In the wake of several executive orders on immigration, ICE—the federal agency responsible for enforcing the nation’s immigration laws—has ramped up enforcement activities. As a result, local public school districts and health care providers in Massachusetts have asked the Attorney General about their rights and obligations with respect to the undocumented students and patients they serve. On May 22, 2017, the AG issued comprehensive guidance to answer their questions.… More
Emmanuel Macron won France’s presidential election in a landslide. He defeated his opponent, Marine Le Pen, by more than thirty percentage points. Such a high margin might lead one to think that his victory was inevitable. But on the eve of the election, it did not seem that way.
On the Friday before the Sunday election, hackers released a trove of documents they had stolen from the Macron campaign.… More
Unmanned aerial vehicles, or “drones,” as they’re commonly called, touch on numerous hot-button cybersecurity issues. As devices connected to networks, they are important when considering the “internet of things.” As used by the government, they present surveillance concerns. Over the past decade, they have been increasingly used for military operations — although civilian drones now far outnumber military drones. (The FAA has estimated that by 2020,… More
Recently, the ABA Standing Committee on Ethics and Professional Responsibility issued Formal Opinion 477, which aims to provide guidance and clarity to lawyers as they consider what level of security to give communications with clients. (I was recently interviewed by Massachusetts Lawyers Weekly on this topic, and you can read the full article here; please note that the article is behind a paywall.)
The bottom line? … More
Presented by Foley Hoag LLP and PwC
A data breach is a business crisis. What should you do?
Learn first-hand as Foley Hoag LLP and PwC walk you through the practical and legal aspects of responding to a data security incident. From understanding how to be prepared to thinking through best practices, this webinar is designed to help you get a handle on an emergency that every business must confront.
- Douglas Bloom, Director, Cybersecurity and Forensics, PwC
- Christopher Escobedo Hart, Counsel, Foley Hoag LLP
- Stephen Bychowski, Associate, Foley Hoag LLP
Click here to download a copy of the materials.
The Federal Trade Commission (FTC) has been a critically important regulator of cybersecurity practices in the US, using its authority under Section 5 of the FTC Act to bring enforcement actions against companies for failing to protect their consumers’ private data. This past January, Trump appointed Republican Maureen Ohlhausen as the Commission’s new acting chairwoman. Here’s what you need to know about her approach to data security.… More
The Computer Fraud and Abuse Act, or CFAA, is the federal “anti-hacking” statute (or sometimes referred to as a “computer trespass” statute). In essence, the CFAA prohibits intentional unauthorized access into another computer, when such action directly accesses certain protected information or otherwise causes damage or loss. The CFAA provides for both criminal penalties and civil causes of action. The scope and meaning of access “without authorization”… More
Plaintiffs presenting a claim in federal court must have standing to sue, under Article III of the Constitution (as we have written about in the past). The Second Circuit recently entered an order reminding plaintiffs, defendants, and their attorneys just how difficult overcoming the standing hurdle can be for individuals suing in the wake of a data breach.
In Whalen v.… More
“Will the President sign it?” I asked in a recent post. As if in direct answer, the President issued the order the same day, May 11, 2017. The order is titled Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure, and it appears to be identical to the recently leaked draft.
The order commissions a slew of reports from federal agencies.… More
First, the basic facts about the recent ransomware attack:
- US-CERT has received multiple reports of WannaCry ransomware infections in several countries around the world.
- Ransomware is a type of malicious software that infects a computer and restricts users’ access to it until a ransom is paid to unlock it. Individuals and organizations are discouraged from paying the ransom, as this does not guarantee access will be restored.…