The Many Faces of Google’s Arts & Culture App (Except in Illinois and Texas)

Those of our readers who frequent social media may have noticed a newly-popular juxtaposition between selfies and art (or perhaps one should say between selfies and other forms of art)—a feature in the Google Arts & Culture app that matches a user’s selfie to a portrait in Google’s database.

But not every aspiring selfie artist can compare their work with that of the great painters of yesteryear. … More

Settlement Offers Guidance on What “Reasonable” Security Means Under COPPA

The FTC’s COPPA Guidance does an admirable job explaining the basics of what a business needs to do to comply with COPPA, but is vague as to how a business must protect personal information collected from children. The COPPA Guidance requires that a company use “reasonable procedures” to protect such information from unauthorized access or use, but does not explain what “reasonable procedures” means. This is,… More

Recent Federal Legislation Demonstrates Growing Federal Interest in Blockchain for Cybersecurity

Recent federal legislation indicates a growing federal interest in blockchain as a potentially integral technology in cybersecurity systems. This comes on the heels of recent legislation in the New York Assembly also suggesting state level interest in blockchain.

On December 12th, H.R. 2810, the “National Defense Authorization Act for Fiscal Year 2018,” was signed into law. This law was, first and foremost,… More

South Korean Cryptocurrency Exchange Hacked (Again)

As part of our Year in Preview series, we’ve recently covered both international cyberwar and the rise of cryptocurrency.  Just before the holidays, both of these topics collided in a decidedly unpleasant manner.

On December 19, the South Korean cryptocurrency exchange Youbit filed for bankruptcy, disclosing that it had just suffered a hack that made off with about one fifth of the bitcoins stored on its platform. … More

Recent New York Legislation Demonstrates Growing Governmental Interest in the Use of Blockchain for Cybersecurity

Recent legislation in the New York State Assembly reflects a growing governmental interest in blockchain as a  technology in cybersecurity systems.  On November 27, four different bills addressing blockchain technologies were introduced into the New York State Assembly. Most significant among these is Assembly Bill 8793, which would establish a task force to study and report on the potential implementation of blockchain technology in state record keeping,… More

Colin Zick Discusses GDPR Compliance with Enterprise.nxt

With enforcement set to begin in May 2018, organizations around the world must be ready to comply with the European Union’s General Data Protection Regulation (GDPR). Partner Colin Zick discusses 10 things you need to know now with Enterprise.nxt.

Avoid GDPR non-compliance fines with this list of things to consider and plan for before the fast-approaching deadline. Click here to read more.… More

Friday Blog Round-Up

In case you missed it:

  • We wrapped up our “Year in Preview” series with deep dives into international law and cyber warfare, financial institutions and the SEC, and cryptocurrencies and blockchain.  Each of the nine articles in this series is worth reading on its own, and taken together all will give you a broad view into cybersecurity and data privacy trends in the coming year.
  • The Advanced Cyber Security Center released its report on cybersecurity concerns of Massachusetts residents post-Equifax.  (Spoiler:  about 2/3 of respondents say they won’t do business with an entity that’s been breached.)
  • In crytopcurrency news, the Massachusetts Securities Division announced that it’s going to examine Massachusetts entities engaged in initial coin offerings.  Increased ICO enforcement from multiple authorities is an important trend to watch.
  • DHS pledged it would “intervene directly” in cyberattacks against private industry.  Cause for comfort or concern?
  • And an OIG report faults HHS as being rife with cybersecurity vulnerabilities.  Perhaps the old adage is apt:  “Physician, heal thyself.”

Happy holidays!

Cybersecurity 2018 – The Year in Preview: Cryptocurrencies and Blockchain

Editors’ Note:  This is the last in a nine-part end-of-year series examining important trends in data privacy and cybersecurity during the coming year.  Previous installments include analyses of HIPAA complianceemerging security threatsfederal enforcement trendsstate enforcement trends, … More

OIG Report Reveals HHS Cybersecurity Vulnerabilities

On December 19, the US Department of Health and Human Services’ (HHS) Office of the Inspector General (OIG) released a report indicating continued cybersecurity vulnerabilities among HHS’ four operating divisions based on FY 2016 penetration testing.  According to the report, OIG “determined that security controls across the four HHS OPDIVs needed improvement to more effectively detect and prevent certain cyberattacks” and “identified configuration management and access control vulnerabilities.”

OIG provided HHS with a restricted “rollup” report of the four operating divisions,… More

DHS Amplifies Call for Public-Private Partnership in Cyberdefense and Pledges to “Intervene Directly”

The worldwide WannaCry attack from May 2017 has been officially blamed on North Korea.  In a press briefing publicly announcing the Administration’s declaration of North Korean culpability, the Department of Homeland Security continued to note the importance of public-private partnership in cyberdefense.  While such collaboration (and desire for collaboration) is not new, the press briefing did appear to call for a newfound emphasis on the need for the government to work together with private companies. … More