CyberSecurity & Data Privacy

Canada’s New Data Breach Reporting Requirements In Effect As Of November 1, 2018

11/16/2018Vandeventer Black

Effective November 1, 2018, organizations engaged in commercial activities in certain Canadian provinces and territories  now have additional data breach reporting requirements pursuant to the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA1) and the Breach of Security Safeguards Regulations2. While Quebec3, British Columbia4 and Alberta5 previously adopted substantially similar data breach requirements, if personal… Read more »

Five Steps to Greater Cybersecurity Health for Community Associations

08/14/2018Gallo, Jonathan V.

Media reports concerning cyber attacks continue to increase.  Over the past few years, some of the largest and well-known companies have been affected by data breaches. These companies have experienced millions of dollars in losses as a result.  Even a small data breach impacting only a few thousand records can expose a business to significant… Read more »

Federal Law Considerations For Data Custodians Operating Within Ftca § 5

latest news

08/10/2018Gallo, Jonathan V.

The last article discussed the consent orders that typically result from Federal Trade Commission Act (“FTCA”) § 5 enforcement actions. This article, the final in a four-article series on data custodianship, discusses some sector-specific laws and provides links for further research.  While these laws are more industry-specific than FTCA § 5, these laws provide the… Read more »

Ftc Consent Orders Pursuant To Ftca § 5

latest news

08/10/2018Gallo, Jonathan V.

In the last article, we discussed FTCA § 5 enforcement actions. This article describes the consent orders that often result from FTC complaints alleging unfair or deceptive practices or other unlawful acts in the realm of privacy and data protection.  While consent orders do not require an admission of guilt, they generally prohibit the conduct… Read more »

Ftca § 5 And Unfair Or Deceptive Trade Practices

latest news

08/10/2018Gallo, Jonathan V.

In the last article, we outlined, generally, privacy and data protection considerations for compliance with applicable laws.  This article discusses the Federal Trade Commission Act (“FTCA”) § 5, which empowers the Federal Trade Commission (“FTC”) to pursue enforcement actions against companies that engage in “unfair” acts that are (1) likely to cause substantial injury to… Read more »

Data Custodianship: My Website has 10,000 Users, Now What?

latest news

08/10/2018Gallo, Jonathan V.

This article is the first in a four-article series discussing how certain federal laws impact data custodians, those who collect, store, process, disclose, and otherwise use consumer data. The widespread necessity for businesses to establish an internet presence has transformed many conventional businesses into data custodians.  While some businesses embrace this new-found role and attempt… Read more »

DFARS Clause 252.204.7012 Requirements in Cloud Computing

latest news

11/15/2017Gallo, Jonathan V.

On December 31, 2017, contractors and subcontractors working with the Department of Defense (DoD) will be required to provide adequate security measures on all covered information systems that process, store, or transmit covered defense information (CDI) in accordance with Defense Federal Acquisition Regulation Supplement (DFARS) clause 252.204-7012. If you intend to use cloud computing services… Read more »

Vandeventer Black LLP hires Cybersecurity Attorney

10/25/2017Gallo, Jonathan V.

Vandeventer Black is pleased to announce the addition of Jonathan V. Gallo to the firm’s Cybersecurity and Data Privacy Group. Gallo will concentrate his practice primarily in cybersecurity, information privacy/security, software licensing, and government contracting. “We are excited to welcome Jonathan to our firm,” said Michael L. Sterling, Managing Partner. He will assist our clients… Read more »

Counting Down to Deadline for DoD Requirements for Safeguarding Covered Deference Information and Cybersecurity Incident Reporting

latest news

10/11/2017Sterling, Michael L.

Defense Federal Acquisition Regulation Supplement (DFARS) 252.204-7012 goes into effect on December 31, 2017. This “Cyber Clause” applies to most companies that do business directly with the Department of Defense as well as subcontractors and vendors. The Cyber Clause applies to Covered Defense Information (CDI), which is broadly defined to include almost all nonpublic information…. Read more »