Commentaries and Analyses – Page 604

GDPR: potential fines for data security breaches more severe for data controllers than processors, says expert

Posted on May 10, 2016 by Dissent

Have I mentioned recently how much I appreciate columns or posts by lawyers that help educate us non-lawyers? A post in Out-Law.com points out something that is significant for those involved in IT security or advising clients: One of the many changes that the new Regulation will deliver when it comes into force on 25 May 2018 is…

FTC To Study Mobile Device Industry’s Security Update Practices

Posted on May 9, 2016 by Dissent

In order to gain a better understanding of security in the mobile ecosystem, the Federal Trade Commission has issued orders to eight mobile device manufacturers requiring them to provide the agency with information about how they issue security updates to address vulnerabilities in smartphones, tablets, and other mobile devices. The eight companies receiving orders from the FTC…

The Scariest Hack So Far

Posted on May 8, 2016 by Dissent

Jane Brown of Lane Powell PC writes that hackers have upped the ante from the “good old days:” …. A case with espionage, extortion and pseudonyms is a sign of things to come. Wire Swiss GmbH (Wire Swiss) is currently seeking a declaratory judgment and alleges civil extortion against its competitor, Quiet Riddle Ventures…

UK: Employers vicariously liable for data breaches caused by rogue employees

Posted on May 7, 2016 by Dissent

Tim Hickman and Stephen Ravenscroft of White & Case LLP write: In April 2016, the High Court of England and Wales issued its judgment in Axon v Ministry of Defence [2016] EWHC 787 (QB). The court emphasised (albeit obiter) the fact that employers can be liable for data breaches caused by rogue employees (in the present case,…

I never meant harm, says student who hacked Canada Revenue to show vulnerability to Heartbleed virus

Posted on May 7, 2016 by Dissent

There’s an update to the hack of the Canada Revenue Agency, first disclosed in April 2014 and the young man who was charged in the case. Jane Sims reports: A student computer whiz who stole 900 social insurance numbers from the files of the Canada Revenue Agency to demonstrate its online vulnerability pleaded guilty and apologized on…

Patient privacy: Can past lessons prevent future failures?

Posted on May 5, 2016 by Dissent

Niam Yaraghi writes: I talked with key personnel at twenty-two different hospitals, insurers, and business associates that had experienced a breach incident over the last two years. A new report synthesizes the lessons learned from those incidents and highlights the unique vulnerabilities of the health care system to privacy breaches. Read more on Brookings Institute.