U.S. Steel ITC Case Alleging Chinese Government Hacked Its Network and Stole Its Secret Formulas May Be Revived

First, a little background for those unfamiliar with the wonderful world of the International Trade Commission (ITC). 

Section 337 of the Tariff Act of 1930 (19 U.S.C. § 1337) prohibits “unfair methods of competition and unfair acts in the importation of articles … into the Unites States,” including the importation of articles that infringe various types of intellectual property.  Companies can file complaints in the ITC and administrative law judges oversee the investigations. … More

Marijuana and Privacy: A Primer

Legal marijuana is America’s fastest-growing industry. According to ArcView Market Research, cannabis revenue is expected to exceed $22 billion by 2020—nearly double that of the NFL. This past year, Colorado saw its sales reach over $1 billion. Here in Massachusetts, sales are expected to grow to $900 million within three years. Given the nationwide trend toward legalization (at the time of writing,… More

New Mexico, One of the Last Holdouts, Sends Data Breach Notification Law to Governor

New Mexico is one of the few remaining states to not have a law requiring companies to notify consumers when their information is part of a data breach.  This, however, might change very soon.  Last Wednesday, the New Mexico Legislature passed House Bill 15, called the “Data Breach Notification Act,” sending the bill to Governor Susana Martinez for her signature.

Among other things, the act requires companies with personally identifiable information of New Mexico residents to use reasonable security procedures and practices to protect that information. … More

Where Should Broker Dealers Invest Today? Cyber Security Compliance

With cyber security threats on the rise, broker dealers must prioritize protection of electronic investor information.  What cyber security threats exist for broker dealers?  In its 2015 Report on Cyber Security Practices, the Financial Industry Regulatory Authority (FINRA) identified a wide range of actors that may attempt to compromise a broker dealers’ electronic records and functions: (1) cybercriminals seeking to steal; (2) nation states; (3) terrorist groups;… More

Privacy and Security Audits May Be Moving From Education to Enforcement

Partner Colin Zick speaks with BNA’s Health Care Daily Report™ on what providers and medical institutions can expect from the future of HIPAA audits and why self-auditing is so important. Click here to read the full article. More

BBA Announces Privacy and Cybersecurity Conference

Partner Colin Zick sits on the advisory committee for Boston Bar Association’s inaugural Privacy & Cybersecurity Conference.

Held at the Courtyard Marriott in Boston on May 24 , this full-day conference will cover a wide range of topics from data breach response and litigation to compliance and transactional issues. Panelists will discuss new developments in the legal and regulatory landscape, while providing strategies to effectively prepare and respond to your client’s needs and offer insights into challenges and opportunities ahead.… More

Cybersecurity, A-Z: B is for BYOD

(Part of a continuing series.)

BYOD, or “Bring Your Own Device,” is an umbrella term for policies that employers have concerning your smart phone, tablet, or laptop.  Essentially, the questions that BYOD policies seek to answer are these:  (1) Who owns your device?  (2) Who owns the information on your device?  (3)  What happens if that information (or the device itself) gets lost or stolen?  and (4) What happens to the device and information after you leave the employer?… More

The Internet of Toys

Privacy advocates in both the United States and Europe are urging regulators to take a hard look at the privacy ramifications of internet-connected toys, which are often conventional toys augmented by companion mobile applications.

In December, the privacy advocacy group Electronic Privacy Information Center (EPIC), joined by several other organizations, filed a complaint with the Federal Trade Commission regarding two firms that manufacture, sell, and operate internet-connected dolls. … More

Cybersecurity, A-Z: A is for Active Cyber Defense

(First in a continuing series.)

Active Cyber Defense, or ACD, is a broad category encompassing different kinds of actions that organizations can take to defend against breaches and cyberattacks. The operative word is “active.”  Conventional security against breaches tend to involve anti-virus software, encryption, and other perimeter defenses that act to prevent outsiders from coming in to your organization’s systems.  ACD tools are different, and involve anticipating,… More

Partner Colin Zick Named to Law360 2017 Privacy & Consumer Protection Editorial Advisory Board

Law360 recently announced the formation of its 2017 Privacy & Consumer Protection editorial advisory board, which includes partner Colin Zick..

The purpose of the editorial advisory board is to get feedback on Law360’s coverage and to gain insight from experts in the field on how best to shape future coverage.

Click here to see the full members of the board. More