Understanding the EU Data Privacy Decision
Data privacy is the core tenet of the EU’s GDPR, which is wide-reaching and comprehensive On June 16, the European Court of Justice issued its long-awaited decision in Facebook Ireland Ltd. v. Maximillian Schrems, more commonly referred to as Schrems II. To understand its meaning, you have to understand some ... Read More
Schrodinger’s Cryptocurrency – Both Private and Not
Everyone knows that Bitcoin is an anonymous currency. Except when it isn’t. Bitcoin and other cryptocurrencies attempt to achieve the incompatible goals of providing strong accountability for transactions through blockchain and strong anonymity. If the government wanted to obtain information about a user’s bank account, it would simply subpoena the ... Read More
No Trespassing: Facebook Sues for Data Scraping
On June 18, Facebook filed a civil lawsuit in a federal court in San Francisco against online mobile platform Massroot8 for “scraping” data about Facebook users in violation of both Facebook’s Terms of Service (ToS) and therefore as criminal trespass in violation of the federal Computer Fraud and Abuse Act ... Read More
Recent Cases Question Backdoor Encryption
Recent events are calling into question the necessity of computer backdoors and the future of our personal privacy U.S. law enforcement for decades has decried the “going dark” problem with computers and computer technologies. If anyone can secure their data from prying eyes, then bad guys can secure their data ... Read More
Privacy and Morality: Data’s Double-Edged Sword
When security professionals think of “good” data and “bad” data, we think of things including accuracy, reliability, recency and applicability. But a more significant question is about data collection and use. All too often we focus our attention on data utility rather than on data ethics; on whether we can ... Read More
Want To Protect Privacy? Get Off Social Media, Indiana Federal Court Says
Privacy issues surrounding social media abound, including what’s considered ‘content’ privacy and ‘non-content’ privacy When the government wants to get data about you from someone other than you (a third party), does it need a search warrant issued by a judge or can it just use a simple subpoena, without ... Read More
Data Breach Litigation Waivers: Be Careful What You Wish For
Companies with data breach litigation waivers may find those waivers used against them by savvy law firms In her 1969 book, “On Death and Dying,” Elisabeth Kübler-Ross described the five stages of grief and loss: Denial and isolation Anger Bargaining Depression Acceptance They’re not too different from the stages of ... Read More
Texas Court Backs Phishing Attack Insurance Claim
Are insurance companies bound to pay claims for phishing attacks resulting in third-party losses? RealPage, a Texas-based company, operated a rent-servicing portal whereby renters could pay their rent and landlords could get paid (minus, of course, a servicing fee to RealPage.) In May 2018, RealPage fell victim to a spear-phishing ... Read More
Disney Insisting on ‘Star Wars’ #Hashtag Contract?
In a particularly annoying meme, the fourth day of the fifth month has earned the moniker “Star Wars Day” because of the expression, “May the Fourth be with you.” But Disney has moved to put celebrants under a contract with binds tighter than Princess Leia’s chains to Jabba the Hut ... Read More
Cybersecurity and COVID: 5 Lessons
Without belaboring the point, there are many similarities between the COVID-19 pandemic and cybersecurity. We can learn from the response to the COVID pandemic lessons about cybersecurity. We Know It Is Coming For decades, public health planners have been warning that there would be a novel (no-immunity) disease that would ... Read More
