Tag Archives: privacy

Boston Bar Association’s Inaugural Privacy and Cybersecurity Conference, May 24, 2017

The Boston Bar Association’s inaugural Privacy and Cybersecurity Conference will be held on May 24.  The conference will bring together attorneys from private practice and in-house legal departments to network and discuss key topics and trends in privacy and cybersecurity.  This full-day conference will cover a wide range of topics from data breach response and litigation to compliance and transactional issues. Panelists will discuss new developments in the legal and regulatory landscape,… More

Hey, Alexa – Tell Me About My Privacy Rights!

For internet-of-things watchers, some information to chew on:  several news outlets have reported on a dispute between Amazon and law enforcement investigators in Bentonville, Arkansas.  Arkansas police are investigating an apparent homicide that took place in November 2015, and have charged one suspect with murder.  Searching the house where the crime took place, investigators uncovered an Amazon Echo device, a personal digital assistant that can be activated by voice commands.… More

How Can Yahoo E-Mail Scanning Impact the EU-U.S. Privacy Shield?

Reuters reported earlier this month that, according to three former employees, Yahoo Inc. had “complied with a classified U.S. government demand, scanning hundreds of millions of Yahoo mail accounts at the behest of the NSA or FBI.” Yahoo responded that the article was misleading, but did not deny the scanning had occurred.

The New York Times reported further details about this scanning:  Yahoo had modified a system intended to scan emails for child pornography and spam in order to satisfy a secret court order requiring it to search for messages containing a computer “signature” tied to the communications of a state-sponsored terrorist organization.… More

What to Expect from the EU’s New Network and Information Security Directive

On July 6, 2016, the European Union adopted Directive (EU) 2016/1148, “concerning measures for a high common level of security of network and information systems across the Union,” otherwise known as the Network and Information Security Directive. (A directive, in EU parlance, is an instruction to member states to achieve a particular objective and a general framework for how to do so.  This differs from a regulation, which is immediately binding on all member states.)  Pursuant to this Directive,… More

Which U.S. Businesses Must Comply with EU Data Protection laws?

What the recent Amazon decision tells us

On 28 July 2016, the European Court of Justice rendered a decision in a dispute between an Austrian Consumer Protection organization known as VKI (Verein für Konsumenteninformation) and Amazon EU Sàrl, a subsidiary of Amazon registered in Luxembourg. The main issue in this case is whether Amazon General Conditions were enforceable under Consumer Law; however; one of the questions referred to the European Court was about the territorial scope (Article 4) of the 95/46/EC Directive on Data Protection.… More

Cybersecurity News & Notes – August 8, 2016

In Case You Missed It:  In a sign of the growing importance of cyber operations in warfare, the Obama administration plans to elevate the status of the Pentagon’s Cyber Command.  The U.S. Cyber Command, or USCYBERCOM, was created on June 23, 2009.  Its stated mission is to, among other things, “conduct full spectrum military cyberspace operations” to “ensure US/Allied freedom of action in cyberspace and deny the same to our adversaries.”  Currently,… More

Cybersecurity News and Notes – July 25, 2016

In Case You Missed It: U.S. Major party platforms address cybersecurity.  The two major parties have released their 2016 election platforms, both of which include cybersecurity planks.  The Republican platform’s perspective of cybersecurity is an element of national security and international relations. The platform called for harsh responses to cyber-attacks against American businesses, institutions, and government, applauded the Cybersecurity Information Sharing Act of 2015, and pledged to “explore the possibility of a free market for Cyber-Insurance.” The Democratic platform is largely as a continuation of President Obama’s cybersecurity policies.… More

At Long Last, US-EU Privacy Shield Adopted By EU Member States

Key takeaways:

  • The Privacy Shield will now go into effect.
  • The preliminary start date for companies to be certified under the Privacy Shield is August 1, 2016.
  • Expect more challenges to the Privacy Shield before all is said and done.

The Details:

Following the invalidation of the US-EU Safe Harbor by the European Court of Justice in the Schrems case,… More