FTC Released its Final Report Today on Best Practices for Businesses to Protect Consumer Privacy

Today, the Federal Trade Commission released its final report titled “Protecting Consumer Privacy in an Era of Rapid Change: Recommendations For Businesses and Policymakers.” http://www.ftc.gov/opa/2012/03/privacyframework.shtm

The report details best practices for businesses to protect the privacy of consumers. Recognizing the burden on small businesses, the FTC says that the framework should not apply to companies that collect and do not transfer only non-sensitive data from fewer than 5,000 consumers a year.

Continue reading “FTC Released its Final Report Today on Best Practices for Businesses to Protect Consumer Privacy”

Is Your Company At Risk For A Security Breach?

Business want to know whether they are potential targets for security breaches, and if so, they seek to identify the types of electric records that may be at risk.

The Trustwave 2012 Global Security Report sheds some light on these concerns by identifying top data-security risk areas. Highlights of the report include the following findings:

Continue reading “Is Your Company At Risk For A Security Breach?”

FBI’s Social Media Monitoring Plan Must Balance Privacy, Security

A few weeks ago this blog pointed out that the Department of Homeland Security’s command center regularly monitors social networking sites such as Facebook and Twitter, popular sites like Hulu, controversial sites including WikiLeaks, and news and commentary sites like The Huffington Post and Drudge Report, according to a government document.

Now, there is an indication that the Federal Bureau of Investigation is developing a web application that will have the ability to monitor social media sites like Facebook and Twitter. Such an application supposedly will give the FBI intelligence about potential security threats.

Continue reading “FBI’s Social Media Monitoring Plan Must Balance Privacy, Security”

The Ever Expanding Data Breach Notification Laws…

Just when you thought the state breach notification laws could not get more cumbersome, states continue to amend their breach notification laws in an effort to expand the content and reach of the notice.

Texas Amendment Requires Notification to Affected Residents in All 50 States

Texas recently amended its data breach notification law by expanding the notification requirements to cover affected non-residents. Prior to the amendment, Texas required that entities conducting business in Texas notify residents when sensitive personal information was believed to have been acquired by an unauthorized person. Continue reading “The Ever Expanding Data Breach Notification Laws…”

Anonymous Educates Us About Security– Again

Another data breach carried out by the “hactivist” group known as “Anonymous” provides an opportunity for businesses to become reacquainted with several important data security concepts. First let’s briefly review the background of the incident.

This time Anonymous hacked the Bay Area Rapid Transit system, commonly known as BART. BART is the second largest public transportation system in Northern California and carries about 40,000 riders a day. Anonymous was able to access and steal personal information on about 2400 BART customers who utilize the myBART website to manage their accounts. The information taken was reported by Anonymous to include system user names and passwords, individual last names, addresses, and telephone numbers.

Continue reading “Anonymous Educates Us About Security– Again”

Employee Theft of Trade Secrets – Protecting the Family Jewels

One of the most valuable assets of any company is its intellectual property. Although technology has led to great efficiencies, it has also created new exposures for businesses, particularly with respect to the protection of valuable trade secrets. One of the key tools in a litigator’s arsenal in the fight against theft of trade secrets is the Computer Fraud and Abuse Act (CFAA). It prohibits a person from intentionally accessing a computer without authorization or exceeding authorized access to obtain information, perpetrate a fraud, or cause damage. Unfortunately, the issues are not always straightforward. Issues have arisen about the extent to which a business can use the CFAA to protect its information because there are conflicting views among the courts on the meaning of “authorization.”

Continue reading “Employee Theft of Trade Secrets – Protecting the Family Jewels”

There Is No Genuine Information Without Security

Whether we like it or not, information really is king. This has been true for a while now, but it is even more clearly so now. In one way or another we now depend upon digital information for almost everything: to protect us, feed us, cloth us, entertain us and, most importantly, inform us. Erosion of trust in the integrity of the information that we mutually consume and produce effects us all in ways which may not be immediately harmful, but are none the less detrimental to us collectively. Information is king, but trust is paramount in such a world.

Continue reading “There Is No Genuine Information Without Security”

© 2009- Duane Morris LLP. Duane Morris is a registered service mark of Duane Morris LLP.

The opinions expressed on this blog are those of the author and are not to be construed as legal advice.

Proudly powered by WordPress