China’s New Cybersecurity Law Is a Start
On June 1, China’s new Cybersecurity law took effect. The new law applies not only to domestic Chinese companies but has wide-ranging implications for U.S. and other foreign companies doing business in China.
General
Proposal for new European ePrivacy Regulation
On 10 January 2017, the European Commission announced its proposal for new legislation which would update the law relating to privacy in electronic communications. The Commission has proposed a draft ePrivacy regulation that would repeal and replace the existing ePrivacy Directive (2002/58/EC) (“ePrivacy Directive”). The draft regulation aims to further the Commission’s Digital Single Market Strategy by complementing and conforming privacy rules in the telecommunications sector with the General Data Protection
China’s New Cybersecurity Law
On November 7, 2016, the Standing Committee of China’s National People’s Congress promulgated the Cybersecurity Law of the People’s Republic of China (hereinafter referred to as the “CSL”) to become effective on June 1, 2017. While the law purports to create an overall national cyber security plan, its provisions, some of which are still vague, create significant potential uncertainties for companies doing business in China.
Ransomeware: To Pay or Not to Pay
Ransomware. It’s a data security buzzword that has caught on among civilians and businesses. And it’s real. It threatens system security and costs victims plenty. But what is ransomware? Why is it more of a threat than typical cyber viruses and infections? What do you do to keep yourself immune from ransomware? If affected, what are your options?
Second Circuit Eases Tension Between U.S. Discovery Requirements and EU Privacy Laws
Microsoft scored an important victory when the Second Circuit ruled that the government is not authorized to issue warrants for customer data stored overseas. In re Warrant to Search a Certain E-mail Account Controlled & Maintained by Microsoft Corp. should offer a level of comfort for the cloud computing industry as a whole and for U.S. companies that have an international storage footprint.
How to Prepare for Theft of Company Information
Companies should take three steps now to ensure use of the Defend Trade Secrets Act.
In May, President Barack Obama signed into law the Defend Trade Secrets Act that creates a federal civil cause of action for the misappropriation of trade secrets. This new law amends the Economic Espionage Act, which makes it a federal crime to steal and use trade secrets. Title 18 U.S.C. 1831, et. seq. For companies that depend on confidential information to provide them a competitive edge, there are several proactive steps they should take to ensure their use and the full benefits of this statute if their trade secrets are stolen.
Most significantly, the Defend Trade Secrets Act, unlike the state trade secrets laws, provides for an ex parte “order for the seizure of property necessary to prevent the propagation or dissemination of the trade secret,” upon a showing of “exceptional circumstance.” Traditional state court equitable remedies are limited to a temporary restraining order and a preliminary injunction. The law also makes the theft, possession and use of trade secrets a predicate act for the Racketeer Influenced and Corrupt Organizations Statue, which can form the basis of a civil RICO action for treble damages and attorney fees. (In the past, federal courts have been reluctant under most circumstances to find a RICO “pattern” for trade secrets theft as part of a scheme to defraud based on the mail and wire fraud statutes. See, e.g., Bro-Tech Corp. v. Thermax (E.D. Pa. 2009).
Company Computers Under Attack: Big Dollars and Private Data Are Being Stolen Every Day: What Are You Doing About It? Join Us for a Cybersecurity Breakfast Briefing Cutting Edge Use of the Civil Remedy in the Federal Computer Crime Statute — the Computer Fraud and Abuse Act Thursday, April 14,… Read More
Revised Uniform Fiduciary Access to Digital Accounts Act Adopted by Four States
By: Chris Koa and Walter Impert With the shift from traditional hard copy paper documents towards electronic records stored Cloud Computing-based software and services (eg, iCloud, Dropbox, Google Drive, etc.), access to and use of digital assets by fiduciaries after death or incapacitation of the owner has emerged as a key estate planning consideration…. Read More
EU-US Data Transfer Privacy Shield: Political Agreement Achieved Regarding “Safe Harbor 2.0”
By: Barry Glazer, Ron Moscona and Chris Koa Significant uncertainty and concern regarding US companies’ ability to process and use personal data received from the EU has loomed since the October 2015 decision by Europe’s highest court invalidating the EU-US Safe Harbor. US and EU regulators earlier this week announced conceptual agreement regarding a new… Read More
How To Make Computer Fraud Claims Stick
The recent decision in Allied Portables v. Youmans from the U.S. District Court for the Middle District of Florida underscores the need for businesses to establish explicit, well-advertised written policies identifying the scope of permissible employee access to company computers. Absent such policies, employers may be precluded from using the civil remedy in the federal computer crime statute, the Computer Fraud and Abuse Act, to sue employees who steal or destroy data from a company computers.
Allied properly recognized that for a CFAA claim to succeed, the plaintiff employer must be able to show the critical element that the defendant employee accessed a company computer by exceeding the authorized access to the computer.