The NFL Twitter Hack Shows We Need to Move Past Password Protection

Libraries, professional athletes and the general public can invest significant time developing complex passwords to protect their accounts, but nothing can change the fact that a malicious attacker with an internet connection can hack an account with nothing more than a keyboard. For decades, the public have happily relied on passwords—those unique combinations of letters, numbers and symbols—to protect their online accounts and information. While most know that anything connected to the internet is accessible by anyone on Earth, including the criminal with a keyboard… Continue Reading

Data Breach Lawsuit Raises Specter of the CCPA

It was only a matter of time, but we now have our first lawsuit that references California’s new consumer data protection act, the California Consumer Privacy Act (CCPA), which went into effect on Jan. 1, 2020. The CCPA permits each consumer that can establish a violation of certain provisions of the CCPA to seek damages of up to $750, or actual damages, whichever is greater. As the CCPA hangs over businesses like a Sword of Damocles, it remains to be seen whether it will have… Continue Reading

Department of Defense Releases Cybersecurity Model Certification Required in Contract Bids

The Department of Defense released last week its new Cybersecurity Maturity Model Certification (CMMC), which will require at least some companies bidding on defense contracts to certify that they are compliant with at least the basic level of cybersecurity standards to work on government contracts.  The CMMC is a certification procedure that ensures that contractors have the controls in place to protect sensitive data, including Federal contract information and Controlled Unclassified Information (CUI). The Department of Defense put these measures in place in furtherance of… Continue Reading

Agrisilience

Key Takeaways:
  • Precision agriculture and technological advances in food production and distribution represent countless pathways to potential cyber liabilities in the agribusiness setting
  • The distinct nature of commercial agribusiness and farm operations and insurance present unique data security threat vectors and, therefore, require targeted partnerships to respond to the segment’s business needs
  • Agritech + cyber resilience = agrisilience
Agritech has been broadly defined as the use of technologies and innovations to improve food production and distribution. It is yet another term of art in the… Continue Reading

Countdown to New Year’s Day and the CCPA

The California Consumer Privacy Act (CCPA) becomes effective on January 1, 2020. We are counting down 10 practical measures you can take to begin down the path for CCPA compliance: 10. Determine whether your business must comply with the CCPA.
  • You must comply with the CCPA if:
    • You are a for-profit entity with over $25 million in gross revenues that conducts business in the state of California and collect the personal information of California residents
    • You annually buy, receive for the business’ commercial purposes, sell,
Continue Reading

Applying Discovery Rules to Cybersecurity Investigations

During discovery, corporate entities have long been asked to produce documents from related internal investigations. Most rules of civil procedure now explicitly address such scenarios and are supplemented by extensive caselaw. As litigation in the cybersecurity field becomes more commonplace, a growing body of caselaw has developed to address investigations of cybersecurity incidents. In the high-profile investigation of Facebook and Cambridge Analytica by the Massachusetts attorney general, oral argument on an attempt to compel production of data from Facebook suggests that the same principles applied… Continue Reading

Part 4: Privacy Policy Requirements Under the CCPA

This is our fourth blog post in a multi-part series addressing what insurers need to know about the California Consumer Privacy Act (CCPA). This post focuses on a business’ obligations when it comes to their privacy policy, such as including and disclosing certain information regarding consumers’ rights. While this post does not require any background on the CCPA, if you would like the benefit of our preliminary discussions before diving into this post we invite you to start with Part 1: The California Consumer Privacy Continue Reading

Robocall Legislation Likely to Move Forward for White House Approval

Leaders of the House Energy and Commerce Committee and the Senate Commerce Committee issued a joint statement early November advising that they have reached a deal on anti-robocall legislation which will seek to stave off those pesky robocalls United States consumers receive, often at the most inopportune times. Robocalls have been a growing problem in the U.S., based in large part on their solicitation of the disclosure of personal information to unknown organizations (who are typically based outside of the U.S.), often resulting in identity… Continue Reading

Potential Changes to North Carolina Cybersecurity Law

As we continue to see substantial changes in the area of cybersecurity law across the United States as well as globally, North Carolina has undertaken preliminary steps to expand on its current laws within the state. On April 16, 2019, the North Carolina House of Representatives introduced a bipartisan bill to amend North Carolina’s Identity Theft Protection Act. The bill passed its first reading and was referred to committee. The proposed bill contains numerous changes that will affect how cybersecurity is handled in North… Continue Reading

Landmark Decision on Vehicle Data Privacy Issued by Georgia Supreme Court

In a landmark decision on vehicle data privacy, the Georgia Supreme Court on October 21, 2019 overturned a Georgia Court of Appeals decision that could have made it legal for police to take any data as they wished from private vehicles without a warrant. Mobley v. State.[i] The case arose from a fatal vehicle crash in December 2014, when a man named Victor Mobley collided into a Corvette pulling out from a driveway with two people inside, both of whom died from the crash.… Continue Reading