Tag Archives: Spotlight

Law360: “HHS Data-Scrubbing Guidance Backs Strict Privacy Definitions”

Today’s Law360 addresses “HHS Data-Scrubbing Guidance” with quotes from me and others on the subject:

Clarifying the types of data that need to be removed from data sets can also help companies maximize the value of the information that they hold as the value of and ability to use this data for research and public health purposes increases, Foley Hoag LLP security and privacy practice co-chair Colin Zick added.… More

Breaking Down the White House Privacy Framework–a Video Blog

Here is a video discussion I had with LexBlog on the new White House Data Privacy report, “Consumer Data Privacy in a Networked World: A Framework for Protecting Privacy and Promoting Innovation in the Global Digital Economy.” In this conversation, we discussed the report’s four primary elements:

a Consumer Privacy Bill of Rights,
a multistakeholder process to specify how the principles in the Consumer Privacy Bill of Rights apply in particular business contexts,…

Inside Counsel Magazine Revisits SEC’s Cybersecurity Guidance

As we noted back in October, the SEC issued CF Disclosure Guidance: Topic No. 2: Cybersecurity.
This guidance provides the Division of Corporation Finance’s views regarding disclosure obligations relating to cybersecurity risks and cyber incidents.

The most recent issue of Inside Counsel follows up on the latest views on this Guidance, including a quote from me.… More

Most Recent Sony Breach Illustrates the Cascading Effect of Data Breaches

It was revealed recently that Sony’s on-line services were the subject of another significant attack. This incident, however, did not exploit a vulnerability in Sony’s security infrastructure so much as it highlighted the cascading effect of data breaches.

Rather than try to scale any fences or jimmy any windows, this attack used account holders’ own keys to open the front door. According to a statement by Sony,… More

Analysis of the Supreme Court’s Decision Striking Down Vermont Pharmaceutical “Data Mining” Law

As promised in our earlier entry, here is our detailed discussion of the Supreme Court’s decision in Sorrell v IMS Health, Inc.,written by Colin J. Zick, Pat A. Cerundolo, Tad Heuer

On Thursday, June 23, the United States Supreme Court voted 6-3 to strike down a Vermont statute that sought to impose significant restrictions on pharmaceutical detailing and “data mining”… More

Will 2011 Bring Us “Do Not Track” Legislation?

Posted below is another contribution from my colleague David Broadwin on our Emerging Enterprise Center blog about the potential for legislative change in 2011. I agree with the conclusions he draws:

This is an area where bipartisan concensus is possible.
The industry powers will fight against “Do Not Track” and will win that fight.
Industry will accept some other form of regulation in exchange for defeating “Do Not Track.”

We could see passage of a federal data security and privacy statute,… More