Emerging Markets Law

Showing 3 posts from February 2017.

FTC Suing Router Company Without Underlying Data Loss

The new Administration may stand for regulatory rollback in many areas, but consumer privacy is (so far) not one. Trump's Federal Trade Commission (FTC) is pursuing a router manufacturer whose equipment hasn't caused any consumer harm yet: no data leaks, no identity fraud, no damages. Companies hoping to escape scrutiny under a relaxed privacy watchdog should consider themselves on notice. 

As a best practice, it is a good idea to review your privacy policies and the marketing of your services or goods. Any claims you make about security and privacy of consumer data are fair game for scrutiny and investigation. The FTC so far has been unchecked by the courts, and this router case signals that the agency intends to continue vigorous enforcementeven under an anti-regulatory President.

Continue reading FTC Suing Router Company Without Underlying Data Loss ›

Payroll and Email Do Not Mix

Tax season brings with it many headaches. For the last couple of years, W2-related phishing scams have been among them. Cyberthieves may send email to HR or financial personnel that looks like it comes from a senior executive. The email may ask for copies of W2s for all employees. The scam used to be targeted to corporations only, but is now hitting school systems and non-profits as well. 

As part of its cyber risk planning measures, any organization would be well served to have training and policies in place regarding how to respond to emails asking for this kind of information. In addition, no organization should be sending documents such as W2s by unsecured email. 

Employee awareness is one of the biggest and best defenses to this kind of scam: knowing that the company policy is never to send such sensitive information in the clear, no matter who asks, can go a long way to preventing problems. A timely reminder during tax season is a good idea, as is revisiting the organization's cyber plan overall at regular intervals.

Unauthorized Computer Access, Without Service Interruption, May Be Cause for Action

In a case of first impression, the Eleventh Circuit has held that an employer need not show an interruption of service to prove actionable harm under the Computer Fraud and Abuse Act (CFAA) and other federal laws. This is good news for employers and potentially for others who suffer computer intrusions.

Continue reading Unauthorized Computer Access, Without Service Interruption, May Be Cause for Action ›

Stay Connected

Subscribe to blog updates via email