Collaborate Disseminate
Claim alleges aerospace company committed fraud under the False Claims Act because it failed to meet information security requirements A California federal court in May permitted a lawsuit to go forward alleging a government contractor’s failure to ad… Continue reading Court Allows Cybersecurity Fraud Case Under Federal False Claims Act
Do CEOs and Boards have any idea what the company’s cybersecurity status is? Cybersecurity and privacy compliance should be a top priority of the Board of Directors and senior management of any publicly traded company, right? Not so fast, kemo sabe. The problem is, everyone thinks that their problems, their issues, their topics should be…
The post Security status unknown appeared first on SecurityCurrent.
On Feb. 7, the German Bundeskartellamt (the Federal Cartel Office)—the equivalent to the U.S. Department of Justice’s Antitrust Division—ordered Facebook to change the way it does business, at least in Germany. The order noted that Facebook was a domi… Continue reading Germany Orders Facebook to Stop Collecting Non-Facebook Data (and Why it Doesn’t Matter)
A federal court has ruled that suspects can’t be forced to provide a biometric key to unlock their digital devices during an investigation. When two individuals were involved in a Facebook sextortion case, threatening to release an embarrassing … Continue reading Biometrics: Giving the Government the Finger
On Nov. 21, the Pennsylvania Supreme Court ruled in a class action lawsuit filed against the University of Pittsburgh Medical Center by some of its employees following a data breach that exposed their personal and financial records. The court found th… Continue reading Are Companies Obligated to Protect Employee Data? Court Says Yes
In the wake of the attacks on Sept. 11, 2001, Congress enacted the SAFETY Act, which, among other things, encouraged the development of new “anti-terrorism” technologies by giving those developers immunity from civil liability if their approved techno… Continue reading SAFETY Act: A Safety Net for Companies Using ‘Terrorism Certified’ Technologies
In August, the FBI in Columbus, Ohio, executed a search warrant on a suspect, Grant Michalski, for evidence related to possession of child pornography. No big deal—happens all the time. What was unusual was what that warrant permitted. A subsequent wa… Continue reading Face Off: When Biometrics, Technology and the Law Collide
Almost all of computer law (and there really is no such thing as computer law) is the placing of old wine into new bottles. For example, how do you “trespass” when there is no physical space? Is a userid and password a key or an ID? Is there a legal d… Continue reading Let’s Get Physical – Online vs. In Real Life Law
Privacy and data security are inexorably intertwined. While you can violate privacy in a secure manner, you can’t protect privacy without security. And you can’t understand privacy unless you understand basic security concepts such as auth… Continue reading Life (Insurance) and Privacy
It is a common and accepted practice for entities to collect, store, process and analyze log data. This log data includes the IP addresses of every person (computer) that accessed or attempted to access the network, the website or the process. These l… Continue reading Is it Unlawful to Collect or Store TCP/IP Log Data for Security Purposes?