Nick Ackerman of Dorsey & Whitney LLP has a nice write-up on a Maryland court decision that although it doesn’t deal with PII, does deal with whether an employee can be found guilty of “unauthorized access:” A federal district court in Maryland held that an employee who stole proprietary data from his prior employer did not…
Category: Commentaries and Analyses
Designing an Insecure Internet
Julian Sanchez also responds to the morning’s biggest story: If there were any doubt that the 90s are back in style, witness the Obama administration’s attempt to reignite the Crypto Wars by seeking legislation that would force Internet services to redesign their networks and products to provide a centralized mechanism for decrypting user communications. It cannot be stressed…
Lessons From A Security Breach
Ed Sperling writes: In late July Kern Medical Center’s information system came to a grinding halt. The hospital believed it had the standard security systems in place to protect its medical records. But for 16 long days that stretched into August, the hospital struggled to get its systems operational and isolate the problem from its…
The PCI Lessons From Google’s Employee Data Breach
Walter Conway writes: When Google this month fired a programmer for using the search giant’s database to investigate an intriguing teenager, it showed that even the most sophisticated and respected technology brands can have a trusted employee go rogue. This lesson should not be lost on retail executives, who may rely on several third-party service…
Changes urged for Data Security and Breach Notification Act of 2010
Eric Chabrow reports on BankInfoSecurity.com that a number of witnesses testifying yesterday during the Senate hearing on the Data Security and Breach Notification Act of 2010 urged Congress to exempt groups when breach notification is already mandated by other laws. Of course, their arguments make a certain amount of sense — except for the fact…
“Damages” Last Stand – Maine Supreme Court Puts an End to the Hannaford Bros. Breach Suit
Lawyer David Navetta comments on the decision: We have been following the twists and turns of the Hannaford Bros. security breach litigation from the beginning (see here, here,here, here and here). As of yesterday, it looks like the consumer plaintiffs’ case has suffered the “true death” (my friends and colleagues that watch HBO’s “True Blood” will know what I am…