Company Computers Under Attack:  Big Dollars and Private Data Are Being Stolen  Every Day: What Are You Doing About It?  Join Us for a Cybersecurity Breakfast Briefing Cutting Edge Use of the Civil Remedy in the Federal Computer Crime Statute — the Computer Fraud and Abuse Act Thursday, April 14,… Read More

Revised Uniform Fiduciary Access to Digital Accounts Act Adopted by Four States

By:  Chris Koa and Walter Impert   With the shift from traditional hard copy paper documents towards electronic records stored Cloud Computing-based software and services (eg, iCloud, Dropbox, Google Drive, etc.), access to and use of digital assets by fiduciaries after death or incapacitation of the owner has emerged as a key estate planning consideration…. Read More

EU-US Data Transfer Privacy Shield: Political Agreement Achieved Regarding “Safe Harbor 2.0”

By:  Barry Glazer, Ron Moscona and Chris Koa Significant uncertainty and concern regarding US companies’ ability to process and use personal data received from the EU has loomed since the October  2015 decision by Europe’s highest court invalidating the EU-US Safe Harbor.  US and EU regulators earlier this week  announced conceptual agreement regarding a new… Read More

‘Cannibal Cop’ Decision Restrains Employers

In December, a divided panel of the U.S. Court of Appeals for the Second Circuit in U.S. v. Valle interpreted the Computer Fraud and Abuse Act to exclude employees who access their employer’s computers. The upshot is that if you are an employee in the Second Circuit and steal data from your employer to commit identity theft or to provide it to a competitor, you cannot be prosecuted by the Department of Justice or sued by your employer under the CFAA.

Cross-Atlantic data flows following Schrems

By:  Ron Moscona, Partner Dorsey & Whitney On 6 November 2015, The EU Commission published a communication addressed to the European Parliament and the EU Council, in an attempt to reduce current legal uncertainties surrounding the transfer of personal data from European Union countries to the U.S. The communication follows on the decision of the… Read More

Time Is Precious with Computer-Hacking Claims

A recent ruling shows that plaintiffs must act fast when using a federal criminal statute for a civil suit.

The U.S. Court of Appeals for the Second Circuit in August addressed the proper application of the statute of limitations to a civil action—in the context of allegations of malicious statements made on the Internet over a broken romance and sexual misconduct—brought under the federal computer crime statute, the Computer Fraud and Abuse Act (CFAA). The case was Sewell v. Bernardin.

The ‘Safe Harbor’ Scheme Coming Under Challenge

By: Ron Moscona, a partner in Dorsey & Whitney’s London Office The Court of Justice of the European Union (“CJEU”) held yesterday, in its decision in Schrems v. Data Protection Commissioner[1], that the decision of the European Commission of July 2000 which provides the legal basis under EU law for the “Safe Harbor” scheme is… Read More

How To Make Computer Fraud Claims Stick

The recent decision in Allied Portables v. Youmans from the U.S. District Court for the Middle District of Florida underscores the need for businesses to establish explicit, well-advertised written policies identifying the scope of permissible employee access to company computers. Absent such policies, employers may be precluded from using the civil remedy in the federal computer crime statute, the Computer Fraud and Abuse Act, to sue employees who steal or destroy data from a company computers.

Allied properly recognized that for a CFAA claim to succeed, the plaintiff employer must be able to show the critical element that the defendant employee accessed a company computer by exceeding the authorized access to the computer.

Guidance for Incident Response Plans  

Author: Melissa Krasnow Organizations are preparing for data incidents and breaches by developing, updating, implementing, and testing incident response plans. This article provides a checklist of key components of an incident response plan. Following are items from state and federal sources of guidance: “Best Practices for Victim Response and Reporting of Cyber Incidents”(April 2015) issued… Read More

Post navigation