Featured

Down But Not Out - States Point the Way to How the FTC Might Recover from the 11th Circuit’s LabMD Decision

In a classic story of “it’s never over until it’s over,” cybersecurity David LabMD challenged the FTC’s Goliathan ability to issue sweeping orders in relation to security concerns under Section 5(a) of the Federal Trade Commission Act.  LabMD had lost its challenge of the FTC’s underlying authority to issue such orders, but continued in its fight, ultimately challenging the wording of the FTC’s form order itself.  And LabMD ultimately won in a landmark decision that can be found here.

Continue reading

Featured

Second Equifax Employee Charged with Insider Trading Following Data Breach

On June 28, 2018 the Department of Justice (“DOJ”) and the Securities and Exchange Commission (“SEC”) announced parallel criminal and civil charges against Sudhakar Reddy Bonthu, a former software development manager, for selling his shares of Equifax stock before Equifax publicly announced that it had suffered an immense data breach

Continue reading

Featured

The Risk in Your (Unprivileged) Risk Assessment

As cybersecurity regulatory frameworks mature, the move has been toward risk-adjusted security requirements rather than prescriptive controls mandated by a legislature or administrative agency.  This makes sense, of course, for two primary reasons. 

Continue reading

Featured

Spreading the word about cyber regulatory risk

So far 2018 has been a whirlwind of cyber regulatory activity, from the commencement of GDPR to new state-law data breach requirements to the New York State Department of Financial Services first compliance self-certification deadline. The complexity of the cyber legal landscape is only increasing, and in an effort to keep our clients ahead of the regulatory curve, the HSE Privacy and Data Security team has been on the road, spreading the word about cyber regulatory risk.

Continue reading

Featured

Altaba, Formerly Yahoo, Settles Data Breach with SEC for $35 Million

On April 24, 2018 the Securities and Exchange Commission (“SEC”) announced a settlement with Altaba, Inc., formerly Yahoo! Inc., for misleading investors by failing to disclose a data breach in which Russian hackers stole data for hundreds of millions of Yahoo accounts.  This settlement and penalty, the first by the SEC following a data breach, comes in the wake of recent SEC guidance on cybersecurity risks and disclosures.

Continue reading

Disclaimer

This website presents only general information not intended as legal advice. Although we encourage calls, letters and emails from prospective clients, please keep in mind that merely contacting Harter Secrest & Emery LLP (HSE) does not establish an attorney-client relationship between us. Confidential information should not be sent to HSE until you have been notified in writing by HSE that a formal attorney-client relationship has been established. Information sent to us before then may not be treated as confidential by HSE or the court.

I have read this and agree     Cancel