Header graphic for print
Socially Aware Blog The Law and Business of Social Media

Category Archives: Data Security

Subscribe to Data Security RSS Feed

Data Protection Masterclass: GDPR Is Less Than a Year Away: Are You on Track?

Posted in Data Security, Event, Privacy, Right To Be Forgotten

Live Webinar: June 6, 2017 at 12:00 PM (ET) / 9:00 AM (PT) The May 2018 compliance deadline for the EU’s new General Data Protection Regulation (GDPR) is fast approaching and—with non-compliance penalties of up to €20 million or 4% of annual global turnover at stake—you cannot afford to miss the deadline. Please join Socially… Continue Reading

Overview of Ransomware Attacks

Posted in Cybersecurity, Data Security

In the most recent edition of his CyberSide Chat series, Socially Aware contributor Andy Serwin discusses ransomware attacks, including: the reasons why ransomware attacks are becoming more common; the types of ransomware attacks companies should prepare to address; and the strategies that companies can employ to help guard against, and to help mitigate the damage… Continue Reading

N.Y.’s New Cybersecurity Regulations: What Financial Services Companies Need to Know

Posted in Data Security

With corporate data security breaches on the rise, the New York State Department of Financial Services (NYDFS) has adopted rules requiring financial institutions to take certain measures to safeguard their data and inform state regulators about cybersecurity incidents. Intended to thwart future cyberattacks and protect consumers, those “Cybersecurity Requirements for Financial Services Companies” (the “Cybersecurity… Continue Reading

Overview of Emerging Cybersecurity Issues

Posted in Compliance, Data Security

In the most recent edition of his CyberSide Chat series, Socially Aware contributor Andy Serwin discusses emerging cybersecurity issues including: The need to strike a balance between the efficiencies of the Internet of Things and the increased cyberattack vulnerability that usually goes along with using extra devices; The pre- and post-cyber-breach steps a company can… Continue Reading

Watch Out: The Federal Trade Commission Continues to Watch the (Alleged) Watchers

Posted in Data Security, Internet of Things, Privacy

If your company collects information regarding consumers though Internet-connected devices, you will want to take note of the Federal Trade Commission’s (FTC) recent privacy-related settlement (brought in conjunction with the New Jersey Attorney General) with smart TV manufacturer Vizio, Inc. The settlement is significant for four reasons: The FTC reinforces the position it has taken… Continue Reading

Google Ordered to Comply with Warrant for Foreign-Stored User Data

Posted in Data Security, Privacy, Stored Communications Act

In a major development for cloud and other data storage providers, and further complicating the legal landscape for the cross-border handling of data, a Federal Magistrate Judge in the Eastern District of Pennsylvania ruled for the Department of Justice and ordered Google, Inc., to comply with two search warrants for foreign-stored user data. The order… Continue Reading

Preparing for a Data Security Breach: Ten Important Steps to Take

Posted in Data Security

Is your company prepared to respond to a data security breach? For many companies, even reading this question causes some anxiety. However, being prepared for what seems like the inevitable—a security breach—can be the difference between successfully navigating the event or not. While we still hear some companies say, “That would never happen to our… Continue Reading

Now Available: The November Issue of Our Socially Aware Newsletter

Posted in Advertising, Data Security, Social Media Policy

The latest issue of our Socially Aware newsletter is now available here. In this edition, we provide five tips for reducing potential liability exposure in seeking to exploit user-generated content; we examine a Ninth Circuit decision highlighting the control that social media platform operators have over the content and data that users post to those platforms; we discuss… Continue Reading

Social Links: IoT Causes Web Outage; YouTube Makes Endorsement Disclosure Convenient; NFL’s Social Media Policy Imposes Fines

Posted in Cyberbullying, Data Security, Endorsement Guides, Internet of Things, Marketing, Social Media Policy

The Internet of Things is apparently to blame for the Web outage that paralyzed the online world earlier this month. Justin Timberlake took down his “ballot selfie” from Instagram after Tennessee authorities made clear that it was illegal. Presumably in order to help facilitate compliance with guidance from regulators in the United States, United Kingdom… Continue Reading

Social Links: Yelp’s Communications Decency Act claim; Twitter loosens its character limit; building a Snapchat audience

Posted in Cyberbullying, Data Security, Internet of Things, Litigation, Marketing, Online Reviews, Privacy

The California Supreme Court agreed to hear Yelp’s case arguing that requiring the company to remove a one-star review of a law firm “creates a gaping hole” in the immunity that shields internet service providers from suits related to user-generated content. Images, videos and quoted tweets no longer count toward Twitter’s 140-charter limit. Google is… Continue Reading

5 Questions to Help Prepare for a Ransomware Attack

Posted in Data Security, Hacking

The news has been filled this year with reports of ransomware attacks against companies and government agencies, including even law enforcement. Ransomware refers to a type of malware that encrypts or otherwise restricts access to a machine or device. As part of the attack, the attacker will demand that the victim pay a ransom in order to… Continue Reading

Cybercrime and Victim Shaming

Posted in Data Security, Hacking, Litigation, Privacy

Our Morrison & Foerster colleague and Socially Aware contributor Miriam Wugmeister has published a thought provoking and insightful op-ed piece in The Hill on how companies that are the targets of cyberattacks are too often treated as suspects, rather than victims, by regulators. In her op-ed, titled Stop Victim Shaming in Cyberattacks, Miriam points out that defending… Continue Reading

Social Links: Facebook’s anti-ad-blocking software; LinkedIn’s “scraper” lawsuit; FTC’s upcoming crackdown on social influencers

Posted in Advertising, Compliance, Cyberbullying, Data Security, Endorsement Guides, Free Speech, Litigation, Marketing, Mobile, Online Endorsements

Facebook introduced technology that disables ad blockers used by people who visit the platform via desktop computers, but Adblock Plus has already foiled the platform’s efforts, at least for now. A look at Twitter’s 10-year failure to stop harassment. Are mobile apps killing the web? LinkedIn sues to shut down “scrapers.” The FTC is planning… Continue Reading

Social Links: Implications of Facebook’s algorithm change; branded emoji; free travel apps

Posted in Cyberbullying, Data Security, Employment Law, Litigation, Marketing

The Internet is abuzz over the Facebook algorithm change. Here are the implications for marketers and publishers and for regular users. U.S. Customs wants to start collecting the social media accounts for foreign travelers. Court: Woman fired for posting to her Facebook page that she would quit her job before doing “something stupid like bash… Continue Reading

HIPAA and Health Care Apps: Is Your App Covered?

Posted in Data Security, Privacy, Product Liability

Health care apps are one of the most important and growing segments in the ecosystem known as the Internet of Things (IoT). After the recent amendments to the Health Insurance Portability and Accountability Act (HIPAA) that—among other things—broadened the definition of a “Business Associate,” many technology companies found themselves wondering whether they were, or were… Continue Reading

Privacy Shield vs. Safe Harbor: A Different Name for an Improved Agreement?

Posted in Big Data, Data Security, European Union, Privacy

The European Commission (the “Commission”) and the U.S. Department of Commerce issued the draft legal texts for the much anticipated EU-U.S. Privacy Shield (the “Shield”), set to replace the currently inoperative Safe Harbor program (“Safe Harbor”). The new agreement is aimed at restoring the trust of individuals in the transatlantic partnership and the digital economy,… Continue Reading

Consumer Privacy Survey Results

Posted in Data Security, E-Commerce, Privacy, Statistics

As Socially Aware readers know, privacy presents real business risks that have the potential to negatively impact a company’s bottom line, from the legal fees associated with a data breach to revenue declines stemming from a loss of consumer trust. Late last year, Socially Aware contributor Andrew Serwin conducted an online survey of more than… Continue Reading

Big Data, Big Challenges: FTC Report Warns of Potential Discriminatory Effects of Big Data

Posted in Big Data, Compliance, Data Security, FTC, Privacy

In a new report, the Federal Trade Commission (FTC) declines to call for new laws but makes clear that it will continue to use its existing tools it to aggressively police unfair, deceptive—or otherwise illegal—uses of big data. Businesses that conduct big data analytics, or that use the results of such analysis, should familiarize themselves with… Continue Reading

California Passes Four Bills Protecting Privacy Rights

Posted in Data Security, Privacy

Last week was a big one for California’s privacy regime. In a landmark move, Governor Jerry Brown signed into law four bills further protecting Californians’ privacy rights: Three strengthen the state’s data breach notification statute and impose restrictions on operators of automated license plate recognition systems (ALPRs), and one requires law enforcement to obtain a… Continue Reading