Category Archives: cybersecurity

In re: Target Corporation Customer Data Security Breach Litigation — instructive 8th Circuit case re class certification

Jim Sciaroni  v.  Target Corporation Civil case – Class Action in Target Security Breach. The district court’s statement in the class certification order regarding Rule 23(a)(4)’s representation adequacy requirement are conclusions, not reasons, and on their own do not constitute the “rigorous analysis” of whether certification was proper in this case; the court has a continuous duty to reevaluate certification …

Read more »

The Department Of Homeland Security Proposes New Rules Affecting Federal Government Contractors

This week, the Department of Homeland Security (“DHS”) issued three proposed rules expanding data security and privacy requirements for contractors and subcontractors. The proposed rules build upon other recent efforts by various federal agencies to strengthen safeguarding requirements for sensitive government information.  Given the increasing emphasis on data security and privacy, contractors and subcontractors are …

Read more »

Cyber-Attacks: A Problem In 2016, Still A Problem in 2017

A survey of nearly 600 organisations across a variety of industries globally has revealed 98% of these organisations experienced some form of cyber-attack in 2016. (We are left wondering if the other 2% just didn’t notice?) The survey, conducted by cyber-security company Radware, also found that many organisations are still not prepared to face the …

Read more »

The White House’s Revisions to its Breach Response Policy For Federal Agencies and Departments Also Affect Contractors

On January 3, 2017, the Obama Administration issued a memorandum to all executive departments and agencies setting for a comprehensive policy for handling breaches of personally identifiable information (the “Memorandum”), replacing earlier guidance. Importantly, the Memorandum also affects federal agency contractors as well as grant recipients. The Memorandum is not the first set of guidance to federal …

Read more »

Swiss-US Privacy Shield Will Replace Swiss-US Data Protection Safe Harbor

On January 11, 2017, the Swiss Federal Council announced that a new framework will govern the transfer of personal data from Switzerland to the US.  According to the Federal Council, the Swiss-US Privacy Shield Framework “will apply the same conditions as the European Union.”  The International Trade Administration stated that the US Department of Commerce …

Read more »

Law Firm Data Breaches: Big Law, Big Data, Big Problem

The Year of the Breach 2016 was the year that law firm data breaches landed and stayed squarely in both the national and international headlines. There have been numerous law firm data breaches involving incidents ranging from lost or stolen laptops and other portable media to deep intrusions exposing everything in the law firm’s network. …

Read more »

2016 Cybersecurity Year in Review, and Data Privacy Trends to Watch in 2017

With 2016 in the rear-view mirror, we have been reflecting on the many data privacy and cybersecurity legal developments of the past year, both in the U.S. and internationally, as well as focusing on trends to watch in the new year. With best wishes for a Happy New Year from all of us, we present a …

Read more »

Russia v. USA: Geo Political Cyber Warfare And Your Business

The cyber war battlefield has expanded, and your business is now a fighter and a target. A new U.S. Government report explains many reasons for identifying and penalizing Russian hackers, the Russian intelligence services, and the Russian leadership in response to hacks on U.S. government, political and business targets. The report contains detailed information that …

Read more »

President Obama Authorizes Additional Sanctions on Russian Individuals and Entities: Executive Order 13964

President Obama authorized additional sanctions in response to the Russian Government’s harassment of U.S. officials and alleged cyber operations during the 2016 U.S. election. On December 29, 2016 the President amended Executive Order (EO) 13964, which, in April 2015, created a targeted authority for the Government to respond effectively to significant cyber threats. The President …

Read more »

House Energy and Commerce Committee Holds Hearing on Security of Internet of Things

The growing scale of cybersecurity concerns is prompting action from government leadership on the federal level. Before the Thanksgiving recess, the House’s Committee on Energy and Commerce got in on the act when two of its subcommittees–the Communications and Technology Subcommittee, chaired by Rep. Greg Walden (R-OR), and the Commerce, Manufacturing, and Trade Subcommittee, chaired by …

Read more »