Category Archives: Internet Privacy

Subscribe to Internet Privacy RSS Feed

GDPR means that EU is now the most powerful regulator of privacy in the world!

The Washington Post article highlighted the importance of GDPR in that it “underscored the extent to which the European Union has emerged as the most powerful regulator of Silicon Valley, stepping in where Washington has failed — or simply been unwilling — to limit some of the United States’ most lucrative and politically influential companies.”  … Continue reading this entry

GDPR will likely lead to more cyber insurance claims!

My friend Judy Greenwald reported at BusinessInsurance.com that AIG expects now that GDPR is in place that more “Companies will be more inclined to report breaches, with the impact on cyber claims similar to that witnessed in the U.S. after state breach notification laws come into effect.”  Judy’s May 24, 2018 report entitled “Security claims … Continue reading this entry

MAY 25, 2018 GDPR Penalties: May be significant and so here are 10 things you should know

My friend Zack Warren  (Editor-in-Chief of Legaltech News) recently wrote at Law.com that “While the maximum penalty of the greater between $20 million or 4 percent of an organization’s annual revenue may not be widely applied, compliance will still be expected for all organizations that touch EU citizens’ data in some way.”  The May 14, … Continue reading this entry

CLOUD Act dramatically changes international privacy laws (and eDiscovery)!

Without any public hearings, review, or public comment Congress created the CLOUD Act which was signed into law as part of the $1.3 trillion government spending bill which changed the 1986 Stored Communications Act (SCA).  The SCA was created to protect privacy in telephone records and with the advent of the Internet has been used … Continue reading this entry

HIPAA Privacy Rules Changes Proposed by OCR!

Healthcareinfosecurity.com reported that OCR (Department of Health and Human Services’ Office for Civil Rights) which is the “HIPAA enforcement agency is planning to seek the public’s input through notices of proposed rulemaking and a request for information before making possible changes.”  The March 28, 2018 article entitled “OCR Considering HIPAA Privacy Rule, Enforcement Changes” included … Continue reading this entry

Mark Zuckerberg requested to testify to Congress about Facebook/Cambridge Analytica Privacy

The Washington Post reported that there was an official request for Mark Zuckerberg to testify at the House Energy and Commerce Committee since the Committee believes the “CEO of Facebook, he is the right witness to provide answers to the American people. We look forward to working with Facebook and Mr. Zuckerberg to determine a … Continue reading this entry

Tax phishing attacks leads to theft of millions of passwords at Office365 (think Microsoft)!

Darkreading.com reported a “new wave of phishing attacks aims to dupe users and steal their passwords by disguising malicious emails as tax-related notifications from the IRS.” The March 2, 2018 report entitled “Millions of Office 365 Accounts Hit with Password Stealers” included these comments: Barracuda Networks last month flagged a “critical alert” when it detected … Continue reading this entry

German Court Ruling against Facebook portends trouble under GDPR!

Law.com reported about “a three-year battle, a regional court in Berlin has found that Facebook’s default privacy settings, terms of service, and requirement that users register under their own name violate Germany’s data privacy and consent rules. “  The article entitled “Facebook Foreshadowing: German Court Underscores Tech’s Uncertain GDPR Future” included these comments about how … Continue reading this entry

Cybersecurity threats targeted at State elections?

The Washington Post wrote an article that “State officials have been scrambling to address vulnerabilities in their systems, particularly since the fall, when the Department of Homeland Security disclosed the attempts on the 21 states. Though it is not believed there were further attacks, experts say Russian operatives may have been laying the groundwork for … Continue reading this entry

GDPR will change world-wide privacy on May 25, 2018: here are 13 key GDPR terms you better know!

DMNews.com reported that GDPR is “a massive piece of legislation and if you want to read all 250+ pages, talk about it with fellow data nerds or marketing professionals, or just comprehend the various articles online, you need to know some of the key terms.”  The January 24, 2018 report entitled “13 Key GDPR Terms … Continue reading this entry

PBS Audio: Privacy does not exist, and no one cares!!

Please tune and listen to my friend Lauren Silverman’s interview on KERA/Think of Professor Randolph Lewis about privacy, or lack thereof since “many types of surveillance are pitched as ways to make us safer, almost no one has examined the unintended consequences of living under constant scrutiny and how it changes the way we think … Continue reading this entry

Will the Supreme Court rely on a 1979 case (think 18,134 Internet years) for Internet/cellphone privacy in 2017?

On November 29th the US Supreme Court will consider the case of US v. Carpenter where “police acquired the data from Carpenter’s wireless carriers without a warrant showing probable cause”  which led to Timothy Carpenter’s conviction that he was  “leading a gang of robbers” and the “prosecution produced cellphone-tower data that tracked the whereabouts of Carpenter’s … Continue reading this entry

Whoa! Did you know that Equifax claims to own your data?

In testimony before the US Senate we hear that “Equifax, and not consumers, that owns all the granular data collected about them, and that consumers cannot request to exit the company’s files.”  The Washington Post’s report on November 8, 2017 entitled “Equifax says it owns all its data about you” started with the comment that … Continue reading this entry

Supreme Court will consider a 1986 law about phone records and how it applies to emails in 2017 outside the US

The New York Times reported that the US Supreme Court will consider a case against Microsoft to “decide whether federal prosecutors can force technology companies to turn over data stored outside the United States.”  In 1986 Congress passed the Stored Communications Act (SCA) to control telephone records long before the Internet we know today, but … Continue reading this entry

GUEST BLOG: Neither Rain, nor Sleet, nor Dark of Night Shall Stay the Application of HIPAA Regulations…

My Guest Blogger Eric Levy is a senior attorney in Gardere’s Trial Practice Group who focuses on HIPAA, PHI, cyber security, PCI compliance, PII, eCommerce, and related complex contract negotiations and litigation. Eric has received the Certified Information Privacy Professional (CIPP-US) designation from the International Association of Privacy Professionals (“IAPP”). It is beyond dispute that Hurricanes … Continue reading this entry

Equifax confessed that it failed to protect personal data of 143+MILLION CUSTOMERS!

The New York Times reported “that hackers had gained access to company data that potentially compromised sensitive information for 143 million American consumers, including Social Security numbers and driver’s license numbers.”  The September 7, 2017 report entitled “Equifax Says Cyberattack May Have Affected 143 Million Customers” included the bad news: Potentially adding to criticism of … Continue reading this entry

US Cyber insurance market exceeds $2.49 Billion!

A report to the Cybersecurity (EX) Task Force explains the growth of cyber insurance to more than $2.49 billion in 2016 because “Cybersecurity breaches can cause a major drain on the U.S. economy”…and in particular “Financial Services Sector is perhaps the most under attack from cyber criminals.”  The August 6, 2017 “Report on the Cybersecurity … Continue reading this entry

Cyber intrusions reporting will ramp up around the world in 2018 under GDPR (think EU Privacy Laws)!

On May 25, 2018 the new General Data Protection Regulation (GDPR) will take effect and according my friend Benjamin Wright who wrote a paper for the SANS Institute GDPR “is motivating organizations worldwide to improve existing technical controls for securing personal information. Organizations should be especially aware that the GDPR and other recent legal developments … Continue reading this entry

Anthem agrees to pay $115 million for 2015 cyber intrusion to settle litigation!

BusinessInsurance.com reported that “Anthem Inc., the largest U.S. health insurance company, has agreed to settle litigation over a hacking in 2015 that compromised about 79 million people’s personal health information for $115 million, which lawyers said would be the largest settlement ever for a data breach.”  The June 26, 2017 report entitled “Anthem to pay … Continue reading this entry

Facebook lied to the EU about privacy & will pay a $122 million fine!

The Washington Post reported that “Facebook was not honest about its ability to identify users who had both Facebook and WhatsApp accounts and link those accounts” during Facebook acquisition in 2014.  The May 18, 2017 report entitled “Facebook will pay $122 million in fines to the E.U.” included these details: When Facebook notified the acquisition … Continue reading this entry

Arizona passes a law recognizing that Blockchain is secure!

CIO from IDG reported that the first state to legalize Blockchain with this description “A record or contract that is secured through blockchain technology is considered to be in an electronic form and to be an electronic record.” The May 4, 2017 article entitled “Is blockchain technology secure for your company’s transactions?” described countries that … Continue reading this entry

IoT Privacy Lawsuit- Bose sued for taking headphone data without consent!

A class action was filed against Bose which alleges that Bose “Unbeknownst to its customers, however, Defendant designed Bose Connect to (i) collect and record the titles of the music and audio files its customers choose to play through their Bose wireless products and (ii) transmit such data along with other personal identifiers to third-parties—including … Continue reading this entry

GUEST BLOG: It’s time to wake up and figure out how GDPR affects you!

My Guest Blogger Eddie Block (CISSP, CIPM, CIPP/G, CISA, CEH) is a senior attorney in Gardere’s Litigation Group and member of the Cybersecurity and Privacy Legal Services Team who focuses on all aspects of information cyber security, including credentialing functions, firewall and IDS deployment and monitoring, and penetration testing, and related complex litigation.  Eddie blogs at JurisHacker. You’ve heard about … Continue reading this entry

HIPAA data risk in IoTs among 10 security risks with Wearables

CSOonline reported that most IoT (Internet of Things) wearable companies that collection personal data “don’t carefully anonymize health-related data have effectively acquired what’s known as electronic Protected Health Information (ePHI), ‘which puts you squarely in the HIPAA world.’” The March 29, 2017 report entitled “10 security risks of wearables” included these 10 security risks, many … Continue reading this entry