The Cyber Shot Across the Bow: Data Manipulation and GPS Spoofing
December 01, 2017
In September 2015, then-Director of National Intelligence James Clapper warned that the next "push of the envelope" in cybersecurity might be attacks that change or manipulate electronic information in order to compromise its accuracy or reliability. Two years later, we may now be seeing the beginning of such insidious attacks, in the context of GPS spoofing — a technique that sends false signals to systems that use GPS signals for navigation.
Regulators Are Catching Up to Cryptocurrency and Blockchain Technology within the Financial Services Industry
December 01, 2017
<b><i>Part One of a Two-Part Article</b></i><p>As we head into 2018, cryptocurrency and blockchain will continue to be a top initiative for pioneers in the financial services industry. As with any innovation within the financial services industry, the regulators are never far behind and are doing their best to keep up. Those that enter this space will find that they also have to pioneer the controls to manage the regulatory risks this technology presents.
Five Smart Steps to Prepare for GDPR Data Subject Rights
December 01, 2017
Many corporations around the globe are preparing for May 2018, when Europe's General Data Protection Regulation (GDPR) enforcement kicks in. The regulation encompasses a wide range of nuanced privacy requirements that can be challenging to operationalize. In particular, requirements around the rights of European data subjects — which include the right to be forgotten and rights to access, rectification and objection to processing — will be some of the most difficult to address.
Data Integrity and Incident Response
December 01, 2017
The skill required to successfully exfiltrate 143 million records is certainly sufficient to successfully attack the integrity of that very same data. It is generally accepted that cyber criminals have not performed integrity attacks because there is a minimal profit motive: Records have a black-market value; in integrity attacks, there is no deliverable that can be sold. This paradigm may be shifting.
Five Smart Steps to Prepare for GDPR Data Subject Rights
December 01, 2017
Many corporations around the globe are preparing for May 2018, when Europe's General Data Protection Regulation (GDPR) enforcement kicks in. The regulation encompasses a wide range of nuanced privacy requirements that can be challenging to operationalize. In particular, requirements around the rights of European data subjects — which include the right to be forgotten and rights to access, rectification and objection to processing — will be some of the most difficult to address.
<i>Zeran v. AOL</i> and Its Inconsistent Legacy
December 01, 2017
<i><b>How the Seminal Fourth Circuit's Ruling Is Applied in Different Circuits</b></i><p>The rule of <i>Zeran</i> has been uniformly applied by every federal circuit court to consider it and by numerous state courts. And it has never been rejected in any precedential opinion. Indeed, it is perhaps a fitting tribute to the viability of <i>Zeran</i> that 20 year later the U.S. Court of Appeals for the Ninth Circuit, in its 12th opinion construing the CDA, barely spent even a sentence affirming dismissal of a defamation claim brought against Facebook over user content, pursuant to the CDA and the rule first developed in <i>Zeran</i>.
What Lies Beneath the Surface: The Dark Web
December 01, 2017
Nearly all of us access the World Wide Web on at least a daily basis. Yet for many of us, there is a fundamental lack of knowledge about the basic structure of the Internet and the way its different levels interact. This article provides a basic outline of the structure of the Web and some insight as to the purpose for and content housed on each level, as well as give some practical tips to avoid your company's data from ending up on the Dark Web.
When Terms of Use Put 'Reasonably Prudent User' on Notice
December 01, 2017
On Aug. 17, 2017, the Second Circuit issued its decision in <i>Meyer v. Uber Technologies, Inc.</i>. The appeals court vacated and remanded the trial court ruling by holding that the registration process for Uber Technologies, Inc.'s mobile application formed a legal contract, Less than a month later, the Southern District relied on the <i>Meyer</i> decision in granting the defendant's motion to compel arbitration based on the fact that the design and functionality of defendant's amended terms of use placed plaintiffs' on "reasonably conspicuous notice" of the mandatory arbitration and jury trial waiver provisions.