David Zetoony of Bryan Cave writes: There is no shortage of data-privacy and security laws in the United States. By our count there are now about 300 state and federal statutes. They include breach-notification laws, data-disposal laws, data-safeguard laws, payment card information-protection laws … the list goes on and on. Many of these laws, and…
Category: Commentaries and Analyses
A Computer Security Start-Up Turns the Tables on Hackers
Nicole Perlroth reports: Standing before a crowded room of entrepreneurs and investors at a conference in San Francisco last summer, former Vice President Al Gore described how climate change could be contained, possibly even reversed. Next to take the stage was Kevin Mandia, the founder of Mandiant, a security company acquired by another security company called FireEye,…
Privacy Concerns Arise over Annapolis, Md., Parking Website
Chase Cook reports: Annapolis resident Linda Farrell was excited to use the city’s new online residential parking website. But when she opened the online form, she noticed her web browser telling her the website wasn’t secure. This after asking for her address, vehicle license plate and driver’s license number — information she felt was personal….
Second Circuit Holds Insurers Have Duty to Defend Data Trap Lawsuit
Traub Lieberman Straus & Shrewsberry LLP write: In its recent decision in Nat’l Fire Ins. Co. v. E. Mishan & Sons, Inc., 2016 U.S. App. LEXIS 10151 (2d Cir. June 1, 2016), the United States Court of Appeals for the Second Circuit, applying New York law, had occasion to consider the application of an exclusion…
House Energy And Commerce Committee Reviews Cybersecurity Practices At HHS
King & Spalding write: On May 25, 2016, the House Energy and Commerce Subcommittee on Health held a hearing to examine the Department of Health and Human Services’ (“HHS”) cybersecurity responsibilities. The hearing focused on legislation that would create a new office within HHS, the Office of the Chief Information Security Officer (“CISO”), consolidating information…
ERISA and Cybersecurity
Larry Goldstein of McGuireWoods LLP writes: Employee benefit plan data stored online may include participants’ names and Social Security numbers, account information and protected health information (PHI), all of which are inviting targets for hackers. Highly-publicized data breaches in recent years have called attention to the obligations of benefit plan administrators (typically the employers sponsoring…