Privacy & Cybersecurity

Viewpoints

Filter by:

Welcome to 2017

January 3, 2017 | Blog | By Cynthia Larose

It's likely that 2017 will see still more data breaches and hacking stories, and companies should be looking closely at cybersecurity as a risk management issue, and not as an IT issue (we've been saying that for years ....).

The Definition of Insanity? Wendy’s Shareholders File Derivative Action Based on 2015-16 Data Breach

December 20, 2016 | Blog | By Kevin McGinty

An old saw defines insanity as doing the same thing over and over again and expecting a different result. Wendy’s shareholders recently flouted that maxim by filing a derivative action this week against officers and directors of the fast-food chain seeking recovery on behalf of the corporation for damages arising from a data breach that affected over 1,000 franchise locations between October 2015 and June 2016.

#MLWashingtonCyberWatch: White House Releases Cybersecurity Report Aimed at New Administration

December 14, 2016 | Blog | By Cynthia Larose, Michael Katz

The Obama White House has grappled with cybersecurity more than any administration in history: China’s 2009 hack of Google, the 2015 Office of Personnel Management breach, and the recent investigation of Russian cyberattacks during the 2016 election, to name just a few examples.

WEBINAR: Data Protection Officers: Do you need one?

December 12, 2016 | Blog | By Susan Foster

For the past few months, the Mintz Levin Privacy Webinar Series has focused on the upcoming EU General Data Protection Regulation (GDPR) to help businesses understand the reach and scope of the GDPR and prepare for the potentially game-changing privacy regulation.

A Failed Strategy: Another Derivative Action In A Data Breach Case Goes Down To Defeat

December 2, 2016 | Blog | By Kevin McGinty

An attempt to impose liability on corporate officers and directors for data breach-related losses has once again failed. On November 30, 2016, a federal judge in Atlanta issued a 30 page decision dismissing a shareholder derivative action arising out of the September 2014 theft of customer credit card data from point-of-sale terminals in Home Depot stores.

HIPAA-Regulated Entities: Watch Out for Phishing Scam

December 2, 2016 | Blog | By Cynthia Larose

As we reported earlier this week, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights described a phishing campaign that is attempting to convince recipients of their inclusion in OCR’s Phase 2 audit program.

House Energy & Commerce Committee Holds Hearing on Security of the Internet of Things

December 1, 2016 | Blog | By Cynthia Larose, Michael Katz

The growing scale of cybersecurity concerns is prompting action from government leadership on the federal level.

NIST Issues Internet of Things (IoT) Guidance

November 29, 2016 | Blog | By Michael Katz

Smart machines connected to the internet have become ubiquitous in our daily lives. They make up the Internet of Things (“IoT”), a vast web of interconnected iPhones and Fitbits, tablets and cameras, even baby monitors and implantable medical devices, and all are designed to improve and enrich our lives. 

The Cyber President? What To Expect From the Trump Administration On Cybersecurity And Privacy

November 17, 2016 | Blog | By Cynthia Larose, Christopher Harvie, Susan Foster, Michael Katz

Even president-elect Donald Trump has been the victim of a data breach. Several times actually. The payment card system for his Trump Hotel Collection was infected by malware in May 2014 and 70,000 credit card numbers were compromised by the time the hack was discovered several months later.  

California AG Guidance for the Ed Tech Industry: 6 Recommendations to Protect Student Data Privacy

November 16, 2016 | Blog | By Cynthia Larose

Developers and operators of educational technology services should take note. Just before the election, California Attorney General Kamala Harris provided a document laying out guidance for those providing education technology (“Ed Tech”).

What You Need to Know about the New Broadband Privacy Regulations

October 31, 2016 | Blog | By Christopher Harvie, Ari Moskowitz

As we previewed last week, the Federal Communications Commission (FCC) has adopted new privacy rules that govern Internet service providers' (ISPs) handling of broadband customer information.

How did the Internet of Things allow the latest attack -- on the Internet?

October 28, 2016 | Blog | By Cynthia Larose

Over the last week, details have become available to explain how an attack against a well-known domain name service (DNS) provider occurred. What about the potential legal risks?

FCC Adopts Controversial Broadband Privacy Regs

October 27, 2016 | Blog | By Cynthia Larose

BREAKING NEWS -
The FCC has voted 3-2 along party lines to require internet service providers (ISPs) to get a customer's explicit consent before they can use or share what is termed "sensitive" personal information.

Insurance Regulators Fine Tuning Cybersecurity Guidance

October 25, 2016 | Blog | By Julia Siripurapu, Michael Katz

You may not realize how much personal information your insurance company has about you. Scarier still is that much of this data is sensitive and valuable to hackers – such as your Social Security number, financial information, medical history, even itemized schedules of your most expensive personal property.

3 Guidelines to Maximize Value of Data

October 24, 2016 | Blog | By Cynthia Larose

Imagine you are the CEO of company sitting across from an interviewer. The interviewer asks you the age old question, “So tell me about your company’s strengths and weaknesses?" You start thinking about your competitive advantages that distinguish you from competitors.

Attorney General Kamala D. Harris Provides New Online Tool to Report California Online Privacy Protection Act (CalOPPA) Violations

October 20, 2016 | Blog | By Cynthia Larose

It's time for a compliance check on those website or mobile app privacy policies, before the California Attorney General comes knocking.

WEBINAR: Part 2 in Our EU General Data Protection Regulation Series

October 6, 2016 | Blog | By Cynthia Larose

For the next few months, the Mintz Levin Privacy Webinar Series is focusing on the upcoming EU General Data Protection Regulation (GDPR) to help businesses understand the reach and scope of the GDPR and prepare for the potentially game-changing privacy regulation.

Three Steps to the Right Cloud for Your Business

October 4, 2016 | Blog | By Cynthia Larose

The term “cloud computing,”  -- a process by which remote computers are used to store, manage and process data -- is no longer an unfamiliar term. According to at least one estimate, “approximately 90 percent of businesses using the cloud in some fashion.”

Alleged Wiretap Act and CIPA Violations Held to Satisfy Spokeo Test for Standing in Latest Gmail Privacy Class Action

October 3, 2016 | Blog | By Kevin McGinty

In the wake of the Supreme Court’s decision in Spokeo, Inc. v. Robins, 136 S. Ct. 1540 (2016), lower courts have begun to address whether alleged violations of statutes intended to protect privacy suffice, in the absence of any further alleged injury, to establish Article III standing.

New York Proposes First-Ever Cybersecurity Regulation for Financial Institutions

September 19, 2016 | Blog | By Cynthia Larose, Natalie Prescott

The New York Department of Financial Services recently announced a new proposed rule, which would require financial institutions and insurers to implement strong policies for responding to cyberattacks and data breaches.

Subscribe

Sign up to receive email updates from Mintz.
Subscribe Now

Days Left Until CCPA

Days Left Until CCPACountdown
ccpa-toolkit

California Consumer Privacy Act (CCPA) – Toolkit

Mintz Matrix

The Mintz Matrix

Find data breach notification laws by state

Viewpoint Editors

Explore Other Viewpoints:

I'm Looking For...