Does Accidental Listening by Smart Speakers Raise Compliance Concerns?

That sixth sense you have that someone is listening – could it be your smart speaker?  There’s a chance the answer is yes, even when you don’t ask it to.  A new study from Northeastern University finds that smart speakers often accidentally activate and record conversations, although just how often (sometimes as often as 19 times a day) and for how long (sometimes recording for 43 seconds) depends on the device. … More

Proposed South Carolina Biometric Legislation Could Break New Ground

Over two years ago, in our annual year in preview series, we noted that while only three states had passed laws specifically dealing with the protection of biometric information, other states were considering following their lead.  But even as biometric technology has continued to advance, state legislatures have remained cautious about enacting privacy legislation directed specifically at the protection of biometric information.  As of now,… More

Ambient Intelligence: Where AI and IoT Meet

There is an excellent introduction to the concept of ambient intelligence and its uses in healthcare in this week’s New England Journal of Medicine:

“Ambient intelligence in hospitals is an emerging form of technology characterized by a constant awareness of activity in designated physical spaces and of the use of that awareness to assist health care workers such as physicians and nurses in delivering quality care.… More

Partner Colin Zick Discusses What to Do When the EHR Goes Down with For The Record Magazine

When an electronic health record (EHR) is unavailable, health care organizations should have a plan of action ready to go. Partner Colin Zick tells For The Record Magazine that organizations should assume their EHR will go down at some point, necessitating a plan be in place. Quick, precise detection and an appropriate communication plan can reduce the effects of system downtime, he says, adding that practice runs are a must.… More

Experts Anticipate Iran’s Next Move Will Include Cyberattacks on U.S. Energy Infrastructure

Security experts nationwide warn that the United States should expect serious cyberattacks from Iran in the next few months. The anticipated attacks, retaliation for United States’ killing of Major General Qasem Soleimani, are likely to include as targets oil refineries and other energy infrastructure.  The specific targets, and whether the attacks will be state-sponsored and strategic or carried out by individuals or smaller groups, remain unknown.

One reason underlying the likelihood that Iran will ramp up its cyberattacks is that,… More

Cybersecurity 2020 – The Year in Preview: New Guidance Continues to Clarify GDPR’s Scope

Editors’ Note:  This is the sixth in our fourth-annual end-of-year series examining important trends in data privacy and cybersecurity in the coming year.  Our previous entry discussed the CCPAenergy, Brexit, health care regulation, and state enforcement trends.

The European Union’s General Data Protection Regulation is possibly the world’s most burdensome data protection scheme.… More

A Spate of Legislative Action Portends a Busy Year in Privacy and Security

The new decade has barely begun, and the world of privacy already seems set to change quickly.  Here is a brief overview:

New Laws In Effect as of January 1

On January 1, 2020, new data breach notification requirements went into effect in three states:  Texas, Oregon, and Illinois.  Each law has a unique twist on privacy-related notifications (and thus places additional burdens on businesses):

  • Texas places a definite time limit on notifying individuals after a breach occurs:  60 days (and not “as quickly as possible”).…
  • More

Cybersecurity 2020 — The Year in Preview: Top 3 State AG Trends to Watch in 2020

Editors’ Note:  This is the fifth in our fourth-annual end-of-year series examining important trends in data privacy and cybersecurity in the coming year.  Our previous entry discussed the CCPAenergy, Brexit, and health privacy.  Next up:  trends in GDPR enforcement.

Out of all governmental agencies, state attorneys general are likely to have the greatest impact on privacy enforcement in 2020 for the average business. … More

US Security Officials Warning of Cyber Attacks in Wake of Iran Strike

On January 4, 2020, the US Department of Homeland Security posted at National Terrorism Advisory System Bulletin, in the wake of the killing of a senior Iranian military leader by a US drone.  That DHS advisory states:

The United States designated Iran a “State Sponsor of Terrorism” in 1984 and since then, Iran has actively engaged in or directed an array of violent and deadly acts against the United States and its citizens globally.… More

Presentation: Risk Awareness and Management for Life Science Companies

Foley Hoag partners Colin Zick and Janine Ladislaw joined Licata Risk Advisors for a discussion on how to improve awareness and understanding of a company’s key risk exposures and how to mitigate and insure them. Topics included privacy and data security law, cybersecurity risk threat vectors, preventing IP infringement claims, and more. Click here to download the materials. More