Legal marijuana is America’s fastest-growing industry. According to ArcView Market Research, cannabis revenue is expected to exceed $22 billion by 2020—nearly double that of the NFL. This past year, Colorado saw its sales reach over $1 billion. Here in Massachusetts, sales are expected to grow to $900 million within three years. Given the nationwide trend toward legalization (at the time of writing,… More
New Mexico is one of the few remaining states to not have a law requiring companies to notify consumers when their information is part of a data breach. This, however, might change very soon. Last Wednesday, the New Mexico Legislature passed House Bill 15, called the “Data Breach Notification Act,” sending the bill to Governor Susana Martinez for her signature.
Among other things, the act requires companies with personally identifiable information of New Mexico residents to use reasonable security procedures and practices to protect that information. … More
With cyber security threats on the rise, broker dealers must prioritize protection of electronic investor information. What cyber security threats exist for broker dealers? In its 2015 Report on Cyber Security Practices, the Financial Industry Regulatory Authority (FINRA) identified a wide range of actors that may attempt to compromise a broker dealers’ electronic records and functions: (1) cybercriminals seeking to steal; (2) nation states; (3) terrorist groups;… More
Held at the Courtyard Marriott in Boston on May 24 , this full-day conference will cover a wide range of topics from data breach response and litigation to compliance and transactional issues. Panelists will discuss new developments in the legal and regulatory landscape, while providing strategies to effectively prepare and respond to your client’s needs and offer insights into challenges and opportunities ahead.… More
(Part of a continuing series.)
BYOD, or “Bring Your Own Device,” is an umbrella term for policies that employers have concerning your smart phone, tablet, or laptop. Essentially, the questions that BYOD policies seek to answer are these: (1) Who owns your device? (2) Who owns the information on your device? (3) What happens if that information (or the device itself) gets lost or stolen? and (4) What happens to the device and information after you leave the employer?… More
Privacy advocates in both the United States and Europe are urging regulators to take a hard look at the privacy ramifications of internet-connected toys, which are often conventional toys augmented by companion mobile applications.
In December, the privacy advocacy group Electronic Privacy Information Center (EPIC), joined by several other organizations, filed a complaint with the Federal Trade Commission regarding two firms that manufacture, sell, and operate internet-connected dolls. … More
(First in a continuing series.)
Active Cyber Defense, or ACD, is a broad category encompassing different kinds of actions that organizations can take to defend against breaches and cyberattacks. The operative word is “active.” Conventional security against breaches tend to involve anti-virus software, encryption, and other perimeter defenses that act to prevent outsiders from coming in to your organization’s systems. ACD tools are different, and involve anticipating,… More
Law360 recently announced the formation of its 2017 Privacy & Consumer Protection editorial advisory board, which includes partner Colin Zick..
The purpose of the editorial advisory board is to get feedback on Law360’s coverage and to gain insight from experts in the field on how best to shape future coverage.
The beginning of March, and a spell of unseasonably warm weather, graced the Northeast this week. So too did New York’s first-in-the-nation cybersecurity regulations. As we reported here in January, the initial launch of regulations was scuttled in response to industry concerns about scope and the inability to modify internal security measures by the established deadlines. This resistance led New York’s Department of Financial Services (“DFS”) to slightly modify the regulations and delay implementation by one month. … More