CyberSecurity & Data Privacy

East Meets West: Virginia Follows California's Example with Comprehensive Consumer Data Protection Legislation

East Meets West: Virginia Follows California’s Example with Comprehensive Consumer Data Protection Legislation

Article published in Virginia Lawyer | April 2021 | VOL. 69 | The Construction Law and Public Contracts Issue | Page 45 ...
Read More
pexels-photo-160107

Protecting Your Organization: Eastern District of Virginia Rules Cybersecurity Incident Report Not Privileged Work Product

On May 26, 2020, in In re Capital One Consumer Data Security Breach Litigation, MDL 1:19md2915 (E.D. Va.) the Federal District Court for the Eastern District of Virginia (Alexandria Division) (Anderson, J.) held that a forensic investigation report conducted by a third-party investigator under the direction of outside counsel on behalf of Capital One in response to a data breach was not entitled to protection ...
Read More
COVID-19 And Teleworking – Making Sure Businesses And Their Employees Are On The Same Page

COVID-19 And Teleworking – Making Sure Businesses And Their Employees Are On The Same Page

Your employee is sitting at his or her home office working on a project and notices an email in his or her inbox with the subject line: “Urgent Request” or “Please get this done ASAP.” Not wanting to miss an urgent communication from work in this age of telework, your employee immediately switches tasks to review the email.  It appears that the email has come ...
Read More
Be Vigilant - Covid-19 Creates Additional Opportunities For Fraud

Be Vigilant – Covid-19 Creates Additional Opportunities For Fraud

As the spread of COVID-19 virus creates anxiety and uncertainty across the globe, it also creates new opportunities for cyber fraud. On Saturday, the United States Department of Justice (DOJ) filed a complaint for a Temporary Restraining Order in the Western District of Texas against defendant, “John Doe” who, according to the complaint, “acting alone or in concert with others” operated a website known as ...
Read More
Cyber Liability Insurance for Small to Medium Size Businesses - Are You Covered?

Cyber Liability Insurance for Small to Medium Size Businesses – Are You Covered?

Today, it seems hardly a month passes without a report of another business falling victim to a data breach. Over the past few years, some of the largest and well-known companies such as Equifax, Target, Home Depot, TJ Maxx, Anthem, Sony Pictures, and Uber, have been affected by data breaches. These companies have experienced significant losses, totaling millions of dollars. While larger companies may possess ...
Read More
pexels-photo-160107

DoD Introduces New Cybersecurity Certification for Defense Contractors

With the federal government’s first False Claims Act case based on cybersecurity regulations from the Department of Defense (DoD) and NASA making its way through the courts, (United States ex rel. Markus v. Aerojet Rocketdyne Holdings, Inc.) and the continuing issues surrounding the implementation of the 2016 amendments to the Defense Federal Acquisition Regulation Supplement (DFARS)  designed to safeguard controlled unclassified information, defense contractors  are ...
Read More
pexels-photo-160107

Business Email Compromise Scams and Malware: Why Construction Companies Should Worry

From 3D printing and drone use, to increased use of tablets, laptops, smartphones, and wearables, the construction industry is becoming increasingly dependent on the use of technology. Use of augmented reality programs, advanced tracking technologies, and multi-user cloud-based platforms are on the rise; and while these technologies can increase efficiency, reduce costs, and increase worksite safety, they also come with increased risk. This article discusses ...
Read More
pexels-photo-160107

Ransomware – What it is, how to avoid it, and what to do if you are infected.

Ransomware has been one of the top cyber threats in the past several years. Thanks to the WannaCry attack of 2017 and others, most people have heard of this type of cyber threat, but many do not know how it works, how to protect against it, or what to do if they are infected.  Here are some suggestions to include in your overall cyber risk ...
Read More
Malware – A Persistent Threat to the Maritime Industry

Malware – A Persistent Threat to the Maritime Industry

During the last several years, many industries have fallen victim to cyber-attacks, and the maritime industry is not immune.  Consider the following recent news reports:  In 2017, the largest container shipping company in the world, A.P. MØller-Maersk, fell victim to NotPetya, a type of destructive malware, that required the installation of 4,000 new servers, 45,000 new PCs and 2,500 applications, costing the organization between $250 ...
Read More
Patent

Patent Trolls – What Businesses Need To Know

One day, you receive a letter from a company or law firm accusing your business of patent infringement.  The letter states that in order to avoid a costly lawsuit, you must pay the company a licensing fee.  You ask yourself whether this is some type of scam and you consider simply throwing the letter away because you have never heard of this company and you ...
Read More
photo-546819

Canada’s New Data Breach Reporting Requirements In Effect As Of November 1, 2018

Effective November 1, 2018, organizations engaged in commercial activities in certain Canadian provinces and territories  now have additional data breach reporting requirements pursuant to the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA1) and the Breach of Security Safeguards Regulations2. While Quebec3, British Columbia4 and Alberta5 previously adopted substantially similar data breach requirements, if personal information during the course of a commercial activity crosses borders, ...
Read More
Protection background. Technology security.

Five Steps to Greater Cybersecurity Health for Community Associations

Media reports concerning cyber attacks continue to increase.  Over the past few years, some of the largest and well-known companies have been affected by data breaches. These companies have experienced millions of dollars in losses as a result.  Even a small data breach impacting only a few thousand records can expose a business to significant losses that may have a devastating impact including causing a ...
Read More
Federal Law Considerations For Data Custodians Operating Within Ftca § 5

Federal Law Considerations For Data Custodians Operating Within Ftca § 5

The last article discussed the consent orders that typically result from Federal Trade Commission Act (“FTCA”) § 5 enforcement actions. This article, the final in a four-article series on data custodianship, discusses some sector-specific laws and provides links for further research.  While these laws are more industry-specific than FTCA § 5, these laws provide the Federal Trade Commission (“FTC”), other agencies, and sometimes individual victims ...
Read More
Ftc Consent Orders Pursuant To Ftca § 5

Ftc Consent Orders Pursuant To Ftca § 5

In the last article, we discussed FTCA § 5 enforcement actions. This article describes the consent orders that often result from FTC complaints alleging unfair or deceptive practices or other unlawful acts in the realm of privacy and data protection.  While consent orders do not require an admission of guilt, they generally prohibit the conduct which gave rise to the initial complaint, require defendants obtain ...
Read More
Ftc Consent Orders Pursuant To Ftca § 5

Ftc Consent Orders Pursuant To Ftca § 5

In the last article, we discussed FTCA § 5 enforcement actions. This article describes the consent orders that often result from FTC complaints alleging unfair or deceptive practices or other unlawful acts in the realm of privacy and data protection.  While consent orders do not require an admission of guilt, they generally prohibit the conduct which gave rise to the initial complaint, require defendants obtain ...
Read More
Ftca § 5 And Unfair Or Deceptive Trade Practices

Ftca § 5 And Unfair Or Deceptive Trade Practices

In the last article, we outlined, generally, privacy and data protection considerations for compliance with applicable laws.  This article discusses the Federal Trade Commission Act (“FTCA”) § 5, which empowers the Federal Trade Commission (“FTC”) to pursue enforcement actions against companies that engage in “unfair” acts that are (1) likely to cause substantial injury to consumers (2) that is neither reasonably avoidable (3) nor outweighed ...
Read More
Ftca § 5 And Unfair Or Deceptive Trade Practices

Ftca § 5 And Unfair Or Deceptive Trade Practices

In the last article, we outlined, generally, privacy and data protection considerations for compliance with applicable laws.  This article discusses the Federal Trade Commission Act (“FTCA”) § 5, which empowers the Federal Trade Commission (“FTC”) to pursue enforcement actions against companies that engage in “unfair” acts that are (1) likely to cause substantial injury to consumers (2) that is neither reasonably avoidable (3) nor outweighed ...
Read More
Data Custodianship: My Website has 10,000 Users, Now What?

Data Custodianship: My Website has 10,000 Users, Now What?

This article is the first in a four-article series discussing how certain federal laws impact data custodians, those who collect, store, process, disclose, and otherwise use consumer data. The widespread necessity for businesses to establish an internet presence has transformed many conventional businesses into data custodians.  While some businesses embrace this new-found role and attempt to create additional revenue by selling data to third parties, ...
Read More
Cyber Liability Insurance for Small to Medium Size Businesses – Are You Covered??

Cyber Liability Insurance for Small to Medium Size Businesses – Are You Covered??

Today, it seems hardly a month passes without a report of another business falling victim to a data breach.  Over the past few years, some of the largest and well-known companies such as Equifax, Target, Home Depot, TJ Maxx, Anthem, Sony Pictures, and Uber, have been affected by data breaches. These companies have experienced significant losses, totaling millions of dollars. While larger companies may possess ...
Read More
DFARS Clause 252.204.7012 Requirements in Cloud Computing

DFARS Clause 252.204.7012 Requirements in Cloud Computing

On December 31, 2017, contractors and subcontractors working with the Department of Defense (DoD) will be required to provide adequate security measures on all covered information systems that process, store, or transmit covered defense information (CDI) in accordance with Defense Federal Acquisition Regulation Supplement (DFARS) clause 252.204-7012. If you intend to use cloud computing services in the performance of a contract, there are specific requirements ...
Read More
Upcoming Events
Stay Connected
0
    0
    Your Cart
    Your cart is empty