Among the consequences of a data breach for an organization is the risk of personal liability for board members. Besides the prevention measures that can/must be taken to avoid hacking, directors and management should invest in training, procedures, detection, and response. Going in the specific, the following can help directors in case their company suffers […]
Francesca Giannoni-Crystal & Allyson Haynes Stuart have just published in the Information law Journal an article dealing with privacy and data protection in the IoT. The article deals with recent developments in the IoT sector, highlights the difficulty of giving a definition of the IoT, and discuss the most important authorities (on the two side of the Atlantic) […]
A ransomware attack forced the shutdown of MedStar Health computers and email systems on March 29, The Washington Post reported. Nurses contended that the shutdown affected treatment and created patient safety issues. The records and email systems were shut down after employees reported seeing pop-up messages on their screens demanding payment in bitcoin in exchange for […]
Read about the privacy challenges of the Internet-of-Things (IoT) (or Internet of Everything) and the EU specific data protection issues in a few slides. Here: EU data protection issues in IoT For more information, Francesca Giannoni-Crystal.
A California federal court held that sanctions for spoliation are proper when a party consciously disregards its obligations to preserve relevant evidence (and in particular did not make sure that the documents were irretrievable before discarding the device allegedly destroyed by a power surge) and as result the other side is deprived of the documents […]
As anticipated the Article 29 Working Party (often known as WP29), a group of the EU’s data protection regulators met in Brussels today to discuss the European Commission’s Privacy Shield scheme, the proposed replacement for Safe Harbor. As we had anticipated in our earlier alerts WP29 decided that in their view Privacy Shield does not […]
After the October 6, 2015, European Court of Justice’s annulment of the Safe Harbor decision of adequacy (Maximilian Schrems v. Data Protection Commissioner), the European Data Protection Authorities (DPAs) gave businesses until January 31, 2016, for the start of enforcement of the Schrems’ decision (see here). The Safe Harbor Scheme had been used for almost 15 years as […]
Travelers Property Casualty Co. of America v. Federal Recovery Services, Inc., 103 F. Supp. 3d 1297 (D. Utah 2015), was a declaratory judgment action in which the court found that the defendant’s cyber insurance policy did not provide either coverage or defense of claims brought against it. Federal Recovery provided various electronic data services to […]
Internet-of-Things (IoT) (or internet-of-everything as it is often interchangeably called-) is a buzzword and it is all over. At present, the news is more technological than legal. Nonetheless, the IoT triggers some worrisome legal issues, among which data collection, data security, and invasion of privacy are among the most compelling. Actually, these issues are imposing because […]
Four years after Da Silva Moorev. Publicis Groupe., 287 F.R.D. 182 (S.D.N.Y. 2012), laid the foundation for use of predictive coding or technology assisted review (TAR) in electronic discovery, Judge Peck has issued a new opinion dealing with predictive coding. In this fraud case, he stressed that it is “inappropriate to hold TAR to a […]