CEO Zuckerberg: Facebook User Settings Protect Individual Data – Congress Is Not So Sure

/ Data, Privacy

By: Linda Perkins

After ten hours of Congressional testimony, one thing is clear there is growing bipartisan concern over data privacy and data protection in the US. In the wake of so many recent data breaches, and now the data harvesting scandal embroiling Facebook, lawmakers in both chambers of Congress are very concerned about data security. Apparently, so are their constituents, judging from just a few of the questions sent in and read into the record during testimony from Facebook CEO Mark Zuckerberg.

The challenge now is what to do about it. …

CEO Zuckerberg: Facebook User Settings Protect Individual Data – Congress Is Not So SureRead More »

CEO Zuckerberg: Facebook User Settings Protect Individual Data – Congress Is Not So Sure Read More »

Cyber Law: Pennsylvania Supreme Court Watch

/ Court Rulings, Data Breach

By: Josh Mooney and Kate Woods

The body of cybersecurity case law continues to grow. On April 10, 2018, the Pennsylvania Supreme Court is set to hear arguments regarding employers’ liability for data breaches in Dittman v. UPMC.

Specifically, Pennsylvania’s justices will consider and ultimately decide whether UPMC had a duty to safeguard its employees’ electronic information and whether the economic loss doctrine applies, thus barring recovery for purely economic losses. …

Cyber Law: Pennsylvania Supreme Court WatchRead More »

Cyber Law: Pennsylvania Supreme Court Watch Read More »

Coalition of State Attorneys General Send Letter Demanding Answers from Facebook

/ Data, Privacy

By: Linda Perkins

On March 26, 2018, a bipartisan coalition of 37 state Attorneys General sent a letter to Facebook CEO Mark Zuckerberg demanding answers about the company’s business practices and privacy protections. Led by Pennsylvania Attorney General Josh Shapiro, the National Association of Attorneys General is taking issue with Facebook’s relationship with app developers, its efforts to protect and inform Facebook users, and seeking clear answers as to when Facebook first learned that users’ privacy had been compromised by a third-party app developer. …

Coalition of State Attorneys General Send Letter Demanding Answers from FacebookRead More »

Coalition of State Attorneys General Send Letter Demanding Answers from Facebook Read More »

FTC to Investigate Facebook’s Use of Personal Data

/ Data, Privacy, Regulation

By: Josh Mooney and Gwenn Barney

Allegations that Facebook allowed a data analytics company to mine the information of at least 50 million Americans have led to the opening of a Federal Trade Commission (FTC) investigation as to whether the company breached its 2011 consent decree with the agency by transferring personal data to Cambridge Analytica without the users’ prior knowledge and affirmative consent. …

FTC to Investigate Facebook’s Use of Personal DataRead More »

FTC to Investigate Facebook’s Use of Personal Data Read More »

Insider Trading Charges Brought Against CIO for Post-Breach Trading

/ Data Breach, Regulation

By: Joshua Mooney and Gwenn Barney

On March 14, 2018, the Securities and Exchange Commission (SEC) charged a chief information officer (CIO) for a US business division of Equifax with insider trading in advance of Equifax’s September 2017 disclosure of the massive security breach it suffered that exposed personal information of approximately 148 million Equifax customers. …

Insider Trading Charges Brought Against CIO for Post-Breach TradingRead More »

Insider Trading Charges Brought Against CIO for Post-Breach Trading Read More »

United States v. Microsoft Raises Significant Questions Regarding Application of the Stored Communications Act

/ Court Rulings, Data

By: Jay Shapiro and Sedgwick Jeanite

Justice Ginsburg: “In….1986, no one ever heard of clouds.”

On Tuesday, February 27, 2018, the US Supreme Court heard oral argument in connection with an ongoing dispute between the Department of Justice (DOJ) and Microsoft over data in the corporation’s datacenter in Ireland. At the core of the oral argument is the application of the Stored Communications Act (SCA), a law enacted in 1986 that regulates the US government’s ability to obtain emails and other communications from providers of electronic communication services or remote computing services. Microsoft has fought the government’s contention that a warrant obtained under the SCA can compel a US company to produce information under its control but stored outside the United States. …

United States v. Microsoft Raises Significant Questions Regarding Application of the Stored Communications ActRead More »

United States v. Microsoft Raises Significant Questions Regarding Application of the Stored Communications Act Read More »

Washington Suburb Targeted by Cybercrime and Ransomware Attacks

/ Cybercrime

A recent report from The Seattle Times provides details on a series of social engineering and ransomware attacks successfully perpetrated on a Seattle suburb during the second half of 2017. The incidents of cyber scams demonstrate the pervasive nature of these financial crimes, the need for increased vigilance and the challenges that require policies and procedures designed to prevent financial harm. …

Washington Suburb Targeted by Cybercrime and Ransomware AttacksRead More »

Washington Suburb Targeted by Cybercrime and Ransomware Attacks Read More »

SEC Updated Guidance on Cyber Disclosure by Publicly Traded Companies in a Digitally-Connected World

/ Cybersecurity, Privacy, Regulation

“To win a race, the swiftness of a dart availeth not without a timely start.”
~ Jean de La Fontaine

The Securities and Exchange Commission (the “Commission”) Wednesday announced updated cybersecurity guidance for public companies. This guidance reinforces the Division of Corporation Finance guidance issued in October 2011 and expands upon it to include two new topics: (i) the importance of cybersecurity policies and procedures and (ii) the application of insider trading prohibitions in the cybersecurity context. The guidance itself and early reactions make it evident that the Commission is committed to aggressively regulating this area over the long haul. …

SEC Updated Guidance on Cyber Disclosure by Publicly Traded Companies in a Digitally-Connected WorldRead More »

SEC Updated Guidance on Cyber Disclosure by Publicly Traded Companies in a Digitally-Connected World Read More »

Facebook’s Transparency Report Reveals Increase in Data Requests from U.S. Government

/ Business, Data, Privacy

By: Gwenn Barney

Facebook released its semi-annual Transparency Report on December 18 providing a snapshot of information requests that the government makes to the tech giant. Among the telling statistics in the report was an increase in the percentage of data requests that the government made on a confidential basis. …

Facebook’s Transparency Report Reveals Increase in Data Requests from U.S. GovernmentRead More »

Facebook’s Transparency Report Reveals Increase in Data Requests from U.S. Government Read More »

Class Action Suits Allege Violations of Illinois Biometric Information Privacy Act

/ Data, Privacy, Regulation

By: Gwenn Barney

As punch cards are replaced with retina scanners, and keys with fingerprint identification, employers are facing more lawsuits related to the protection of employees’ biometric data.

Last week, an employee filed two separate class action lawsuits in Illinois against salad restaurant chain Sweetgreen and Philadelphia-based food services provider Aramark for violations of the Illinois Biometric Information Privacy Act (BIPA). The new lawsuits add to over 30 lawsuits already filed for violations of BIPA in the past three months.

Class Action Suits Allege Violations of Illinois Biometric Information Privacy ActRead More »

Class Action Suits Allege Violations of Illinois Biometric Information Privacy Act Read More »