Bryan Thompson and Sean B. Hoar of Davis Wright Tremaine LLP provide a status on action – and much inaction on bills at the federal and state level: Congress has moved at a glacial pace in considering data security legislation this year, even as the fallout over major data breaches, including the OPM breach, turned…
Category: Commentaries and Analyses
IE: More than 100 breaches of HSE patient data in past year
Darragh McDonagh and Brian McDonald report: More than 100 data protection breaches involving sensitive personal information held by the Health Service Executive (HSE) occurred over the past year, internal documents indicate. Details of the incidents, which occurred between April 1st, 2014 and April 1st, 2015, have been released under the Freedom of Information Act. Read…
Quinlan revisited: employees who steal personnel records may not necessarily be fired, but at least they may be prosecuted
Keith J. Rosenblatt and David K. Broderick of Littler Mendelson write: Five years ago, in Quinlan v. Curtiss-Wright Corporation, the New Jersey Supreme Court ruled that a trusted employee’s act of stealing and using her employer’s confidential personnel documents in furtherance of her discrimination lawsuit constituted protected activity under the New Jersey Law Against Discrimination (“LAD”).1 On…
UK: Home Office didn’t notify ICO about dozens of breaches last year
Alexander J. Martin reports that the Home Office had 33 data breaches during the last financial year, but did not report any of them to the Information Commissioner’s Office (ICO). The incidents were disclosed in the department’s annual report and accounts 2014-15 (PDF). There’s nothing illegal about the failure to notify the ICO, however. Martin reports: The number…
National Association of Attorneys General: Federal Data Breach Legislation Should Not Preempt States
The National Association of Attorneys General (NAAG) sent a letter today to congressional leaders urging them to ensure that federal data breach legislation preserves states’ ability to enforce state laws in order to protect consumers from data breaches and identity theft. Most of the federal bills related to data security and data breach notification pending…
GhostShell Returns with a New Hacking Concept – Dark Hacktivism
Ionut Ilascu writes: Breaking into the systems of an organization and accessing files without authorization is regarded as trespassing. The motivation behind this act can be anything from financial gain to proving one’s skills among fellow hackers. No matter the reasons, the success of such an action is most of the times due to lack…