Michael Breslin, Christian Henel, Jon Neiditz, and Gunjan Talati of Kilpatrick Townsend & Stockton LLP write: The United States District Court for the District of Columbia recently endorsed private citizens bringing data breach claims directly against a government contractor where the contractor failed adequately to safeguard the citizens’ personal information. In McDowell v. CGI Federal…
Category: Commentaries and Analyses
U.S. Dept. Of Education Encourages Indiana To Improve Data Security
Claire McInerny reports: The U.S. Department of Education (USED) sent a letter to Superintendent Jennifer McCormick this month outlining problems with the Indiana Department of Education’s security around student data. The state receives grant money from USED for implementing security systems, which opened the state up to an audit. According to the USED letter, the audit’s “objective…
Vendor Breached Your Company Data? Sorry, You’re Still Liable
Rhys Dipshan writes: Call it the summer of vendor security mishaps. In June, a data firm hired by the Republican National Committee inadvertently exposed the personal information of almost 200 million American voters by misconfiguring an Amazon cloud server. A month later, Verizon’s customer service vendor NICE Systems made the same mistake and exposed data…
Hong Kong’s Privacy Commissioner Welcomes the Enactment of the Apology Ordinance
(14 July 2017) The Privacy Commissioner for Personal Data, Hong Kong (“Privacy Commissioner”) Mr Stephen Kai-yi WONG welcomed the passing of the Apology Bill by the Legislative Council yesterday (13 July). Mr Wong said, “The enactment of the Apology Ordinance will generally help to protect persons who wish to make an apology without fear of…
Israeli startup tracks behavior to outsmart hacker bots
Micah Danney reports: You might think of hackers as people sitting at computers, but custom software applications, or bots, can be the ones doing the dirty work. Bots automate the business of hacking, tearing through massive troves of stolen account data, for example, or bombarding website login pages with passwords, probing for hits. Enter Unbotify,…
School District in Maryland Stops Collection of Social Security Numbers
Allen Etzler reports: Frederick County Public Schools (FCPS) is no longer collecting Social Security numbers under the district’s new data security policy. Director of Technology Infrastructure Edward Gardner, who oversaw the development of the new data policy, said the school system would not collect student Social Security numbers “unless explicitly necessary,” and he could not…