Long before votes were cast for the 2016 Presidential election, this blogger discussed how Hillary Clinton’s government-related emails that were sent and received on private servers could become a thorn in her political side.
Because government records must be maintained as government records so, among other reasons, they can be open and available to public review. Indeed, laws like the Freedom of Information Act maintain that to have a vital and truly functioning democracy, those who govern must be accountable to the governed; the workings of government must be transparent pursuant to “sunshine” laws. Sunshine is the best disinfectant when it comes to government affairs. Continue reading Emailgate — Here We Go Again!
The Congressional mid-term elections are coming up. There is ample current discussion about whether the Republicans can hold onto majorities in both the Senate and the House of Representatives. Many Democrats believe that they have a strong chance of taking over as the majority party in the House, and some think that they may even take the Senate majority, but that latter potential achievement will be far more difficult, as many more Democrat Senators are up for reelection than Republican Senators.
If the Democrats take over as the majority party in the House, CNET reports that they plan to urge broad internet privacy protections. Representative Ro Khanna from Silicon Valley has drafted an “Internet Bill of Rights.” At this point, this document is not a bill, but instead puts forward ten principles that Khanna reportedly wants to become part of a comprehensive legislative package that could be considered by Congress in 2019. Continue reading Politicians Seek Greater Online Consumer Privacy Protections
Long ago in internet time, email was hip and was the next big thing. No longer did we have to shove paper into fax machines to send relatively quick communications, nor did we have to wait for the paper to spit out from such noisy machines when receiving fast-breaking information. Instead, in paperless fashion, we could send and receive emails right from our own computers, and then laptops, tablets, and phones.
But technology continues to evolve. And as internet time went by, email no longer was cool, and by some was considered to be a dinosaur. Why? Because along came texts and the vast assortment of social media means of communication, like instant messaging, Snapchat, WhatsApp messages, Facebook posts, Twitter tweets, and the list goes on and on. And there were concerns about email hacks and lack of security. Continue reading Email Is Not Dead; Gmail Rolls Out New Features
All countries are not the same when it comes to online freedom and security issues. This is borne out by recent statistics published by Richard Patterson of Comparitech.
When it comes to the amount of freedom offered by countries on the internet, a scale of 1 to 100 is implemented, with 1 being the absolute best possible, and with 100 being the worst. While the United States comes in with a relatively low score of 18, the US is not ranked the most free. Indeed, both Iceland and Estonia have a very low score of 6, with Canada next at 16, then the US at 18. Other relatively free countries include Germany at 19, Australia at 21, Japan at 22, the UK at 23, and South Africa and Italy both at 25.
Continue reading Internet Freedom and Security Statistics Across Countries
The unprecedented cyberattack on October 21, 2016, which crippled many of the Internet’s most widely trafficked sites, should be a wakeup call for businesses about the potential for hackers to weaponize common Internet-enabled devices and cripple businesses.
The cyberattack was caused in part by malware directed to more than 10 million Internet-connected devices, including DVRs, thermostats and closed-circuit video cameras. It caused a distributed denial-of-service attack (i.e., service interruption) that hit in three waves. Dyn, an Internet services company that directs Internet traffic, reported that the attack hit all of its 18 data centers globally. Early reports show that the disruption may be responsible for up to $110 million in lost revenue and sales. Perhaps most troubling is that the group claiming responsibility said the attack is merely a dry run for much larger attacks.
Continue reading What the Recent Cyberattack Means and Ways Businesses Can Protect Themselves
Since the Supreme Court’s decision in Spokeo v. Robins, courts have begun to ratchet back prior decisions on the minimum standard to plead an injury sufficient to establish Article III standing. The recent Eighth Circuit opinion in Braitberg v. Charter Communications adds to the growing number of cases defendants will rely upon to get data breach cases dismissed at the pleadings stage. Braitberg addressed standing in the context of the retention, use, and protection of personally identifiable information. Although the case did not involve a data breach, its holding is however instructive when defending against such cases.
In Braitberg, plaintiff alleged that he was required to provide personally identifiable information to purchase cable services and that the cable provider improperly retained his information long after he cancelled the services in violation of the Cable Communications Policy Act (“CCPA”).
Prior to Spokeo, such claims would have been sufficient to establish Article III standing because the Eighth Circuit permitted the actual injury requirement to be satisfied solely by pleading that there was an invasion of a legal right that Congress created. The Supreme Court in Spokeo held that Article III standing requires a “concrete injury” even in the context of a statutory violation.
With the benefit of Spokeo’s guidance, the Eighth Circuit acknowledged that Spokeo superseded its prior precedent. Accordingly, the panel affirmed the district court’s dismissal of the complaint for lack of Article III standing and failure to state a claim. In doing so, the panel rejected arguments that CCPA created standing to sue where the defendant merely retained the data in violation of the statute with no other injury. It further rejected an economic argument that retention of the data deprived plaintiff of the full value of the services received from the company.
This decision is important for two reasons. First, the Eighth Circuit further narrowed the scope of allegations that will give rise to Article III standing in a post-Spokeo world. Second, in denying the economic argument, the court cut off an alternative avenue by which plaintiffs have successfully alleged harm.
It probably is fair to say that most of us are glued to our computers for a large part of each and every day. Accordingly, how can we improve our computer experience? A good start is to follow eight fairly simple tips, among a variety of other tips that also could be considered.
First, make sure periodically to restart your computer. A restart can cure computer sluggishness. We all have a need for speed, so reboot!
The second tip is not use your keyboard as a plate. You accidentally could spill something that could destroy your computer. Also, computer keyboards host all sorts of bacteria and thus are not sanitary. So, don’t compute where you eat! Continue reading How to Improve Your Computer Experience
Ransomware attacks are on the rise and expected to reach epidemic proportions. The most publicized attack took place this year at the Hollywood Presbyterian Medical Center when it was forced to declare an “internal emergency” after a ransomware attack locked down its systems. Businesses that are viewed as offering a combination of valuable data and weak security may be seen as attractive to attackers. Some attackers have strictly financial motivations while others may simply be in it for “the data.”
According to Cisco’s Midyear Cybersecurity Report, email and malicious advertising are the primary ways ransomware infiltrates a system. Businesses often pay the ransom but even when paid, files may be lost or altered in ways that could be devastating to the business.
Cisco reports that companies entering into M&A deals often do not conduct enough due diligence on the risk posture of the acquired business and realize their shortcomings after the deal is done, when it is too late to remediate problems or when it’s harder to do so because the networks are intertwined.
What can you do? Robust security is clearly the first step to prevent attacks and that begins with the creation of a comprehensive privacy and security roadmap that addresses high risk areas, compliance gaps and specific tactics for incident preparedness. It is important to involve experienced counsel at the outset to not only advise on the array of federal and state privacy and cybersecurity laws and help develop the policy but also to direct any security investigation so that consultants can report potential vulnerabilities to outside counsel to protect potentially negative findings from discovery in future litigation.
On September 7th, the Federal Trade Commission will begin its series of seminars on new and emerging technologies with a workshop on ransomware.
Thumb drives, keyboards, and mice, oh my! That’s right, these USB devices now may be the latest “lions, tigers, and bears” to fear in our high-tech world.
According to a recent Reuters article, such USB devices possibly can be compromised to hack into personal computers in a previously unknown form of attack that supposedly can side-step current security precautions.
As reported by Reuters, Karsten Nohl, a chief scientist at SR Labs in Berlin, has stated that hackers potentially can load software onto very small and inexpensive chips that control the functions of USB devices, but which presently do not have “built-in shields” that would prevent tampering with the devices’ operative code.
Continue reading Wait, Now USB Devices May Be Unsafe Too?