Examining the Global Impact of AI + Cyber + Data + Privacy + Law = Business Risk
It often said that the Computer Fraud and Abuse Act (CFAA), 18 U.S.C. § 1030, is an access crime — meaning that it is designed to punish the wrongful access of a device. A recent case out of the Northern District of Texas highlights this point. In Nicole Clarke-Smith v. Business Partners in Healthcare, LLC, 2016 WL …
Continue reading “The CFAA is for Access of a Computer, Not Mere Possession”
Listen to the Podcast / Join the #DtSR Discussion on Twitter Shawn Tuma was a guest the Down the Security Rabbithole podcast where he and hosts Rafal Los (@Wh1t3Rabbit) and Michael Santarcangelo (@Catalyst) discussed recent events in the world of cyber law. For more great #DtSR content, check out the full Down the Security Rabbithole podcast …
Continue reading “Cyber Law Update on #DtSR Podcast with Los, Santarcangelo and Tuma”
Note: this article was previously posted on Norse’s DarkMatters. The problem with laws is that they are usually written by lawyers. The same could be said for proposed amendments to laws, such as those to the Computer Fraud and Abuse Act that President Obama proposed leading up to the 2015 State of the Union Address. The …
Continue reading “Will Changes to the CFAA Deter Hackers?”
Note: this article was previously posted on Norse’s DarkMatters. One of my favorite sayings about cyber risk is “an ounce of prevention is cheaper than the very first day of litigation.” A recent case provides a nice example of exactly what I mean. In this case, an effective BYOD policy could have saved this company …
Continue reading “Can a Company Remotely Wipe an Ex-Employee’s Device?”
Note: this article was previously posted on Norse’s DarkMatters. A Florida middle school student’s prank — with a computer — resulted in his being arrested and charged with felony “hacking.” His crime? He used teacher’s password to login and change the desktop background on the computer. Given all of the rancor that was stirred up …
Continue reading “Middle School Hacker Case Impacts CFAA Reform Debate”
IMPORTANT POINT #1: YOUR BUSINESS MUST HAVE A COMPUTER USE POLICY IN PLACE Computer Use Policies (or Acceptable Use Policies, as they are often referred to) are must haves for today’s businesses. Such policies are a foundational component in how a business creates a culture of security with its workforce by establishing expectations on what are …
Continue reading “3 Important Points on Computer Use Policies”
TAKEAWAYS: If your company intends to limit its employees access to certain information on the company network, (1) make sure appropriate technological restrictions are in place and are working; and (2) make sure there are appropriate policies or other documentation in place to show the employees subjectively knew it was off limits. When an employer …
I have read several blog posts that are stating, as a blanket proposition, that you must prove intent to defraud for CFAA claims. This, they say, comes from the recent Seventh Circuit Court of Appeals case, Fidlar Technologies v. LPS Real Estate Data Solutions, Inc., 2016 WL 258632 (7th Cir. Jan. 21, 2016) (opinion). This is …
Continue reading “Be Careful of Commentary on 7th Cir.’s Fidlar Tech CFAA “Intent to Defraud”Case”
A party who accesses a computer pursuant to a court order authorizing him to seize and access the computer will not be found in violation of the Computer Fraud and Abuse Act if such order is later overturned. “An essential element of a CFAA claim under 10 U.S.C. § 1030 is that the [defendant] accesses a …
As the Cybersecurity Information Sharing Act (CISA) is making its way through the Senate, it has stirred up more controversy with Senator Sheldon Whitehouse’s proposed amendment to the Computer Fraud and Abuse Act (CFAA), that he argues, would give law enforcement more tools to fight hackers. The Amendment would provide for increased sentences (up to …
You must be logged in to post a comment.