Cybersecurity & Privacy

  • October 4, 2017

    Knight Institute Files FOIA Suit Over 'Extreme Vetting' Policies

    Columbia University’s Knight First Amendment Institute filed suit in New York federal court Wednesday against various federal agencies seeking documents relating to the “extreme vetting” of non-citizens, saying the government’s failure to produce the records violates the Freedom of Information Act.

  • October 4, 2017

    IRS Head Questioned By Congress On New Equifax Contract

    Congresswoman Suzan DelBene, D-Wash., sent a letter to IRS Commissioner John Koskinen on Wednesday demanding answers as to why the agency awarded a no-bid contract for taxpayer and personal identity verification services to Equifax, the credit-reporting agency that suffered a massive security breach exposing the personal information of nearly half of all Americans.

  • October 4, 2017

    Rosenstein Says Working With DOJ Can Benefit Tech Cos.

    Deputy Attorney General Rod Rosenstein told an audience of tech executives gathered in Boston on Wednesday that the U.S. Department of Justice is poised to help them root out abuse and criminal activity, despite its concerns about their increasing use of encryption.

  • October 4, 2017

    'No Time To Wait' On Criminal Reforms, Boston Attys Say

    The Boston Bar Association on Wednesday made six criminal justice recommendations for the commonwealth of Massachusetts, including repealing mandatory minimums, changing the cash bail system so people don’t have to wait in jail, and reforming the criminal records law that holds people back from getting jobs.

  • October 4, 2017

    1st Circ. Nixes Suit On Ex-Husband's Use Of FBI Surveillance

    The First Circuit on Tuesday declined to revive a lawsuit in which the ex-wife of an FBI agent accused the federal government of negligently supervising his use of the bureau's surveillance equipment, which she said he used to keep track of her during their marriage.

  • October 4, 2017

    Families Of Pilots, US Rep. Sue DOD For Deadly Crash Info

    Rep. Walter Jones, R-N.C., and the families of two U.S. Marine Corps pilots who died in a 2000 tiltrotor crash sued the U.S. Department of Defense in Washington, D.C., federal court Tuesday, seeking access to documents on the crash they say have been wrongly withheld.

  • October 4, 2017

    1,100 NFL Players’, Agents’ Data Leaked In Breach

    The personal data of more than 1,100 professional football players and agents has been exposed as the result of a misconfigured online database operated by the National Football League Players Association, a cybersecurity company recently revealed.

  • October 4, 2017

    SEC Urged To Delay Start Of Audit Trail Over Cyber Risks

    A top Republican lawmaker pressed U.S. Securities and Exchange Commission Chairman Jay Clayton on Wednesday to postpone the planned November launch of a massive database known as the Consolidated Audit Trail, citing the recent disclosure of a hack into the agency's data system on public companies.

  • October 4, 2017

    Bird & Bird To Open San Francisco Office In Mid-2018

    Bird & Bird LLP will open a San Francisco office, its first in the U.S., in mid-2018 as part of its drive to offer clients more face-to-face advisement on grappling with European Union privacy and data laws, the firm announced Monday.

  • October 4, 2017

    GCs Hesitant To Share Cyberthreat Info, DHS Official Says

    As important as sharing information between industry and government is to combat cyberthreats, the U.S. Department of Homeland Security continues to encounter corporate general counsels more eager to receive threat data from the government than they are to share their own, a senior DHS cyber official said Wednesday.

  • October 4, 2017

    Sens. Hammer Ex-Equifax CEO Over Data Breach Response

    Former Equifax Inc. Chairman and CEO Richard Smith on Wednesday faced hostile questioning over the devastating breach that led to personal information for over 145.5 million Americans getting exposed, as well as concerns about the future and purpose of the consumer credit reporting industry.

  • October 4, 2017

    Dish Network Can't Duck $61M Treble Damages In TCPA Row

    A North Carolina federal judge refused to set aside or reduce a $61 million judgment against Dish Network LLC for violating the Telephone Consumer Protection Act, finding that Dish had waived its right to assert the suit was precluded by another, similar case, and the court got it right when it tripled the damages.

  • October 4, 2017

    Feds Oppose Time Warner Appeal Of TCPA's Constitutionality

    Federal prosecutors intervened Tuesday in a suit against Time Warner Cable Inc. in New York federal court over allegedly unsolicited phone calls, arguing that the communications giant hasn’t met the high standard to challenge the Telephone Consumer Protection Act's constitutionality at the Second Circuit.

  • October 4, 2017

    DHS Chief Says Cos. 'Right To Worry' About Cyberthreats

    The acting secretary for the U.S. Department of Homeland Security had a stark warning for industry Wednesday as she pushed for legislation to elevate DHS’ cybersecurity division into a full-blown agency, as well as for more information sharing on cyberthreats and for greater efforts plugging cybersecurity job vacancies.

  • October 3, 2017

    EU High Court To Weigh Data Transfer Tool In Facebook Row

    The European Court of Justice will soon decide whether multinational companies such as Facebook can continue to use model contracts to transfer data between the EU and U.S., after Ireland's high court on Tuesday found that the national data protection regulator had "well-founded concerns" about whether the mechanism violates EU law.

  • October 3, 2017

    Equifax Scores $7.25M Fraud Prevention Contract From IRS

    The Internal Revenue Service has hired Equifax to verify taxpayers' identities in a $7.25 million contract in which the government didn't consider other bidders, despite the company's involvement in a data breach that impacted 145 million people, the IRS confirmed Tuesday.

  • October 3, 2017

    Yahoo Says 2013 Breach Bigger Than Thought, All 3B Hacked

    Yahoo Inc. announced Tuesday that a 2013 data breach it previously thought impacted more than 1 billion user accounts actually affected every single account, approximately 3 billion at that time.

  • October 3, 2017

    Waymo-Uber Trade Secret Trial Delayed As Judge Blasts Attys

    U.S. District Judge William Alsup on Tuesday granted Waymo’s request to delay the trial in its trade secret suit against Uber until December due to Uber’s slow document production, but not before lashing out at counsel on both sides, saying he "cannot trust what they say.”

  • October 3, 2017

    9th Circ. Judge ‘Creeped Out’ By ESPN, Adobe Data Swap

    A Ninth Circuit judge appeared open Tuesday to reviving a putative class action alleging ESPN wrongfully disclosed app users' personal information to Adobe, saying during a hearing she’s “creeped out” by companies that share viewer data to target internet advertising and suggesting it may be a privacy invasion Congress intended to prevent.

  • October 3, 2017

    DOD Wants Kaspersky Halt For Classified Contractor Systems

    Federal contractors who use classified information systems must stop using products made by AO Kaspersky Lab, the Defense Security Service announced Monday, following a similar directive issued to federal agencies that cited potential security risks from links between Kaspersky officials and the Russian government.

Expert Analysis

  • CareFirst And Constitutional Standing: A Post-Spokeo Review

    Cinthia Granados Motley

    When it comes to the issue of Article III standing in data breach cases, the D.C. Circuit’s recent decision in Attias v. CareFirst demonstrates the analysis many appellate courts now seem to be applying, say attorneys with Sedgwick LLP.

  • Opinion

    Privacy And The DreamHost Paradox

    Jeff Hamburg

    Consider the D.C. judge's evaluation of the DreamHost warrant's proper digital scope, and then compare it to how the Federal Rules of Civil Procedure go further — yes, further — to protect parties from far less injurious e-discovery requests, says Jeff Hamburg of the Digital Privacy Alliance.

  • Insurers Win Series Against Lakers In TCPA D&O Shootout

    Lawrence Bracken II

    This month, the Ninth Circuit affirmed that the Los Angeles Lakers were not entitled to coverage for a fan's class action alleging violations of the Telephone Consumer Protection Act. This decision should not be seen to foreclose future TCPA defendants from obtaining D&O coverage, but it sends a staunch reminder to policyholders that they should carefully analyze the language of their policies, say attorneys with Hunton & Williams LLP.

  • An Emerging Patchwork Of Cybersecurity Rules

    Michael Bahar

    With the recent adoption of cybersecurity regulations governing broker-dealers and investment advisers registered in Colorado and Vermont, the landscape of cybersecurity regulation continues to evolve. For businesses not yet covered by cyber regulations, these latest moves indicate that the day of reckoning may be coming, say attorneys with Eversheds Sutherland.

  • Takeaways From Split DC Circ. Ruling On Cellphone Warrant

    Thomas Zeno

    Even though the incriminating evidence at stake in Griffith was a firearm, the D.C. Circuit's majority and dissenting opinions provide insight into several issues related to execution of a search warrant seeking a cellphone, say Thomas Zeno and Caleb Barker of Squire Patton Boggs LLP.

  • FTC’s First Foray Into Gig Economy Data Security

    James DeGraw

    The Federal Trade Commission’s recent action against Uber reflects its untested but expansive interpretation of “consumer” under the FTC Act to include not only the users in the shared economy, but also some service providers. It also highlights the agency's tightened expectations of what is required to “reasonably” secure data from internal users, say attorneys with Ropes & Gray LLP.

  • Self-Collection In E-Discovery — Risks Vs. Rewards

    Alex Khoury

    As judges become better educated about the complexities of collecting electronically stored information, in particular the inefficacy of keyword searching, they are increasingly skeptical of self-collection. And yet, for many good reasons (and a few bad ones), custodian self-collection is still prevalent in cases of all sizes and in all jurisdictions, says Alex Khoury of Balch & Bingham LLP.

  • Sellers Are Not Liable For Independent Contractors' Calls

    Patrick McLaughlin

    The Ninth Circuit's recent decision in Jones v. Royal found that a seller was not vicariously liable for calls made by a telemarketer in violation of the Telephone Consumer Protection Act. Sellers should review their contracts and make sure that their telemarketers are independent contractors in order to minimize their liability, says Patrick McLaughlin of Spencer Fane LLP.

  • 6 Common Lateral Partner Myths Debunked

    Dan Hatch

    It’s safe to say that while demand ebbs and flows for legal services, there will never be a shortage of opinions about lateral partner hiring, which is positive for the industry, as anything with such vital importance to careers should attract significant attention. However, there is a unique mythology that travels with the discussions, says Dan Hatch of Major Lindsey & Africa.

  • 6 Cybersecurity Questions Gov't Contractors Should Address

    Gregory Garrett

    Based on their recent discussions with more than 100 government contractors, Gregory Garrett and Karen Schuler of BDO LLP outline six pain points related to the implementation of cybersecurity information governance, risk management and compliance.