Data Points: Privacy & Data Security Blog

Businesses are facing this system hack with ever-increasing frequency:  An accounts payable employee receives new or updated payment instructions from a vendor via email.  The email appears to be from a familiar counterpart at the vendor; it contains accurate details specific to a current transaction; the new bank is well known; and the new instructions have the vendor’s name, or a version of it, as the beneficiary.

• What should I expect after a ...

LIMITING LEGAL LIABILITY FOR POTENTIAL PRIVACY AND DATA SECURITY ISSUES: PRACTICAL APPROACHES TO A COMPLEX PROBLEM (APRIL 29, 2015):  You know that privacy and data security issues pose a huge risk for your company.  Regulatory penalties, litigation costs and recovery, and even just the cost of analyzing a data breach and sending out required notices can hurt a company’s bottom line not to mention its reputation.  Target’s breach cost the company over $148 million.  Fortunately, there are practical steps that your company can take now to limit liability when the inevitable ...

by Privacy & Data Security Members Karin McGinnis & Robert Sumner

Cyber-Monday sales weren’t the only good thing that happened for consumers this week.  Later in the week a federal judge in Minnesota thwarted Target’s attempt to dismiss a lawsuit brought by banks and credit unions arising out of the massive data breach last year.  Although the breach and access to the credit card information of some 40 million consumers resulted from hackers obtaining the password of a Target vendor who was accessing an unrelated subsystem, the banks and credit unions claimed that Target was liable ...

Apple recently changed its privacy policy which has made headlines – it will no longer unlock iPhones and iPads for law enforcement.  Prior to this change, Apple would assist law enforcement in unlocking Apple devices when presented with a valid subpoena or court order.

According to Apple’s CEO, Tim Cook, the company attempts to avoid collecting user data when it designs new technology and services.  The most recent version of Apple’s mobile device operating system, iOS 8, encrypts the data for all iOS 8 applications, such as email, call records, and iMessage, and this data is ...

A Pew Foundation study earlier this year found that 87% of all adults in the United States access the Internet or email, either through computers or mobile devices.  The same study found that of those adults, as many as 74% are using some form of social media, including Facebook, Instagram, Twitter and LinkedIn.  Given those numbers, it’s no wonder that many employers are concerned with managing their employees’ use of social media at work.

The conventional wisdom among many employers has long been that access to social media can be harmful to worker productivity.  Visions of ...

In just two years, social media password protection has gone from a privacy advocate’s dream to an employer’s harsh reality in many states.  Maryland became the first state (in 2012) to enact legislation that prevented employers from requesting the user names or passwords to an employee’s or applicant’s personal social media accounts.  Two states quickly joined Maryland in 2012 by passing similar password privacy laws, and nine more states added privacy protections in 2013.

So far in 2014, six states – Louisiana, New Hampshire, Oklahoma, Rhode Island, Tennessee and ...