Orin Kerr writes: The U.S. Court of Appeals for the 9th Circuit has handed down a very important decision on the Computer Fraud and Abuse Act, Facebook v. Vachani, which I flagged just last week. For those of us worried about broad readings of the Computer Fraud and Abuse Act, the decision is quite troubling. Its reasoning appears…
Category: Federal
European Parliament Adopts Directive on Security of Network and Information Systems
Hunton & Williams writes: On July 6, 2016, the European Parliament adopted the Directive on Security of Network and Information Systems (the “NIS Directive”), which will come into force in August 2016. EU Member States will have 21 months to transpose the NIS Directive into their national laws. The NIS Directive is part of the…
Password-sharing case divides Ninth Circuit in Nosal II
Orin Kerr writes: The Ninth Circuit has handed down United States v. Nosal (“Nosal II“), a case on the scope of the Computer Fraud and Abuse Act that I blogged about here and here. The court held 2-1 that former employees of a company who had their company accounts revoked violated the CFAA when they subsequently…
Circuit Upholds Nosal Conviction in Key CFAA Decision
Ross Todd reports: Ruling in a case that tested the boundaries of the Computer Fraud and Abuse Act, a divided panel of the U.S. Court of Appeals for the Ninth Circuit on Tuesday upheld the conviction of former Korn/Ferry International recruiter David Nosal. Circuit Judge M. Margaret McKeown found that Nosal had knowingly and intentionally…
ERISA and Cybersecurity
Larry Goldstein of McGuireWoods LLP writes: Employee benefit plan data stored online may include participants’ names and Social Security numbers, account information and protected health information (PHI), all of which are inviting targets for hackers. Highly-publicized data breaches in recent years have called attention to the obligations of benefit plan administrators (typically the employers sponsoring…
Retailers fight to silence customer data breaches
Violet Blue reports: A consortium of retailers, including Target and Home Depot, vowed to fight a data breach notification bill. The bill, HR 2205 from Reps. Randy Neugebauer (R-Texas) and John Carney (D-Del.), would require companies to tell customers when they’ve been hacked and would also require the encryption of data in both storage and transit. It would…