C. Ryan Barber reports that one week after the initial decision by Administrative Law Judge D. Michael Chappell in FTC v. LabMD, Michael Daugherty and LabMD filed a civil suit against three FTC attorneys involved in the case. The suit, which names Carl Settlemyer, Alain Sheer and Ruth Yodaiken as defendants, was filed Friday in U.S. District Court for…
Category: Of Note
Dell: Yes, we shipped laptops, PCs with a nasty web security hole
Chris Williams reports: Dell says it will publish a guide to remove the web security backdoor it installed in its Windows laptops and desktop PCs. This confirms what we all know by now – that Dell was selling computers with a rather embarrassing hole it in their defenses. New models from the XPS, Precision and…
LabMD ruling should be a wake-up call for FTC data security enforcement
For another informed perspective on the impact of the initial decision in FTC v. LabMD, I’d strongly encourage this site’s readers to read Gus Hurwitz’s thought-provoking analysis and commentary on TechPolicyDaily.com. Here’s a snippet: … Judge Chappell had none of the FTC’s argument. “The term ‘likely’,” he tells us, “does not mean that something is merely…
New York Department of Financial Services Previews Rigorous Cybersecurity Rules for Financial Sector
H. Deen Kaplan, Harriet Pearson, Timothy Tobin, and Stephanie Handler write: On November 9, 2015, Anthony Albanese, Acting Superintendent of the New York State Department of Financial Services (NYDFS), issued a letter to a wide array of federal and state financial services regulators that are part of the Financial and Banking Information Infrastructure Committee (FBIIC)….
Starwood Hotels & Resorts reports payment card information breach at 54 properties
Austen Hufford reports: A data breach at Starwood Hotels & Resorts Worldwide Inc. exposed payment card information for some of its North American hotels, the latest cybersecurity incident to sting a U.S. company. Read more on WSJ. A list of the 54 properties affected and the dates of compromise are provided here (pdf). In some…
FTC v. LabMD ruling issued: FTC loses data security enforcement case (Update2)
In a data security enforcement action that some have characterized as a modern version of David vs. Goliath, David won today, and the FTC lost. It was an enforcement action that the FTC never should have commenced, as I’ve argued repeatedly, and today’s loss may actually make future enforcement actions more difficult for them as the standard for demonstrating…