Data brokers have been under increased scrutiny lately – from Congress, the press and joined again this week by the Federal Trade Commission, which released a 109-page study of nine data brokers entitled Data Brokers: A Call For Transparency and Accountability (the “Report”). which examined nine data brokers to determine the types and scope of personal information data collected. What […]
FTC Slaps Snapchat Over Privacy Policy & Practices
Recently, the Federal Trade Commission snapped at Snapchat over its privacy policy and representations made regarding the company’s mobile application. The FTC’s action has raised some eyebrows. But it has also raised awareness that promises made in a privacy policy matter. What did Snapchat do wrong and what are the key takeaways you should adopt […]
Study Finds Data Breach Costs Have Increased
The anticipated annual release of the Ponemon Institute’s 2014 Cost of Data Breach Study has finally arrived. As yearly readers of the Study know, it provides a snapshot of the different factors that leave an organization susceptible to data breach, the costs associated with a breach in various sectoral industries and details ways to mitigate […]
NIST Releases “Security by Design” Public Draft Guidance
Following on the heels of the National Institute of Standards and Technology‘s (“NIST”) release of the Framework for Improving Critical Infrastructure Cybersecurity (a/k/a the “Cybersecurity Framework” – see our coverage here and here), NIST unveiled yesterday a 123-page initial draft for public comment of Special Publication 800-160, Systems Security Engineering: An Integrated Approach to Building Trustworthy Resilient Systems. […]
Admin judge to FTC: “Put up or shut up”
FTC ordered to submit to testifying about data security standards The ongoing controversial Federal Trade Commission (“FTC”) versus LabMD Inc. enforcement action (Docket No. 9357) took a new twist recently as Chief Administrative Law Judge D. Michael Chappell effectively ordered the FTC to reveal details about what it considers to be the applicable data security […]
White House Big Data Report – An Ink Blot Test
Remember those famous Rorschach ink blot tests, where you could see nearly anything in an image? The White House’s recent Big Data report (BIG DATA: Seizing Opportunities, Preserving Values, the “Report”), which examines how Big Data is and will be expected to be used, strikes us as rather like one of those ink blots – […]
Public Agencies’ BYOD Challenges – FedTechMagazine
BYOD programs in public agencies lag behind their private industry counterparts, but the trend is clear – usage is increasing. Sm@rtEdgeLaw Attorney Richard Santalesa notes in the Spring Issue of FedTech Magazine that “public agencies face many of the same BYOD challenges as private firms, including maintaining employee privacy, securing data on lost and stolen […]
SEC Issues Cybersecurity Risk Alert
Building on its stated goals for 2014, the U.S. Securities and Exchange Commission (“SEC“) recently issued a Cybersecurity Risk Alert through its Office of Compliance Inspections and Examinations (“OCIE“) that provides important additional information regarding the SEC’s ongoing initiative to assess cybersecurity preparedness in the financial and securities industry subject to its jurisdiction. As we […]
Then there were 47… Kentucky enacts data breach statute
Since 2010 the number of states with data breach notification statutes was stalled at 46. No longer. Kentucky is now the 47th state to enact a data breach notification statute, effective July 14, 2014. Kentucky’s new data breach notification statute, appearing in Ken. Rev. Stat. Chapter 365 (as amended by H.B. 232 on April 10, […]
Update: Registration Open for ABA Privacy and Social Media Webinar – May 7th
Sm@rtEdgeLaw Group™ will be discussing “Privacy and Social Media” in an upcoming American Bar Association webinar May 7th with colleagues at other firms and organizations. Social media is everywhere. Join this webinar for an update on the latest social media legal issues and challenges. Attorney CLE credit available. Register at http://apps.americanbar.org/cle/program//t14pvm1.html?sc_cid=CET4PVM-A Program Description: Program Description: Social media […]
PayPal Provides a Reminder: Keep Tabs on Policy Changes
With PayPal’s recent changes to its User Agreement, Privacy Policy and PayPal Here Agreement, users should take note of several important service revisions – and the changes provide a good reminder to pay attention to those ubiquitous “our policies have changed” notices we all receive. While PayPal’s updates restate current policy they also announce […]
Long awaited decision in FTC v. Wyndham Issued. FTC wins.
BREAKING: The long awaited decision in the ongoing FTC v. Wyndham Worldwide Corp federal district court case in New Jersey was issued last today by District Judge Salas. In brief Wyndham lost all three of its arguments presented and J. Salas denied its Motion to Dismiss. We’re reviewing the entire 42-page decision, available here, for […]
Procurement Takeaways of the Intersection of Cloud Computing and Mobility
The National Institute of Standards and Technology (“NIST”) held a two and a half day workshop last week, March 25-27, entitled The Intersection of Cloud and Mobility, to brainstorm on the issues, problems and realities of a world where “low-end mobile devices access diverse and scalable cloud computing resources and globally connected mobile enabled resources […]
How secure is your mobile app? Or the ones your employees use?
A new update from the Federal Trade Commission (“FTC”) highlights that mobile apps remain a key security weakness. In connection with its recent investigation of mobile apps from Fandango and Credit Karma, the FTC has warned consumers that app developers (even those with the best of intentions) continue to drop the ball in ensuring security […]
Upcoming Webinar April 17 – “Data Breach Aftermaths”
Join us for our April 17 webinar, Data Breach Aftermath: Next Steps To Clean Up The Mess, hosted by the National Constitution Center, with details, registration and agenda information available here. Data Breaches have unfortunately become near daily occurrences, with news reports – like those covering Target’s recent mammoth breach – sending chills up the […]