Tag Archives: Information Management

New Jersey Restricts Retailers’ Collection and Use of Customer Information

On July 21, 2017, Governor Chris Christie signed the Personal Information Privacy and Protection Act (S-1913) (the “Act”) into law, further enhancing the protections afforded to consumers who make retail credit card purchases in New Jersey. As technology has evolved, many retailers rely on electronic barcode scanners to review and capture information on customers’ driver’s… Continue Reading

FTC Submits Public Comment to Working Group Tasked with Developing Guidance on IoT Security, Upgradability, and Patching

By Jeffrey L. Poston and Stephanie Reiter on July 7, 2017 Posted in Cybersecurity / Data Security, Data Breach, Internet of Things

On June 19, 2017, the Federal Trade Commission (FTC) issued a public comment regarding the National Telecommunications & Information Administration’s (NTIA) draft guidance titled Communicating IoT Device Security Update Capability to Improve Transparency for Customers. In commenting on the guidance, the FTC acknowledged the benefits of and challenges to IoT device security, and encouraged manufacturers… Continue Reading

FTC’s New Chief Technologist Speaks at Crowell & Moring

By Crowell & Moring on April 14, 2016 Posted in Cybersecurity / Data Security, Government Agencies, Information Management, Privacy

Yesterday, Crowell & Moring hosted an International Association of Privacy Professionals (IAPP) KnowledgeNet featuring the Federal Trade Commission’s (FTC) new Chief Technologist, Lorrie Cranor. In her short time at the FTC, Cranor has already made waves by encouraging companies to rethink mandatory password changes. At the event, Cranor spoke about the focus of her work,… Continue Reading

OCR Levies Second Ever HIPAA Civil Monetary Penalty

By Crowell & Moring on February 8, 2016 Posted in Cybersecurity / Data Security, Data Breach, Government Agencies, Information Management, Privacy, Rules

For only the second time in its history (following the $4.3 million Cignet case) the U.S. Department of Health and Human Services (HHS) Office of Civil Rights (OCR) imposed civil money penalties (CMPs) on a company for violating the Health Insurance Portability and Accountability (HIPAA) Privacy Rule. Lincare, Inc. (Lincare), a home health provider, was… Continue Reading

Interim Rule Could Expand Already Onerous DFARS Cyber Requirements

By Kate M. Growley, Evan D. Wolff and Maida Oringher Lerner on August 27, 2015 Posted in Cybersecurity / Data Security, Data Breach, Government Agencies, Government Contracting, Government Regulations & FISMA, Information Management, Privacy, Public Sectors, Rules

Yesterday, the DoD published an Interim Rule that, if finalized as drafted, would expand the already onerous requirements of the DFARS Safeguarding Clause to a broader array of potentially 10,000 defense contractors. Citing “recent high-profile breaches of federal information,” the DoD’s Interim Rule emphasizes the need for clear, effective, and consistent cybersecurity protections in its… Continue Reading

Economic Espionage: A Real Risk for Universities

By Kate M. Growley, Laurel Pyke Malson, Evan D. Wolff, Maida Oringher Lerner and Harvey Rishikof on July 7, 2015 Posted in Cybersecurity / Data Security, Data Breach, Government Agencies, Government Contracting, Government Regulations & FISMA, Information Management, Privacy, Public Sectors

The recent arrests of Chinese nationals for alleged economic espionage are raising eyebrows across American industries, who are rightfully asking how they can protect themselves from becoming the next foreign target. U.S. universities have been key figures in these headlines. The risk of economic espionage is a serious one for higher education because universities are… Continue Reading

Digital Privacy and E-Discovery in Government Investigations and Criminal Litigation

By Louisa Marion and Justin P. Murphy on June 24, 2015 Posted in Accessibility, Cloud Computing, Cooperation/Meet & Confer, Criminal Law, Cybersecurity / Data Security, Ethics, Government Agencies, Information Management, Preservation, Privacy, Privilege/Rule 502, Public Sectors, Rules, Sanctions, Social Media, Spoliation

In conjunction with the 2015 American Bar Association annual State of Criminal Justice publication, Louisa Marion and I have published a new chapter on “Digital Privacy and E-Discovery in Government Investigations and Criminal Litigation.” The article provides an in-depth look at many of the current and cutting edge issues raised by digital privacy and e-discovery… Continue Reading

Data Law Insights

Legal insights on navigating privacy, data protection, cybersecurity, information governance, and e-discovery