Data Breach

Christopher Hopkins speaks at ASIS International (West Palm Beach) on “Anatomy of a Data Breach Lawsuit”

Thanks to the members of ASIS International Palm Beach #254 for the gracious invitation to speak to about the “Anatomy of a Data Breach Lawsuit.” This was an educational opportunity to discuss the stages of a data breach lawsuit (from the lawyer’s perspective) and how to protect company assets. You …

Data Breach

Accessing Someone Else’s Facebook Account in Florida is a Crime

Relying upon a statute which has been amended twice since 1978, it is a crime in Florida to access someone else’s social media account without their authorization.  This likely happens dozens of times a day in this state, likely as a joke or a prank, which have or could lead …

Conspiracy

Edward Snowden: Humorous & Shocking Findings from the [Partially Redacted] House “HPSCI” Report

The House Permanent Select Committee on Intelligence (HPSCI) released in December 2016 a partially-redacted copy of its September 15, 2016 report on its, “Review of the Unauthorized Disclosures of Former National Security Agency Contractor Edward Snowden” (“House Report”). The House Report describes Snowden in the same tenor and tone that the …

Data Breach

“Don’t Connect Your Phone to Rental Car” mentioned on CBS-Detroit Newsradio 850 Feldman Report

My article, “Don’t Connect Your Phone to Rental Cars” explained how rental cars (and your leased car!) can collect data from your smartphone which creates a vulnerability when the next driver takes the car. The original post was a Business Advocate post at McDonald Hopkins.com, here.  It was also cross-posted …

Data Breach

Can a Court Order Someone to Stay Off Your Website? (Facebook v. Power Ventures says yes)

In Facebook v. Power Ventures, Inc. et al., the Ninth Circuit held that it was a violation of the Computer Fraud and Abuse Act of 1986 for the defendant to continue to access Facebook’s site after receiving a cease and desist letter from Facebook: “a defendant can run afoul of …

4th Amendment

Christopher Hopkins Speaks on Data Breach Law at Florida Atlantic University

Thanks to professor and attorney Larry Buck for inviting me to speak today about Data Breach & Cyber Security Law at Florida Atlantic University. We discussed:  Standing: how the Clapper case was filed too soon, they lost in the Supreme Court, and then three months later it was revealed, beyond their …

Data Breach

This Is What Happens When You Reply To Spam Email

James Veitch is a British writer and comedian. How he ended up on a TED Talk stage with this bit of techo-stand up, I dunno. But he hit it out of the park with “This Is What Happens When You Reply to Spam Email.” I highly recommend. It’s about 9 …

Data Breach

4 lessons from dismissal in Michaels and SuperValu cases

When most people think of data breach lawsuits, they think of large class action cases and settlements like Remijas v. Neiman Marcus and Target. But the vast majority of courts are denying class certification in cyber security cases. Within nearly a week of each other, two federal courts in New …

Data Breach

FTC Fines Company $250k for Falsely Claiming Its Software Provided “Encryption”

The FTC recently announced settlement with Henry Schein Practice Solutions for $250,000 in exchange for resolving the FTC’s claims that Schein falsely advertised that its dental office management software provided encryption. You can read the article, “The Database Software says it is ‘encrypted’… but is it?” here at McDonald Hopkins’ …

Data Breach

South Florida-based Cryptsy Exchange Closed Down by Hackers (& Lawsuit)

If you log onto the once-popular virtual currency exchange, Cryptsy, you can see the virtual version of tumbleweeds blowing through a western town in the form of “volume – 00.00” across the board. On January 14, 2016, the host “Big” Paul Vernor posted this blog post stating that hackers had …

Data Breach

Nine Ways that Companies Get Hacked

This one page article explains the 9 most common ways your clients and companies get hacked — in a single page Palm Beach Bar article. Don’t know a DDOS from a SQL attack? Brute force or a reverse brute force. Read the kama sutra of hacking-for-lawyers, here.

Data Breach

The Government Can Sue Your Company For Negligent Cyber Security

The recent cases of FTC v. Wyndham and In Re TerraComm and YourTel America, we have seen that federal government agencies are pursuing companies who have negligent cybersecurity standards — and the government is winning. In fact, the government need not point to specific statutory violations to win these cybersecurity cases …

Data Breach

20+ Federal Government Agencies’ Standards for Cyber Security

In light of the rulings in FTC v Wyndham and In Re TerraCom and YourTel, it is evident that government agencies are taking the position that they can pursue “common law” cyber security negligence claims rather than relying on standards set by regulation or statute.  At least some of these …

Data Breach

Department of Defense: Interim Rule on CyberSecurity

The Department of Defense has issued an Interim Rule amending the Defense Federal Acquisition Regulation Supplement (DFARS). The specific focus is on new rules  which require contractor reporting on network penetrations. Additionally, this Rule implements DoD policy on the purchase of cloud computing services. The Interim Rule is here. According to …

Data Breach

NIST Draft Practice Guide: Securing Electronic Health Records on Mobile Devices

The National Institute for Standards and Technology issued a “draft” version of a Cybersecurity Practice Guide aimed at doctors, hospitals, and other health care providers. The 82-page Guide discusses how medical providers access patient data remotely and that “the use of mobile devices to store, access and transmit electronic health care …