Category: Cybersecurity

U.S. Congress Approves CLOUD Act for Data Stored Overseas

Share

On March 23, 2018, Congress passed the “Clarifying Overseas Use of Data Act,” also known as the “CLOUD Act” (H.R. 4943, S. 2383), a new U.S. law that will have a dramatic effect on the United State government’s control over and access to data stored overseas.  The CLOUD Act was introduced to the U.S. Senate and House of Representatives on February 6, 2018, as part of a $1.3 trillion omnibus spending bill.  The bill passed both houses of Congress on March 23, 2018, and was signed into law by the President the next day.

Continue reading “U.S. Congress Approves CLOUD Act for Data Stored Overseas”

Data Breach Notification Laws Now Enacted in All 50 States

Share

South Dakota and Alabama are the last of the 50 states to have enacted breach notification laws, along with Washington, D.C., Guam, Puerto Rico and the Virgin Islands. South Dakota became the 49th state to enact a data breach notification law when Governor Dennis Daugaard signed Senate Bill 62 into law on March 21. It goes into effect on July 1, 2018. On March 28, 2018, Alabama Governor Kay Ivey signed into law Alabama Senate Bill 318, effective May 1, 2018. Below are the parameters of these new data breach notification laws.

Continue reading “Data Breach Notification Laws Now Enacted in All 50 States”

Attorneys General Call for Congress to Avoid Possible Federal Preemption of State Data Breach and Security Laws

Share

The draft bill, “Data Acquisition and Technology Accountability and Security Act,”  has led  32 state attorneys general to release a letter urging Congress to avoid preempting state data breach and data security laws.

On February 16, 2018, Representatives Blaine Luetkemeyer (R-MO) and Carolyn Maloney (D-NY) introduced the  draft bill in the House of Representatives, which would establish, (i) sweeping standards for data protection across various industries, (ii) federal post-data breach notification requirements, and (iii) establish a process that covered entities must follow to notify law enforcement, regulators, and victims following different types of data breaches.

Continue reading “Attorneys General Call for Congress to Avoid Possible Federal Preemption of State Data Breach and Security Laws”

Social Engineering Fraud and Cyber Insurance – Are You Covered?

Share

Spoofing and phishing are part of what is known as social engineering fraud. Social engineering fraud is typically a type of computer fraud where an employee is misled into believing he or she is communicating with a vendor and is tricked into sending money due that vendor to the fraudster. Many organizations take proactive measures to protect themselves through enhanced IT measures, employee training and the purchase of computer fraud and other types of cyber insurance.

A recent district court action in Washington illustrates how social engineering works and highlights the importance of understanding the limitations of the types of insurance coverages companies may have. The case is currently on appeal before the 9th U.S. Circuit Court of Appeals.

Continue reading “Social Engineering Fraud and Cyber Insurance – Are You Covered?”

Enforcement Actions Launched by Securities and Exchange Commission – Heightened Scrutiny of Blockchain and Cryptocurrency Companies

Share

A recent flurry of activity by the Securities and Exchange Commission (SEC) in court, and strong talk on the Hill, gives a clear indication that the U.S. regulatory agency is making a significant push to rein in the current wild-west atmosphere of investments in Blockchain and cryptocurrency companies.

In the wake of the DAO Report issued by the SEC in July 2017, the agency released several Investor Alerts to warn the public of the risks associated with investing in initial coin offerings (ICOs), including an alert to warn investors to be careful about advertisements by celebrities promoting ICOs and other Blockchain-related investments. Moreover, the SEC chairman and his counterpart at the Commodity Futures Trading Commission (CFTC) have recently released statements and op-eds and appeared before the U.S. Senate Banking Committee to elevate the awareness of lawmakers and the public of some of these risks.

Continue reading “Enforcement Actions Launched by Securities and Exchange Commission – Heightened Scrutiny of Blockchain and Cryptocurrency Companies”

DOJ Announces Federal Indictment in Massive Cyberfraud Enterprise

Share

The Department of Justice announced the unsealing of a federal indictment charging 36 individuals for their alleged roles in the Infraud Organization, an Internet-based cybercriminal enterprise that is alleged to have engaged in a large-scale cyberfraud.   The indictment alleges that the enterprise caused more than $530 million in actual losses to consumer, businesses, and financial institutions.

Continue reading “DOJ Announces Federal Indictment in Massive Cyberfraud Enterprise”

©2024 Faegre Drinker Biddle & Reath LLP. All Rights Reserved. Attorney Advertising.
Privacy Policy