Nick Akerman

Prior to private practice Nick served as a federal prosecutor. He was an Assistant United States Attorney in the Southern District of New York, where he prosecuted a wide array of white collar criminal matters, including bank frauds, bankruptcy frauds, stock frauds, complex financial frauds, environmental and tax crimes. Nick was also an Assistant Special Watergate Prosecutor with the Watergate Special Prosecution Force under Archibald Cox and Leon Jaworski.Nick has over 30 years of experience in helping clients respond to government investigations and prosecutions and assisting corporate clients prevent and respond to internal thefts and outside hackers. He is a nationally recognized expert on computer crime and the protection of competitively sensitive information and computer data. Nick regularly obtains injunctions for his clients under the federal Computer Fraud and Abuse Act in various federal courts around the country requiring computer thieves to return stolen computer data and prohibiting the dissemination of the data to competitors. He also guides clients in developing systems, policies and protocols to protect computer data.Nick speaks and writes regularly on protecting computer data, including in his regular computer data column for the National Law Journal. He has been a featured quoted expert on computer fraud and computer security issues in the New York Times, USA Today, the San Jose Mercury News, the Boston Globe, the St. Louis Dispatch, the Sacramento Bee, Forbes, ComputerWorld, CFO Magazine, CNET, CNET Japan, ZDNet, MSN, Internet Week and the Weekly Homeland Security Newsletter. His blog can be found at http://computerfraud.us.

It’s Easier for Employers to Sue for Data Theft

Two new developments this past year have made it easier for employers to sue employees in federal court for stealing data from company computers. The most recent is the U.S. Court of Appeals for the Ninth Circuit’s July decision in U.S. v. Nosal interpreting what it means to access a company computer “without authorization” under the Computer Fraud and Abuse Act (CFAA), the federal computer criminal statute. 18 U.S.C. 1030. The other development is the May amendment to the Economic Espionage Act (EEA), the federal criminal trade secrets act, permitting companies to file a federal civil action against individuals who steal the company’s competitively sensitive data. 18 U.S.C. 1831, et. seq.

China’s New Cybersecurity Law

On November 7, 2016, the Standing Committee of China’s National People’s Congress promulgated the Cybersecurity Law of the People’s Republic of China (hereinafter referred to as the “CSL”) to become effective on June 1, 2017. While the law purports to create an overall national cyber security plan, its provisions, some of which are still vague, create significant potential uncertainties for companies doing business in China.

Ransomeware: To Pay or Not to Pay

Ransomware. It’s a data security buzzword that has caught on among civilians and businesses. And it’s real. It threatens system security and costs victims plenty. But what is ransomware? Why is it more of a threat than typical cyber viruses and infections? What do you do to keep yourself immune from ransomware? If affected, what are your options?

Mobile Apps Face New Controls in China

The circumstances surrounding the replacement of Lu Wei as head of the Cyberspace Administration of China in June remain difficult to discern, but the politics surrounding its leadership seem not to have deflected the CAC from its mission to assert more control over cyberspace.

The CAC – also known as the Office of the Central Leading Group for Cyberspace Affairs – has issued new regulations which took effect on 1 August 2016 and place obligations on providers of mobile internet applications, or “apps”, that seem to mirror those placed on website and social media operators.

How to Prepare for Theft of Company Information

Companies should take three steps now to ensure use of the Defend Trade Secrets Act.

In May, President Barack Obama signed into law the Defend Trade Secrets Act that creates a federal civil cause of action for the misappropriation of trade secrets. This new law amends the Economic Espionage Act, which makes it a federal crime to steal and use trade secrets. Title 18 U.S.C. 1831, et. seq. For companies that depend on confidential information to provide them a competitive edge, there are several proactive steps they should take to ensure their use and the full benefits of this statute if their trade secrets are stolen.

Most significantly, the Defend Trade Secrets Act, unlike the state trade secrets laws, provides for an ex parte “order for the seizure of property necessary to prevent the propagation or dissemination of the trade secret,” upon a showing of “exceptional circumstance.” Traditional state court equitable remedies are limited to a temporary restraining order and a preliminary injunction. The law also makes the theft, possession and use of trade secrets a predicate act for the Racketeer Influenced and Corrupt Organizations Statue, which can form the basis of a civil RICO action for treble damages and attorney fees. (In the past, federal courts have been reluctant under most circumstances to find a RICO “pattern” for trade secrets theft as part of a scheme to defraud based on the mail and wire fraud statutes. See, e.g., Bro-Tech Corp. v. Thermax (E.D. Pa. 2009).

Cybersecurity Advice to CEOs and Boards “Take more responsibility”!

The White House and its top security advisors are regularly advised about cyberintrusions and as a result the “time has come for CEOs and Boards to take personal responsibility for improving their companies’ cyber security” according to Former White House Senior Director for Cybersecurity Sameer Bhalotra. In the recent report from LogRhythm entitled “The Cyber Threat Risk – Oversight Guidance for CEOs and Boards” Bhalotra went to say:

Global payment systems, private customer data, critical control systems, and core intellectual property are all at risk today.

As cyber criminals step up their game, government regulators get more involved, litigators and courts wade in deeper, and the public learns more about cyber risks, corporate leaders will have to step up accordingly.

Cybersecurity Compliance Just Got Tougher

While cybersecurity risks have increased, government regulation has traditionally lagged behind. Recently, some government entities have tried to catch up by mandating that companies take a proactive approach toward protecting personal and competitively sensitive data. The move is a departure from the traditional reactive response of simply notifying consumers after their personal data is breached.

With this shift in emphasis, companies are asking the obvious questions: “What are we expected to do and what is a proactive cybersecurity compliance program?”

Both on the state level and through federal regulatory agencies, the government is beginning to dictate a comprehensive compliance approach to data protection. Late last year, the U.S. Securities and Exchange Commission’ s Cybersecurity Examination Initiative directed broker-dealers to “further assess cybersecurity preparedness in the securities industry.” Thus, the SEC announced that it “will focus on key topics including governance and risk assessment, access rights and controls, data loss prevention, vendor management, training and incident response.”

          Company Computers Under Attack:  Big Dollars and Private Data Are Being Stolen  Every Day: What Are You Doing About It?  Join Us for a Cybersecurity Breakfast Briefing Cutting Edge Use of the Civil Remedy in the Federal Computer Crime Statute — the Computer Fraud and Abuse Act Thursday, April 14,… Read More

Post navigation