Data Protection & Privacy

Subscribe to Data Protection & Privacy RSS Feed

Live Event:  Avoiding Litigation and Navigating Regulatory Challenges Amid Growing Privacy, Cybersecurity and Artificial Intelligence Scrutiny

Join subject matter experts across policy, litigation, and regulation for an engaging discussion around privacy, cybersecurity, and AI.  This live event will be in our Washington DC office and will include perspectives from in-house leaders, a former FBI agent, an incident response forensic expert, world-class public policy experts, and our privacy and cybersecurity professionals.  The … Continue Reading

Supreme Court Restricts the Scope of the Aggravated Identity Fraud Statute

Earlier this month, the Supreme Court of the United States decided Dubin v. United States, No. 22-10, 2023 WL 3872518, at *1 (U.S. June 8, 2023), in favor of the defendant. Justice Sonia Sotomayor wrote the opinion for the Court, which held that 18 U.S.C. § 1028A(a)(1), aggravated identity theft, is violated only when the … Continue Reading

Compliance Risks for Remote and Hybrid Working Models

With the cold and flu season underway and COVID-19 still ever-present, it is a good time to take stock of the potential risks that come with working remotely.  Following the lifting of pandemic restrictions allowing offices to open back up, many companies continued to offer work from home or hybrid arrangements.  It is important for … Continue Reading

DOJ FCPA Unit Officials’ Take on 2022

In an onstage interview at the American Conference Institute’s 39th International Conference on the Foreign Corrupt Practices Act David Last, Chief of the FCPA Unit of Department of Justice, Criminal Division, Fraud Section, and David Fuhr, the Unit’s Assistant Chief, reflected on the year’s most pressing enforcement issues. Acknowledging that 2022 had been difficult for DOJ’s … Continue Reading

Series: How to Respond to the Threat of Trade Secret Loss

The authors would like to thank Nicole Brenner for her contribution to this post. Trade secrets offer companies an invaluable advantage over competitors, but only if the company maintains secrecy and responds promptly to threats. If a company’s success depends on its trade secrets, the protections in place to maintain those secrets will be scrutinized … Continue Reading

Series: Remedies available to companies harmed by industrial espionage

The authors would like to thank Thomas Fogarty and Anya Bharat Ram for their contributions to this post. Section 1832 of the Economic Espionage Act of 1996 (the “Act”) criminalizes the theft of trade secrets “intended for use in interstate or foreign commerce, to the economic benefit of anyone other than the owner.” 18 U.S.C. § 1832(a). … Continue Reading

Series: Types of Industrial Espionage

Industrial espionage refers to various activities performed to gain an unfair competitive advantage, rather than for national security purposes.  As we discussed in a previous article, the ways in which industrial espionage can affect a company are numerous and include theft of trade secrets and disruption to operation. Section 1832 of the Economic Espionage Act … Continue Reading

New Law Requires 72-Hour Notice for Cyber Incidents

We recently shared a timely post on Consumer Privacy World that, given the focus of, we wanted to call to your attention. “President Biden has recently delivered on a long stated priority of his presidency: requiring the disclosure of cyber security incidents for companies that operate critical infrastructure. After announcing an executive order in May … Continue Reading

4 Compliance Tips Amid Increased Ransomware Scrutiny

In light of two new US Treasury Department advisories signaling increased oversight of ransomware payments, victim companies and their third-party response teams considering making payments should follow certain due diligence and compliance best practices, write Colin Jennings, Ericka Johnson, Dylan Yépez and Elizabeth Weil Shaw in an article for Law360.… Continue Reading

Ransomware Payments can lead to Sanctions and Reporting Obligations for Financial Institutions

With cybercrime on the rise, two U.S. Treasury Department components, the Office of Foreign Assets Control (“OFAC”) and the Financial Crimes Enforcement Network (“FinCEN”), issued advisories on one of the most insidious forms of cyberattack – ransomware.… Continue Reading

FinCEN Director Blanco Encourages Increased Communication During Global Pandemic

In remarks to the Association of Certified Anti-Money Laundering Specialists (“ACAMS”), Kenneth A. Blanco, the Director of the U.S. Treasury’s Financial Crimes Enforcement Network (“FinCEN”), covered a number of high-priority topics, including FinCEN’s response to the pandemic, the latest COVID-19 related fraud schemes, emerging cyber threats, virtual currency issues, and important regulatory updates.  A theme … Continue Reading

Executive Responsibilities and Consequences: A Case Study of Uber’s Data Breaches

Every organization is at risk of a data breach, and can learn something from Uber’s data privacy missteps. In an article for Corporate Compliance Insights, Squire Patton Boggs lawyers Colin Jennings, Ericka Johnson, and Dylan Yépez offer key takeaways from the company’s high-profile data breaches and the criminal charges that followed.… Continue Reading

Lying in Wait: Cybercriminals’ COVID-19 Tactic

As business slowly and cautiously reopens, cybercriminals lie in wait.  A case study into a massive unemployment insurance fraud shows that cybercriminals patiently hunt for  lucrative opportunities to strike.  For that reason, companies reopening should consider conducting a cyber-audit to identify their cyber vulnerabilities and thwart cybercriminals lying in wait.… Continue Reading

Threat of Iranian Cyberattack Matters to Your Organization

The ongoing Iran-US tensions, and potential for retaliatory cyberattacks, alert each organization to prepare to defend against a cyberattack. Iran has a history of sophisticated cyberattacks in response to increased tensions. In a new client alert, our Data Privacy & Cybersecurity team recommends a thorough review of your people, facilities, networks, and data procedures in response … Continue Reading

Is Your Data Breach Report Protected?

Responding effectively to a data breach requires an organization to obtain a thorough forensic report about what happened and why.  Yet this report can damage the company further if it becomes public inadvertently.  Members of our cross-practice data protection team discuss how to protect a forensic report under privilege.  The insights of Leah Parsons, Ericka Johnson, and Colin Jennings can be found here.  A related … Continue Reading

Australia Plans to Join U.S. and U.K. in the CLOUD Act

Following its agreement with the United Kingdom, the United States announces formal negotiations are underway with Australia about joining the CLOUD Act. Although also a bi-lateral negotiation, the U.S. talks with Australia strike a more practical tone than those with the U.K.… Continue Reading

U.S. and U.K. Ease Data Collection Across Borders

Saying it will accelerate complex investigations, the United States and the United Kingdom proposed an historic data exchange agreement. In future, each government will be able to obtain electronic data directly from technology companies in the other country. The governments also say this first of its kind agreement will protect privacy and enhance civil liberties.… Continue Reading

Updates on Data Protection in Poland

Data protection in Poland now includes an updated “black list” of operations requiring an impact assessment. Another action announces a controversial decision about privacy of license plate numbers.  In addition, a data breach manual is available. For fuller analysis see Magdalena Gad-Nowak’s article here in the Data Privacy & Cybersecurity blog.… Continue Reading

DOJ Pursues More Electronic Health Records Cases

On May 31, 2019, the U.S. Attorney for the District of Kansas announced a $250,000 settlement with Coffey Health System, after two whistleblowers filed qui tam suit against Coffey for violations of the False Claims Act. The settlement resolved allegations that Coffey submitted false claims to Medicare and Medicaid pursuant to the Electronic Health Records … Continue Reading

Travelers Beware – Compelled to Open Your Phone?

Recent rulings conflict on whether police can force individuals to unlock their smartphones. The result depends upon where you are located, with differing rulings from Massachusetts and California. Further, there is an international dimension, illustrated by a recent decision from Israel. In short, as described below, the traveler must beware.… Continue Reading
LexBlog