Author: Discerning Data Editorial Board

New Bill Proposes that Americans Should Be Able to Sue Foreign Hackers

Share

The Homeland and Cyber Threat Act (HACT) was introduced in the U.S. House on March 12, 2021. This bill would allow U.S. citizens to sue foreign governments, agents and officials and to collect monetary damages for personal injury, damage or loss of property resulting from a cyberattack with foreign origins.

This bipartisan bill was introduced because cybersecurity activity and cyber incidents continue to rise, leading to increasing concerns of data security. Rep. Bergman, R-MI, a key sponsor of both this bill and a similar bill introduced in 2019, describes HACT as a tool of accountability for foreign states. The other bill sponsors (Reps. Allred, D-TX; Fitzpatrick, R-PA; Herrera Beutler, R-WA; Neguse, D-CO; and Kim, D-NJ) echo this theme of accountability and point to HACT as a way for Americans to “fight back against foreign cyberattacks.”

Continue reading “New Bill Proposes that Americans Should Be Able to Sue Foreign Hackers”

Disruptionware VI: Cyber-Attack against Colonial Pipeline Illustrates Continued Vulnerability of American Energy and Infrastructure Targets

Share

Disruptionware attacks have become increasingly more common over the last few months. Just last month, I wrote about a dangerous disruptionware attack against a Florida Water Treatment Center that could have been a mass casualty event. For more information on these types of attacks, please refer to our posts on different types of disruptionware attacks and how disruptionware attacks work.

Continue reading “Disruptionware VI: Cyber-Attack against Colonial Pipeline Illustrates Continued Vulnerability of American Energy and Infrastructure Targets”

Second Circuit Addresses Critical Issue in Data Breach Class Actions: Article III Standing Based on Allegations of Future Misuse of Personal Data

Share

On April 26, 2021, the Second Circuit Court of Appeals decided the case of McMorris v. Carlos Lopez & Assocs., No. 19-4310, 2021 WL 1603808 (2d Cir. Apr. 26, 2021) and addressed one of the most critical issues in private data breach class actions – whether victims of a data breach can establish Article III standing by alleging they are at an increased risk of identity theft or fraud, even if their personal data has not yet been misused.

Although the district court’s ruling that plaintiffs did not establish standing was upheld, the Second Circuit found that victims of a data breach can establish standing based on a risk of future identity theft or fraud. The court also put forward a three-factor test to determine if standing exists when misuse of plaintiffs’ data has not yet occurred.

Continue reading “Second Circuit Addresses Critical Issue in Data Breach Class Actions: Article III Standing Based on Allegations of Future Misuse of Personal Data”

Faegre Drinker on Law and Technology Podcast: ‘Merging’ Mergers, Acquisitions and Cybersecurity

Share

Due diligence is at the heart of negotiating and finalizing any major deal, and parties’ cybersecurity practices have become a focal point in the M&A due diligence process. In the latest episode of the Faegre Drinker on Law and Technology Podcast, host Jason G. Weiss and guests Paul Luehr and Dori Cain discuss the importance of cybersecurity due diligence in the mergers and acquisitions field, what criteria professionals evaluate in this process, and how “cybersecurity hygiene” can impact the deal-making process. The podcast covers a number of questions, including:

  • What does the cybersecurity due diligence aspect of a merger or acquisition look like? Why is “cyber diligence” so important in the deal-making process?
  • What insights or hard facts are cybersecurity professionals looking for when evaluating cybersecurity at the outset of the mergers and acquisition process? What “cyber hygiene” criteria should be assessed at every step of deal negotiations? Are there any common deal-breakers in this process?

The U.S. in the AI Era: the National Security Commission on Artificial Intelligence Releases Report Detailing Policy Recommendations

Share

On March 1, 2021, the National Security Commission on Artificial Intelligence (NSCAI) released its 700-page Final Report (the “Report”), which presents NSCAI’s recommendations for “winning the AI era” (The Report can be accessed here). This Report issues an urgent warning to President Biden and Congress: if the United States fails to significantly accelerate its understanding and use of AI technology, it will face unprecedented threats to its national security and economic stability. Specifically, the Report cautions that the United States “is not organizing or investing to win the technology competition against a committed competitor, nor is it prepared to defend against AI-enabled threats and rapidly adopt AI applications for national security purposes.”

In the Final Report, NSCAI makes a number of detailed policy recommendations “to advance the development of AI, machine learning, and associated technologies to comprehensively address the national security and defense needs of the United States.” The Report, its findings and recommendations all signal deep concern that the U.S. has underinvested in AI and must play catch-up in order to safeguard its future.

Continue reading “The U.S. in the AI Era: the National Security Commission on Artificial Intelligence Releases Report Detailing Policy Recommendations”

Faegre Drinker on Law and Technology Podcast: A Primer on Cybersecurity Frameworks

Share

ISO, NIST, CMMC — if the alphabet soup of cybersecurity frameworks has you confused, we’ve got you covered. In the latest episode of the Faegre Drinker on Law and Technology Podcast, host Jason G. Weiss chats with guest Jim Watkins, former deputy laboratory director in the FBI’s Orange County Crime Lab and current certified technical assessor for the ANSI National Accreditation Board, about some of the more prominent cybersecurity frameworks, the process of cybersecurity assessments, how compliance issues are addressed, and what’s the difference between self-assessment, self-certification, and accreditation, and how a skilled attorney can make all the difference in getting accredited.

Continue reading “Faegre Drinker on Law and Technology Podcast: A Primer on Cybersecurity Frameworks”

©2024 Faegre Drinker Biddle & Reath LLP. All Rights Reserved. Attorney Advertising.
Privacy Policy