Countdown to May 25, 2018: Are You Ready for GDPR?

By Elizabeth Hinson and Alexander P. Woollcott

On May 25, 2018, the General Data Protection Regulation (GDPR), the European Union’s new data privacy and protection law, goes into effect.   The most striking aspect of GDPR is that it applies not only inside the European Union but anywhere personal data of individuals located in the EU is being used or accessed.  If that does not catch your attention, the fines for non-compliance – up to 4% of global revenue – certainly should.

Even at this late date, many companies are not close to being in full compliance with GDPR.  This Article addresses some

Read More

California Significantly Expands Privacy Breach Notification Law

California Significantly Expands Privacy Breach Notification Law

Alexander P. Woollcott

California Governor Jerry Brown recently signed into law an amendment to California’s landmark data security breach notification law (Senate Bill No. 1386), first enacted in 2003. The original law, S.B. 1386, requires companies doing business with California residents to provide notice to the residents of any actual or suspected security breach involving unencrypted personal information or data of the residents that had been collected and maintained by the company.

The amendment to S.B. 1386 (Senate Bill No. 24) significantly broadens the protection given to California residents by imposing additional obligations on companies that

Read More

2011 Data Breach Report Reveals More Vulnerable Targets, But Eases Cloud Security Fears

by Vaughn Morrison

Verizon’s RISK Unit worked with the U.S. Secret Service and the Dutch High Tech Crime Unit to prepare their annual Data Breach Investigation Report. The findings are summarized below.

Less Theft, But More Painful? – According to the study, the total number of records compromised through data breach decreased significantly compared to last year’s numbers. Unfortunately, this decrease is allegedly attributable in large part to a shift in target victims: fewer big companies, which yield larger results but are more difficult

Read More

SEC Issues First Fine Over Client Privacy Breach

The Securities and Exchange Commission (SEC) has issued its first-ever fine for failing to properly protect customer data. The charges involve former president Fredrick O. Kraus and former national sales manager David C. Levine of  GunnAllen Financial. The SEC press release said that both parties “violated  customer privacy rules by improperly transferring customer records to another firm.” This is the first case in which people were charged soley with violating Regulation S-P, also known as the Safeguard Rule.

More information can be found here.

Melanie S. Touchstone

Read More

GNU Affero General Public License: Risks and Opportunities

GNU Affero General Public License:
Risks and Opportunities

By:  Paul H. Arne[1],[2]

The GNU Affero General Public License[3] (“AGPL”) is a special license in the family of open source licenses, creating risks and opportunities that do not exist with most other open source licenses.  For a significant period of time after the introduction of this license in late 2007,[4] the use of this license was fairly limited.  Even though the use of the AGPL is fairly limited in proportion to other open source licenses, its use is now sufficiently prevalent that attorneys may come in contact with this license.  This article will

Read More