Shades of Spokeo. The Court of Appeals for the Ninth Circuit affirmed the dismissal of Bassett v. ABM Parking over the display of a full credit card number on a parking lot receipt: The panel affirmed the district court’s dismissal due to lack of standing in a putative class action alleging a violation of the…
Category: Commentaries and Analyses
Arkansas Man Sentenced to Prison for Developing and Distributing Prolific Malware
February 23 – An Arkansas man was sentenced today to 33 months in prison for aiding and abetting computer intrusions by selling malicious software, or “malware,” to individuals who used the malware to steal sensitive information, surreptitiously activate webcams, and conduct other illegal intrusions. Acting Assistant Attorney General John P. Cronan of the Justice Department’s Criminal…
Understanding Data Breaches as National Security Threats
Susan Landau writes: For decades the theft of private individuals’ data has been treated as an annoyance. Activist state attorneys general and the Federal Trade Commission have pursued cases, but U.S. laws fail to treat theft of personal data as a serious crime in itself. The indictment detailing Russian activity during the 2016 presidential campaign…
EDUCAUSE Challenges the US DOE’s Guidance on Data Breach Reporting
Kathleen Dion of Robinson & Cole writes: On January 30, 2018, EDUCAUSE, a higher education technology association, submitted a letter to the U.S. Department of Education describing concerns that it had with the Federal Student Aid (“FSA”) ability to protect federal student financial aid data. EDUCAUSE’s members include IT professionals from over 1,800 colleges and…
Supreme Court Denies Cert in Attias v. CareFirst
Daniel Kagan of Murtha Cullina cuts to the chase: On February 16, 2018, the U.S. Supreme Court denied certiorari to review CareFirst’s appeal of the U.S. Court of Appeals, D.C. Circuit’s decision in Attias v. Carefirst, Inc., 865 F.3d 620 (D.C. Cir. 2017). The D.C. Circuit held that the threat of harm from a data breach…
Higher Ed Users Are Less Susceptible to Phishing Scams
Meghan Bogardus Cortez reports: University end users are pretty good at identifying a scam. Only 10 percent of simulated phishing emails sent to users at education institutions were successful, a new study from Wombat Security Technologies reports. The company monitored tens of millions of simulated phishing attacks sent over the course of a year through…