Jennifer Martin, Ashden Fein and Weiss Nusraty write: Last week, the U.S. Department of Justice (“DOJ”) released a voluntary frameworkfor organizations to use in the development of a formal program to receive reports of network, software, and system vulnerabilities, and to disclose vulnerabilities identified in other organizations’ environments. This framework provides private entities a series…
Category: Federal
Senators introduce bill to secure Internet of Things devices; provide some protection for researchers
Zack Whittaker reports: A bipartisan group of senators have introduced legislation aimed at securing internet-connected smart devices, which were at the center of a massive cyberattack that brought down large swathes of the internet last year. The distributed denial-of-service in October lasted for less than a day, but it further fueled concerns about threats posed by…
Hong Kong’s Privacy Commissioner Welcomes the Enactment of the Apology Ordinance
(14 July 2017) The Privacy Commissioner for Personal Data, Hong Kong (“Privacy Commissioner”) Mr Stephen Kai-yi WONG welcomed the passing of the Apology Bill by the Legislative Council yesterday (13 July). Mr Wong said, “The enactment of the Apology Ordinance will generally help to protect persons who wish to make an apology without fear of…
New FTC Policy Would Shield Lawyers, Staff From Personal Liability
C. Ryan Barber reports: The Federal Trade Commission on Wednesday adopted an indemnity policy that will shield lawyers and other staff from any personal liability for enforcement actions that draw a lawsuit and expose them to a monetary judgment. The policy, adopted without public comment, will allow the agency to cover the cost of any…
Judges Question FTC Data Security Standard at LabMD Argument
Jimmy Koo reports: The Federal Trade Commission’s data security enforcement standard came under fire June 22 from a panel of federal appeals court judges ( LabMD, Inc. v. FTC , 11th Cir., No. 16-16270, oral argument 6/21/17 ). As predicted, the level of harm required for the FTC to act was “front and center” during…
The Computer Fraud and Abuse Act Will Need To Wait Another Day In New York’s Commercial Division
Justice Shirley Kornreich recently issued one of the few New York state court decisions that address the Computer Fraud and Abuse Act (“CFAA”). Spec Simple, Inc. v. Designer Pages Online LLC, No. 651860/2015, 2017 BL 160865 (N.Y. Sup. Ct. May 10, 2017). The CFAA criminalizes both accessing a computer without authorization and exceeding authorized access…