    The Seventh Circuit agreed Thursday with a lower court's decision that the claims of class members are no longer tolled once a suit is dismissed with prejudice, confirming that an Illinois motorist's proposed privacy class action claims against a Chicago suburb were time-barred. 

  • November 16, 2017

    Armstrong Teasdale Sanctions Lifted In Fiat Hack Case

    Armstrong Teasdale attorneys for a proposed class of Jeep owners suing Fiat Chrysler over hacking concerns on Wednesday escaped sanctions that had been imposed on them for revealing confidential information, when the Illinois federal judge overseeing the suit found a magistrate judge lacked authority to level the penalties.

  • November 16, 2017

    Kaspersky Says NSA Info Upload Was Legit Security Check

    AO Kaspersky Lab in a Thursday report fleshed out its recent admission that it had uploaded purportedly classified information and hacking software from a National Security Agency worker’s personal computer, continuing to argue that the upload was inadvertent and happened because the computer appeared to be compromised by “malware."

Expert Analysis

  • The SEC Data Breach And Impact On New Reporting Rules

    Jeanette Turner

    The mutual fund industry has expressed concerns about troves of new data being filed on EDGAR starting in June 2018 as part of the U.S. Securities and Exchange Commission’s new reporting requirements. The recent disclosure of an SEC breach perfectly illustrates those concerns and adds to the clamor to delay or revise the requirements, says Jeanette Turner, managing director and chief regulatory officer at Advise Technologies.

  • Courts Scrutinizing Warrants For Electronic Data

    Henry Hockheimer

    Recent rulings from a New York federal court in Wey and the D.C. Circuit in Griffith represent a serious pushback to government efforts to write boundless warrants and to seize phones and computers without a sufficiently particularized showing of probable cause, say Henry Hockeimer and Thomas Burke of Ballard Spahr LLP.

  • Making Sense Of The SEC Data Breach

    Scott Kimpel

    Chairman Jay Clayton of the U.S. Securities and Exchange Commission recently made the surprising announcement that the SEC’s EDGAR database had been hacked. The chairman’s statement and subsequent testimony leave a number of critical questions unanswered, says Scott Kimpel of Hunton & Williams LLP.

  • 4th Amendment And Shared Servers: Lessons From Shkreli

    Claire Johnson

    The prosecution of Martin Shkreli reveals some important lessons about the Fourth Amendment protections against search and seizure in the digital corporate context: Physical access to documents on a server may trump actual ownership of records, say Claire Johnson and Douglas Young of Farella Braun & Martel LLP.

  • Assessing Loan Applications With Fraud Alerts After Equifax

    Jonathan Joshua

    In the wake of the Equifax data breach, consumer lenders can reasonably expect to see a significant increase in the number of loan applications where a credit report contains a fraud alert or where the report is unavailable due to a security freeze. It's important to understand the laws that apply when evaluating such applications, says consumer financial services attorney Jonathan Joshua.

  • Takeaways From 2nd Circ. Donna Karan FACTA Ruling

    Hanley Chew

    The Second Circuit's decision last week in Katz v. Donna Karan is significant in that it permits parties to introduce extrinsic evidence in statutory violation cases when the district court is making a determination on standing, say Hanley Chew and Tyler Newby of Fenwick & West LLP.

  • DFARS Cyber Compliance Deadline Is Approaching

    Steven Snyder

    Combining the strict verbiage of the Defense Federal Acquisition Regulation Supplement cyber regulations with the comprehensive nature of the National Institute of Standards and Technology "controlled unclassified information" requirements creates a formidable compliance challenge for any contractor and its subcontractors, says Steven Snyder of Smith Moore Leatherwood LLP.

  • Time To Update Your Privacy Statement For GDPR

    Glory Francke

    As European regulators are still producing guidance on the General Data Protection Regulation and member states are still adopting related legislation, it is unclear how to prepare for the GDPR in relation to some issues. For other issues, however, companies can confidently act now. Privacy statements are a great example, says Glory Francke of Davis Wright Tremaine LLP.

  • Privacy Takes A Backseat To Whistleblowing Under HIPAA

    Steve Sozio

    There is no dispute about the importance of protecting patient information, and health care providers are spending significant portions of their precious resources to comply with the rigorous requirements of the Health Insurance Portability and Accountability Act. But there is one group that has received a pass when it comes to protecting patient privacy, say Steve Sozio and Katie Miler Schilling of Jones Day.

  • Opinion

    Manufacturers Must Focus On Securing The Internet Of Things

    Aristedes Mahairas

    We know internet-of-things devices are unsecure. Some say they are likely to remain unsecure. But given the increasing risk and seriousness of IoT-based attacks, manufacturers should take proactive measures to bring to market IoT devices that contain standard security protocols, says Aristedes Mahairas, special agent-in-charge of the FBI’s New York Special Operations/Cyber Division.