Examining the Global Impact of AI + Cyber + Data + Privacy + Law = Business Risk
Note: this article was previously posted on Norse’s DarkMatters. The problem with laws is that they are usually written by lawyers. The same could be said for proposed amendments to laws, such as those to the Computer Fraud and Abuse Act that President Obama proposed leading up to the 2015 State of the Union Address. The …
Continue reading “Will Changes to the CFAA Deter Hackers?”
Note: this article was previously posted on Norse’s DarkMatters. In December 2014, the Court in the Target data breach lawsuits issued a ruling that will impact the future course of data breach litigation (the Order). In the Order, the Court identified multiple distinct data security duties that Target, as well as other companies, owe their …
Continue reading “Three Takeaways from the Target Data Breach Ruling”
Note: this article was previously posted on Norse’s DarkMatters. One of my favorite sayings about cyber risk is “an ounce of prevention is cheaper than the very first day of litigation.” A recent case provides a nice example of exactly what I mean. In this case, an effective BYOD policy could have saved this company …
Continue reading “Can a Company Remotely Wipe an Ex-Employee’s Device?”
Note: this article was previously posted on Norse’s DarkMatters. A Florida middle school student’s prank — with a computer — resulted in his being arrested and charged with felony “hacking.” His crime? He used teacher’s password to login and change the desktop background on the computer. Given all of the rancor that was stirred up …
Continue reading “Middle School Hacker Case Impacts CFAA Reform Debate”
IMPORTANT POINT #1: YOUR BUSINESS MUST HAVE A COMPUTER USE POLICY IN PLACE Computer Use Policies (or Acceptable Use Policies, as they are often referred to) are must haves for today’s businesses. Such policies are a foundational component in how a business creates a culture of security with its workforce by establishing expectations on what are …
Continue reading “3 Important Points on Computer Use Policies”
TAKEAWAYS: If your company intends to limit its employees access to certain information on the company network, (1) make sure appropriate technological restrictions are in place and are working; and (2) make sure there are appropriate policies or other documentation in place to show the employees subjectively knew it was off limits. When an employer …
I have read several blog posts that are stating, as a blanket proposition, that you must prove intent to defraud for CFAA claims. This, they say, comes from the recent Seventh Circuit Court of Appeals case, Fidlar Technologies v. LPS Real Estate Data Solutions, Inc., 2016 WL 258632 (7th Cir. Jan. 21, 2016) (opinion). This is …
Continue reading “Be Careful of Commentary on 7th Cir.’s Fidlar Tech CFAA “Intent to Defraud”Case”
A party who accesses a computer pursuant to a court order authorizing him to seize and access the computer will not be found in violation of the Computer Fraud and Abuse Act if such order is later overturned. “An essential element of a CFAA claim under 10 U.S.C. § 1030 is that the [defendant] accesses a …
Of all the examples of pompous extravagance the legendary rock band Van Halen exemplified, one that has always stood out was the band’s contractual requirement that the dressing room has M&M’s — but warned there were to be no brown M&M’s. If any were there, the band had the right to cancel the concert at the …
Continue reading “What Do Cybersecurity, Brown M&M’s & Credit Ratings Have in Common?”
As the Cybersecurity Information Sharing Act (CISA) is making its way through the Senate, it has stirred up more controversy with Senator Sheldon Whitehouse’s proposed amendment to the Computer Fraud and Abuse Act (CFAA), that he argues, would give law enforcement more tools to fight hackers. The Amendment would provide for increased sentences (up to …
You must be logged in to post a comment.