Duane Morris TechLaw

October 25, 2011July 18, 2016 by Eric J. Sinrod

Sesame Street Website Hacked with Explicit Videos

Is nothing sacred? Apparently not, as CNN has reported that the YouTube channel for Sesame Street recently was hacked with pornographic content. Indeed, instead of showing material suitable for children, the channel briefly was reprogrammed with sexually explicit videos.

As a result of the porn hack, the Sesame Street channel went offline for a short time. Visitors were informed that there had been “repeated and severe violations of our community guidelines.”

Continue reading “Sesame Street Website Hacked with Explicit Videos”

October 11, 2011July 18, 2016 by Eric J. Sinrod

Foreigners’ Email On Domestic Servers Protected, Ninth Circuit Rules

Foreigners can be protected by the Electronic Communications Privacy Act (ECPA). The parts of the ECPA that prevent ISP’s from revealing electronic communications apply to foreigners when their emails are stored on a domestic server, the Ninth Circuit has ruled.

In Suzlon Energy v. Microsoft, the plaintiff had directed a subpoena to Microsoft seeking the substance of emails between a citizen of India with respect to fraud litigation in Australia. Microsoft did not comply with the subpoena, taking the position that to do so would violate the ECPA. The federal trial court agreed and quashed the subpoena.

Continue reading “Foreigners’ Email On Domestic Servers Protected, Ninth Circuit Rules”

October 6, 2011September 11, 2014 by Sandra A. Jeskie

The Ever Expanding Data Breach Notification Laws…

Just when you thought the state breach notification laws could not get more cumbersome, states continue to amend their breach notification laws in an effort to expand the content and reach of the notice.

Texas Amendment Requires Notification to Affected Residents in All 50 States

Texas recently amended its data breach notification law by expanding the notification requirements to cover affected non-residents. Prior to the amendment, Texas required that entities conducting business in Texas notify residents when sensitive personal information was believed to have been acquired by an unauthorized person. Continue reading “The Ever Expanding Data Breach Notification Laws…”

October 4, 2011July 18, 2016 by Eric J. Sinrod

Ever Feel Like Unplugging From All This Technology

Information technology overload can be a very real thing. Don’t get me wrong – technology is fantastic. Instantaneously were are on top of fast-breaking news developments. And we are in immediate and constant contact with our “friends.”

But sometimes doesn’t it all seem a bit too much?

Do you ever just want to turn off, take a breath and simply observe the real world around you?

Continue reading “Ever Feel Like Unplugging From All This Technology”

September 30, 2011July 18, 2016 by Eric J. Sinrod

Protecting Personal Information In Borders Bankruptcy Proceeding

Borders has long collected personal information from customers and promised that such information would not be disclosed without consent. In light of that and Borders’ current bankruptcy proceedings, the FTC has sent a letter to the consumer privacy ombudsman overseeing the Borders bankruptcy that seeks the protection of customer personal information.

The FTC’s letter appears prompted by its understanding that customer personal information held by Borders is scheduled to be auctioned and thereafter there will be a sale hearing.

Continue reading “Protecting Personal Information In Borders Bankruptcy Proceeding”

August 31, 2011September 11, 2014 by Joseph M. Burton

State Law News (August 2011)

As we head toward the Labor Day Weekend, it is a good time to point out a couple of noteworthy state level legislative developments in the Information Security and Privacy space.

California

On August 22nd the California State Assembly passed SB 914 which amends the California Penal Code to make clear that police must acquire a search warrant in order to search an individual’s cell phone or other portable electronic device incident to the arrest of that individual.

Continue reading “State Law News (August 2011)”

August 17, 2011September 11, 2014 by Joseph M. Burton

Anonymous Educates Us About Security– Again

Another data breach carried out by the “hactivist” group known as “Anonymous” provides an opportunity for businesses to become reacquainted with several important data security concepts. First let’s briefly review the background of the incident.

This time Anonymous hacked the Bay Area Rapid Transit system, commonly known as BART. BART is the second largest public transportation system in Northern California and carries about 40,000 riders a day. Anonymous was able to access and steal personal information on about 2400 BART customers who utilize the myBART website to manage their accounts. The information taken was reported by Anonymous to include system user names and passwords, individual last names, addresses, and telephone numbers.

Continue reading “Anonymous Educates Us About Security– Again”

August 2, 2011September 11, 2014 by Sandra A. Jeskie

Employee Theft of Trade Secrets – Protecting the Family Jewels

One of the most valuable assets of any company is its intellectual property. Although technology has led to great efficiencies, it has also created new exposures for businesses, particularly with respect to the protection of valuable trade secrets. One of the key tools in a litigator’s arsenal in the fight against theft of trade secrets is the Computer Fraud and Abuse Act (CFAA). It prohibits a person from intentionally accessing a computer without authorization or exceeding authorized access to obtain information, perpetrate a fraud, or cause damage. Unfortunately, the issues are not always straightforward. Issues have arisen about the extent to which a business can use the CFAA to protect its information because there are conflicting views among the courts on the meaning of “authorization.”

Continue reading “Employee Theft of Trade Secrets – Protecting the Family Jewels”

July 28, 2011September 11, 2014 by Joseph M. Burton

Important New Banking Security Guidelines

In October 2005 the Federal Financial Institutions Examination Council (FFIEC) issued updated information security guidance for financial institutions offering internet-based financial products and services. The 2005 Guidance discussed the need for financial institutions to (1) utilize effective and well considered risk assessments in order to carefully evaluate the risk to an institution’s data in light of the nature and scope of the data services offered online; and (2) employ customer awareness and education as an effective means of reducing or eliminating risks associated with online banking.

Continue reading “Important New Banking Security Guidelines”

July 21, 2011September 11, 2014 by Joseph M. Burton

Court To Decide Important Privacy Rights Case

In the flurry of activity immediately preceding the close of the United States Supreme Court’s term in June, the court accepted Cert on what could be a pivotal 4th Amendment privacy case: United States v. Jones. Jones presents the court with the opportunity to define the extent to which a person has an expectation of privacy with regard to their movements.

First the salient facts. Jones was the owner of a D.C. night club which was under federal investigation for suspected drug trafficking. At the conclusion of the investigation, Jones and the club’s Manager, Lawrence Maynard, were indicted for conspiracy to possess and distribute cocaine. They were tried jointly and convicted.

Continue reading “Court To Decide Important Privacy Rights Case”