Category Archives: cybersecurity

The White House’s Revisions to its Breach Response Policy For Federal Agencies and Departments Also Affect Contractors

On January 3, 2017, the Obama Administration issued a memorandum to all executive departments and agencies setting for a comprehensive policy for handling breaches of personally identifiable information (the “Memorandum”), replacing earlier guidance. Importantly, the Memorandum also affects federal agency contractors as well as grant recipients. The Memorandum is not the first set of guidance to federal …

Read more »

Swiss-US Privacy Shield Will Replace Swiss-US Data Protection Safe Harbor

On January 11, 2017, the Swiss Federal Council announced that a new framework will govern the transfer of personal data from Switzerland to the US.  According to the Federal Council, the Swiss-US Privacy Shield Framework “will apply the same conditions as the European Union.”  The International Trade Administration stated that the US Department of Commerce …

Read more »

Law Firm Data Breaches: Big Law, Big Data, Big Problem

The Year of the Breach 2016 was the year that law firm data breaches landed and stayed squarely in both the national and international headlines. There have been numerous law firm data breaches involving incidents ranging from lost or stolen laptops and other portable media to deep intrusions exposing everything in the law firm’s network. …

Read more »

2016 Cybersecurity Year in Review, and Data Privacy Trends to Watch in 2017

With 2016 in the rear-view mirror, we have been reflecting on the many data privacy and cybersecurity legal developments of the past year, both in the U.S. and internationally, as well as focusing on trends to watch in the new year. With best wishes for a Happy New Year from all of us, we present a …

Read more »

Russia v. USA: Geo Political Cyber Warfare And Your Business

The cyber war battlefield has expanded, and your business is now a fighter and a target. A new U.S. Government report explains many reasons for identifying and penalizing Russian hackers, the Russian intelligence services, and the Russian leadership in response to hacks on U.S. government, political and business targets. The report contains detailed information that …

Read more »

President Obama Authorizes Additional Sanctions on Russian Individuals and Entities: Executive Order 13964

President Obama authorized additional sanctions in response to the Russian Government’s harassment of U.S. officials and alleged cyber operations during the 2016 U.S. election. On December 29, 2016 the President amended Executive Order (EO) 13964, which, in April 2015, created a targeted authority for the Government to respond effectively to significant cyber threats. The President …

Read more »

House Energy and Commerce Committee Holds Hearing on Security of Internet of Things

The growing scale of cybersecurity concerns is prompting action from government leadership on the federal level. Before the Thanksgiving recess, the House’s Committee on Energy and Commerce got in on the act when two of its subcommittees–the Communications and Technology Subcommittee, chaired by Rep. Greg Walden (R-OR), and the Commerce, Manufacturing, and Trade Subcommittee, chaired by …

Read more »

Cybersecurity Due Diligence Is Crucial in All M&A—Including Energy M&A Transactions

Can a single data breach kill or sideline a deal? Perhaps so. Last month Verizon signaled that Yahoo!’s disclosure of a 2014 cyberattack might be a “material” change to its July $4.83 billion takeover bid—which could lead Verizon to renegotiate or even drop the deal entirely. Concern over cybersecurity issues is not unique to technology …

Read more »

Privacy and Data Security in the Trump Administration

Privacy and data security issues were prominent in the campaign. Allegations were even made that Russia was behind the DNC hack. Despite it being front and center in the campaign, cybersecurity did not generate specific policies from the Trump campaign. One thing Donald Trump did promise was a top to bottom review of US cyber …

Read more »

Legal Challenge to EU-US Privacy Shield Framework

As widely expected, the EU-US Privacy Shield is being challenged before the European courts. What is Privacy Shield? In October 2015, the Court of Justice of the European Union (CJEU) ruledthat the European Commission’s decision on adequacy for the Safe Harbor scheme was invalid.  The European Union and the United States agreed a new framework …

Read more »