New Media and Technology Law Blog

Category Archives: Data Security

Subscribe to Data Security RSS Feed

Protecting against Cybersecurity Threats when Working from Home

With the spread of the novel coronavirus (COVID-19), many organizations are requiring or permitting employees to work remotely.  This post is intended to remind employers and employees that in the haste to implement widespread work-from-home strategies, data security concerns cannot be forgotten. Employers and employees alike should remain vigilant of increased cybersecurity threats, some of … Continue Reading

Court Enforces Arbitration Clause in Online Terms of Service Accepted by a Minor

Epic Games, Inc. (“Epic”) is the publisher of the popular online multiplayer videogame Fortnite, released in 2017. In recent years, Fortnight has gained worldwide popularity with gamers and esports followers (culminating in July 2019 when a sixteen-year-old player won the $3 million prize for winning the Fortnite World Cup).  Players, in one version of the … Continue Reading

In Outlining Its 2020 Examination Priorities, SEC Expresses Interest in Alternative Data and Cybersecurity Risks

On January 7, 2019, the Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (OCIE) announced its 2020 examination priorities. In doing so, OCIE identified certain areas of technology-related concern, and in particular, on the issue of alternative data and cybersecurity. [For a more detailed review of OCIE’s exam priorities, see the Client Alert … Continue Reading

Browsewrap Terms Enforced Due to Customer Knowledge of Existence of Terms

Last month, a California district court granted a web-based service’s motion to compel arbitration of a putative class action brought by a user whose personal information was allegedly accessed in a massive 2016 data breach that involved 339 million user accounts. (Gutierrez v. FriendFinder Networks Inc., No. 18-05918 (N.D. Cal. May 3, 2019)). While the … Continue Reading

Reflections on Technology-Related Legal Issues: Looking Back at 2017; Will 2018 Be a Quantum Leap Forward?

As we approach the end of 2017, it is a time to reflect on the dizzying pace of technology evolution this year, and the amazing array of legal issues it presented. Similarly, it is a time to look forward and anticipate what technology-related issues we will be thinking about in the coming year. For 2017, … Continue Reading

California Legislature Nearing Final Debate of Biometric and Geolocation Data Security Bill

UPDATE: Prior to the close of the legislative session, the amended AB 83 failed to make it out committee. With the session ending on August 31st, the California legislature is debating a bill (AB 83) that would expand data security requirements for businesses that maintain personal information of California residents to include, among other things, protection … Continue Reading

Ninth Circuit Ruling Trimming CFAA Claims for Misappropriation Reminds Employers that Technical Network Security is the First Defense

The Ninth Circuit, sitting en banc, has upheld a district court’s dismissal of criminal charges under the Computer Fraud and Abuse Act that were predicated on misappropriation of proprietary documents in violation of the employer’s computer use policy. United States v. Nosal, No. 10-10038, 2012 U.S. App. LEXIS 7151 (9th Cir. Apr. 10, 2012).  The ruling … Continue Reading

Massachusetts Data Security Regulations: Your Company May Not Be Located There, But If Your Customers Are, You Need to Comply

Newly effective regulations promulgated under Massachusetts’ recent data security law, Mass. Gen. Law ch. 93H, have raised the bar for data security compliance, and they have a long reach. The regulations are national and international in scope, as they apply to all companies – wherever located– using personal data of Massachusetts residents. Although the deadline … Continue Reading
LexBlog