Webinar on September 13: Privacy and Data Security for the Generalist In-House Counsel

Privacy and data security have rocketed to the top of the list of concerns for all corporate boards. Whether you are a technology company, a biotech, or a traditional widget maker, your company has confidential information about its products, customers and employees. And that information has to be protected as a matter of law, both by statute and under contracts with your customers and suppliers.… More

Mistake in Your Credit Report? The Latest Spokeo Decision Suggests You May Have A Case.

In the 9th Circuit’s August 15, 2017 decision in Robins v. Spokeo, the latest in the long-running legal debate about when a consumer cause of action exists for a data breach, the 9th Circuit has declared that inaccuracies in a published credit report may sometimes constitute a “concrete injury” sufficient to confer Article III standing. This is a significant win for consumer protection advocates,… More

Can Procurement Law Slow Down Data Breach Response? A Closer Look.

What happens when state and local governments respond to significant data breaches?  They often turn to the private sector for breach response capabilities in order to mitigate damages.  Speed is the name of the game, and state and local governments often move with alacrity to save face.

But what about procurement laws?

The rush to hire sophisticated private entities to support data breach response efforts is in tension with statutory competitive bidding mandates. … More

The Man Who Wrote Those Password Rules Has a New Tip: N3v$r M1^d!

Great article in the Wall Street Journal this week (paywall), on the history of passwords and password management. I did not know that the seeming obsession with passwords featuring a strange mixing of capital letters, numbers and !@#$%^&*()+ derives from a 2003 National Institute of Standards and Technology report, “NIST Special Publication 800-63. Appendix A.” This report advised computer users to protect their accounts by using the now familiar mélange of characters,… More

Top U.S. Cyber Official Resigns

Christopher Painter, the State Department’s “Coordinator for Cyber Issues” stepped down on July 28, 2017. Described as the Department’s “weary soldier in America’s cyber war,” Painter traveled the globe advancing U.S. interests in cyberspace. His efforts included coordinating diplomacy in cyber security matters and launching “cyber dialogues” with foreign powers. The aim of those dialogues: reducing cyber threats ranging from D-DOS attacks to the theft of intellectual property.… More

Stolen Tax Returns? Virginia Seeks a Solution.

Did someone steal your tax return?  You are not alone.  Indeed, the rise in tax-related identity theft has been well documented.  In 2015, the FTC reported a 50% increase in identity theft complaints.  A primary cause for that increase was the rise in tax-related identity theft.  In response to this increase, the IRS has made stopping identity theft and refund fraud a top priority.  From 2011-2014, the IRS reported that it stopped 19 million suspicious returns and protected more than $63 billion in fraudulent returns. … More

Cyber Insurance: Prevalent But By No Means Ubiquitous

A recent survey from the credit score company FICO has some interesting numbers on the prevalence of cyber insurance in the US.

  • 50% of US companies have no cyber insurance.
  • 74% of US healthcare companies have no cyber insurance.
  • 27% of US companies say they have no future plans to acquire cyber insurance.

Today, you can expect the more traditional types of business insurance,… More

Deja Vu All Over Again: Massive Ransomware Attack Underway

A mere month and a half after the WannaCry strain of ransomware caused major havoc in European and Asian countries, another major ransomware attack hit large institutions across Europe and the United States yesterday.  ‎Hardest hit has been Ukraine, which has seen major attacks on its government, banks, and power infrastructure.  Other European firms such as Germany’s Deutsche Bahn railways and Danish shipping firm A.P.… More

FTC Updates COPPA Guidance for Businesses

On June 21, 2017, the FTC updated its COPPA Compliance Guidance for businesses. The new guidance includes new descriptions of services and products covered by COPPA, and new methods for obtaining parental consent.

Though the guidance is new, the subjects of the guidance generally are not; for example, “internet-enabled location-based services” have long been within the ambit of COPPA because geolocation information has long been part of the definition of “personal information” of children that COPPA regulates.… More

The Boston Municipal Research Bureau and Foley Hoag LLP Invite You to a Member Briefing on Cybersecurity in 2017

Cybersecurity has become an increasingly important issue for businesses and governments. Please join us as we host a Member Briefing with two premier experts in Cybersecurity.

Our speakers will provide insights into some of the most significant Cybersecurity challenges facing businesses and government today, including:

  • Evolving threats to how businesses & government operate
  • Insider threats and what that means for the future
  • Importance of being prepared and protected
  • The cost of cyber crime

Speakers