Civil Liability for Data Breaches

Posted Leave a commentPosted in Uncategorized

Here are my slides from the University of South Carolina Law School symposium on civil liability in data breach cases.

Curated Links on Ukraine Power Grid Hack

Posted Leave a commentPosted in Uncategorized

Here are some key sources discussing the recent cyber attack on Ukraine’s power grid: SANS ICS Blog:  Confirmation of Coordinated Attack on Ukranian Power Grid iSight Partners Blog:  Sandworm Team and the Ukranian Power Attacks ESET:  BlackEnergy Trojan Strikes Again:  Attacks on Ukrainian Electric Power Industry SecureList:  New Observations on BlackEnergy 2 APT Activity   […]

Klayman v. Obama Stay Left in Place

Posted Leave a commentPosted in National Security

On November 9, 2015, Judge Richard Leon issued a preliminary injunction against the NSA bulk data collection program.  On November 10, in a per curiam Order, the D.C. Circuit stayed the preliminary injunction pending the government’s appeal.  Last Friday, November 20, the Circuit denied the plaintiffs’ emergency request for rehearing of the stay order en banc.  In a […]

Sikhs for Justice v. Facebook: Site Blocking

Posted Leave a commentPosted in Internet Governance

The ability of an ISP or social media site to block access to controversial or inflammatory content is a difficult issue at the intersection of cybersecurity and Internet governance.  In a case just decided by Judge Lucy Koh in the Northern District of California, Facebook won dismissal on the pleadings of Sikhs for Justice’s (“SFJ”) claim that […]

NY Department of Financial Services Cybersecurity Regulations

Posted Leave a commentPosted in Cyber Compliance / Regulation

Yesterday the New York State Department of Financial Services sent a letter to members of the Financial and Banking Information Infrastructure Committee announcing a plan to enact new cybersecurity regulations for financial institutions.  The regulations would require covered entities to Maintain written internal cybersecurity policies and procedures; Maintain policies and procedures to ensure the security […]

Charges Announced in J.P. Morgan Hacking Case 

Posted Leave a commentPosted in Cyber Crime

Federal prosecutors unsealed indictments against three men who allegedly engaged in a sprawling cybercriminal enterprise that hacked into J.P. Morgan Chase & Co. and several U.S. financial institutions. Source: Charges Announced in J.P. Morgan Hacking Case – WSJ

Klayman v. Obama Preliminary Injunction of NSA Program

Posted Leave a commentPosted in Cyber Surveillance, National Security

Judge Richard Leon in the District of Columbia federal court has again issued a preliminary injunction against the continuation of the NSA bulk telephony metadata collection program.  The bulk collection program is set to expire on November 29, 2015 under the USA FREEDOM Act, so the injunction in this case will not have long-term impact. […]