Assistant Attorney General of the U.S. Department of Justice (DOJ), Antitrust Division, Makan Delrahim recently spoke at the University of Chicago’s Antitrust and Competition Conference and discussed how U.S. antitrust law should treat “big data.” According to Delrahim, antitrust law is “flexible enough to address competition issues from emerging platforms,” including large tech companies like Google and Facebook that possess significant market share within their lines of business and simultaneously aggregate vast sums of personal data from consumers.
Category: Cybersecurity
Ninth Circuit Rules in Travelers Case, Involving Social Engineering Fraud and Cyber Insurance
The 9th U.S. Circuit Court of Appeals affirmed the district court’s ruling in Aqua Star (USA) Corp., vs Travelers Casualty and Surety Company of America. The case involved fraudulent emails purporting to be from the insured’s suppliers directing that the insured direct its payments to a new account purportedly opened by that supplier. Based on that fraudulent communication, the insured transferred $713,890 due its supplier to the fraudulent “new account.”
U.S. Congress Approves CLOUD Act for Data Stored Overseas
On March 23, 2018, Congress passed the “Clarifying Overseas Use of Data Act,” also known as the “CLOUD Act” (H.R. 4943, S. 2383), a new U.S. law that will have a dramatic effect on the United State government’s control over and access to data stored overseas. The CLOUD Act was introduced to the U.S. Senate and House of Representatives on February 6, 2018, as part of a $1.3 trillion omnibus spending bill. The bill passed both houses of Congress on March 23, 2018, and was signed into law by the President the next day.
Continue reading “U.S. Congress Approves CLOUD Act for Data Stored Overseas”
Data Breach Notification Laws Now Enacted in All 50 States
South Dakota and Alabama are the last of the 50 states to have enacted breach notification laws, along with Washington, D.C., Guam, Puerto Rico and the Virgin Islands. South Dakota became the 49th state to enact a data breach notification law when Governor Dennis Daugaard signed Senate Bill 62 into law on March 21. It goes into effect on July 1, 2018. On March 28, 2018, Alabama Governor Kay Ivey signed into law Alabama Senate Bill 318, effective May 1, 2018. Below are the parameters of these new data breach notification laws.
Continue reading “Data Breach Notification Laws Now Enacted in All 50 States”
Attorneys General Call for Congress to Avoid Possible Federal Preemption of State Data Breach and Security Laws
The draft bill, “Data Acquisition and Technology Accountability and Security Act,” has led 32 state attorneys general to release a letter urging Congress to avoid preempting state data breach and data security laws.
On February 16, 2018, Representatives Blaine Luetkemeyer (R-MO) and Carolyn Maloney (D-NY) introduced the draft bill in the House of Representatives, which would establish, (i) sweeping standards for data protection across various industries, (ii) federal post-data breach notification requirements, and (iii) establish a process that covered entities must follow to notify law enforcement, regulators, and victims following different types of data breaches.
Social Engineering Fraud and Cyber Insurance – Are You Covered?
Spoofing and phishing are part of what is known as social engineering fraud. Social engineering fraud is typically a type of computer fraud where an employee is misled into believing he or she is communicating with a vendor and is tricked into sending money due that vendor to the fraudster. Many organizations take proactive measures to protect themselves through enhanced IT measures, employee training and the purchase of computer fraud and other types of cyber insurance.
A recent district court action in Washington illustrates how social engineering works and highlights the importance of understanding the limitations of the types of insurance coverages companies may have. The case is currently on appeal before the 9th U.S. Circuit Court of Appeals.
Continue reading “Social Engineering Fraud and Cyber Insurance – Are You Covered?”