Data Law Insights

Data Law Insights

Legal insights on navigating privacy, data protection, cybersecurity, information governance, and e-discovery

Kate M. Growley, CIPP/G, CIPP/US

Subscribe to all posts by Kate M. Growley, CIPP/G, CIPP/US

Economic Espionage: A Real Risk for Universities

Posted in Cybersecurity / Data Security, Data Breach, Government Agencies, Government Contracting, Government Regulations & FISMA, Information Management, Privacy, Public Sectors
The recent arrests of Chinese nationals for alleged economic espionage are raising eyebrows across American industries, who are rightfully asking how they can protect themselves from becoming the next foreign target. U.S. universities have been key figures in these headlines. The risk of economic espionage is a serious one for higher education because universities are… Continue Reading

Three State Data Breach Laws Set to Change This Summer

Posted in Cybersecurity / Data Security, Data Breach, Government Agencies, Government Regulations & FISMA, Information Management, Privacy
With Memorial Day unofficially kicking off summer, those keeping up on recent changes to state data breach laws are eyeing their calendars, as a series of state amendments are due to come into effect.  Beginning on July 1, both Nevada and Wyoming will expand their definitions of personal information.  One month later on August 1,… Continue Reading

Supreme Court to Consider Congressionally-Conferred Privacy Breach Standing

Posted in Data Breach, Government Regulations & FISMA, Information Management, Privacy, Social Media
One year ago, data broker Spokeo, Inc. asked the Supreme Court to reconsider the Ninth Circuit’s revival of a putative class action against it for willfully violating the Fair Credit Reporting Act (“FCRA”) by publishing personal information without notice.  This week, the Court heeded that request, granting certiorari.  In doing so, it has paved the… Continue Reading

Join Us for OOPS 2015! Cybersecurity Risk Management: The View from Washington and Beyond

Posted in Cybersecurity / Data Security, Data Breach, Government Agencies, Government Contracting, Information Management, Internet of Things, Privacy, Public Sectors
Crowell & Moring would like to invite government contractors to ring-side seats for the fight of the year – Congress v. the White House.  This year’s Ounce of Prevention Seminar (OOPS) will focus on the dynamic interplay between the opposite ends of Pennsylvania Avenue and how it will ultimately impact government contractors across the industry.… Continue Reading

The “Sense of the Senate” is Pro-Internet of Things

Posted in Government Agencies, Government Regulations & FISMA, Internet of Things, Privacy
On Monday, the Senate passed Resolution 110, calling for the development of a national strategy that incentivizes and accelerates the country’s use of the “Internet of Things,” or IoT.  The Resolution comes amidst increased attention on the IoT industry, including the first Congressional hearings on the subject in both the House and the Senate.  The… Continue Reading

Cyber Executive Order Continues the Push for Public-Private Partnerships

Posted in Cybersecurity / Data Security, Data Breach, Government Agencies, Government Regulations & FISMA, Information Management, Privacy, Public Sectors
In conjunction with his remarks at the White House Summit on Cybersecurity at Stanford University earlier this month, President Obama signed Executive Order 13691, entitled “Promoting Private Sector Cybersecurity Information Sharing.”  Published in the Federal Register last week, the Order is intended to encourage and facilitate cybersecurity information sharing within the private sector, and also… Continue Reading

Industry Collaborations on Cybersecurity: Protecting Against Antitrust Violations

Posted in Cybersecurity / Data Security, Government Agencies
As we near the one-year anniversary of the now infamous Target breach, more and more companies are coming to grips with the new reality that computer crime is a cost of doing business. Facing mounting pressure from customers and regulators alike, many are scrambling to find new ways to avoid becoming victims. In the most… Continue Reading

Legal Careers in Cybersecurity, Homeland Security, and Privacy: An Evening of Networking and Discussions with the Experts on How They Arrived

Posted in Cybersecurity / Data Security, Government Agencies, Privacy
Hackers, terrorists, and cyber criminals have ignited escalating threats to cybersecurity, homeland defense, and privacy largely unanticipated to the legal profession a generation ago. Today, lawyers must grapple with the intersection of technology, information governance, and law, navigating unprecedented legal challenges and crafting practical solutions on the emerging cyber, homeland, and privacy frontiers. On behalf… Continue Reading

DOJ and FTC Pave the Way for Greater Cyber Information Sharing in the Private Sector

Posted in Cybersecurity / Data Security, Government Agencies
In coordination with Crowell & Moring Antitrust partner David Laing — Evan Wolff, Liz Blumenfeld, and I have recently published an article in the BNA Antitrust & Trade Regulation Report entitled “DOJ and FTC Help Pave the Way For Greater Cyber Information Sharing in the Private Sector.” Our article focuses on the DOJ and FTC’s… Continue Reading

Florida Continues Trend to Strengthen Breach Laws

Posted in Cybersecurity / Data Security, Data Breach, Government Agencies, Government Regulations & FISMA, Public Sectors
On June 20, 2014, Florida enacted the Florida Information Protection Act of 2014 (FIPA) to strengthen its data breach notification law. The amendments, which take effect July 1, will make Florida one of the strictest jurisdictions for reporting deadlines (which shortens to 30 days) and the types of information that trigger notification obligations (Which now… Continue Reading

White House Report on Big Data Seeks Legislative and Executive Action

Posted in Cybersecurity / Data Security, Government Agencies, Privacy, Public Sectors
On May 1, 2014, the White House released a much-anticipated report on how both government and private industry can maximize the benefits of “big data” while minimizing its risks. The report, whose preparation was led by White House counsel John Podesta, evolved from President Obama’s deliberation over surveillance reforms. As such, it is part of… Continue Reading

Another University Data Breach Adds to Growing Trend

Posted in Cybersecurity / Data Security, Data Breach
The University of Maryland announced on February 19th that it is the most recent university to fall victim to a data breach. According to the University’s President, UM was the target of a “sophisticated” computer attack that exposed the personally identifiable information (PII) of over 300,000 individuals. Specifically, the hack targeted records that relate to the University’s… Continue Reading

The “Cyber Framework” Arrives

Posted in Cybersecurity / Data Security, Government Agencies, Government Regulations & FISMA, Privacy, Public Sectors
After a year of development, NIST has released the long-awaited Cybersecurity Framework, which promises to have significant implications for the public and private sectors alike. The final version retains much of the Framework Core set forth in the draft version and provides a blueprint to align cybersecurity efforts (along with the accompanying Roadmap document with… Continue Reading

The Growing Transparency Into National Security Letters

Posted in Government Agencies, Privacy, Rules
Early last year, I wrote about the significant district court opinion in In re National Security Letters, a ground-breaking decision that found the FBI’s use of gag orders with national security letters (“NSL”) to be unconstitutional. Since that time, the Edward Snowden revelations have not only enhanced public scrutiny of how the private and public sectors work… Continue Reading

Amidst a Swirling Privacy Debate, Transparency is Crucial

Posted in Cybersecurity / Data Security, Government Agencies, Privacy
The market has spoken. According to a survey conducted by privacy data management company TRUSTe®, mobile phone purchasers are now more concerned about how their phones affect their privacy than they are about the traditional selling points – including brand, weight, and screen size. Now in its third year, TRUSTe’s annual survey interviewed hundreds of… Continue Reading

Cybersecurity and Data Privacy in 2013: Contracting in a Time of Increased Scrutiny

Posted in Cloud Computing, Cybersecurity / Data Security, Government Regulations & FISMA, Privacy, Public Sectors
2013 has been a historic year for cybersecurity, privacy and data breach issues. From the President’s Executive Order, to the revised NIST security & privacy controls, and to the groundbreaking Mandiant report on cyber espionage, the pressure is on for companies to secure their handling of sensitive data. In order to mitigate the risk of… Continue Reading

Influential Senators Propose Bipartisan Deter Cyber Theft Act

Posted in Cybersecurity / Data Security, Government Agencies
A bipartisan group of senators has proposed a bill to stem the tide of intellectual property theft by foreign entities that has been plaguing the U.S. economy. On May 7th, Senators Carl Levin (D-Mich.), Jay Rockefeller (D-W.Va.), John McCain (R-Ariz.), and Tom Coburn (R-Okla.) put forth the Deter Cyber Theft Act. This bill would require… Continue Reading

Gagging the FBI – The Unconstitutionality of National Security Letters

Posted in Government Agencies, Privacy, Rules
A Ninth Circuit district court has recently gagged the gaggers. In In re National Security Letters, No. C 11-02173 SI (N.D. Cal. March 15, 2013), Judge Illston of the Northern District of California struck down the Federal Bureau of Investigation’s (“FBI”) use of national security letters (“NSLs”) as unconstitutional. Specifically, the court held that gag… Continue Reading

Cybersecurity Receives Presidential Push with New Cyber Executive Order

Posted in Cybersecurity / Data Security, Information Management
After years of abortive attempts by Congress to enact comprehensive cybersecurity legislation, the President took matters into his own hands on February 12, signing an Executive Order, Improving Critical Infrastructure Cybersecurity. Identifying the cyber threat as “one of the most serious national security challenges we must confront,” this Order, along with its contemporaneous Presidential Policy… Continue Reading