Cloud Data Usage

Cloud storage of data for business brings efficiencies and as well could bring unbeknown reasons for concern.  Transmitting data through varied network in daily process comes with numerous issues regarding security, privacy and the amount that is being transmitted, i.e., load.  Data is not static and neither is how it could be directed for load…

Cybersecurity Responsibility

Cyber aspects of business functions involving the Internet, email network systems, and cloud platform usage are related to the need for data security.  Cybersecurity responsibilities are, at times, not met with the requisite level of diligence for compliance in managing data and transfers in daily work process.  Standards for compliance, for many businesses, institutions, and…

Internet Cybersecurity and Data Security

Internet news events are reported daily about computer abuse, hacking, data theft and malware, nationally and internationally.  The concept of cybersecurity, as a term, appears bounced around by writers, scholars, politicians, and news media, short of carefully determining what it encompasses and how cybersecurity relates to the Internet.  Around the world the term is used…

Data Privacy

Data protection sought in daily entity operations and in its actual delivery of services, should coexist with the responsibilities for consumer data privacy.  This second piece follows its previous writing which addressed the coexistence of protection and privacy from an institutional perspective.  In furtherance of that theme, this piece will touch upon the organizational aspect involved to see…

Doxxed Personal Internet Information

Doxxed personal information is startling to many. There is a lot to be said about the amount of information available on the Internet.  Many are surprised on how their information got on the Internet and the ease with which public information and personal information can be retrieved and researched.  It goes without saying about how…

Cybersecurity Rule Setting the Mark

Cybersecurity rule ideas, so far, have been piecemeal throughout the United States despite the numerous efforts.  Opposite to the European Union’s efforts through their General Data Protection Regulation (GDPR) initiative, in the U.S. we have no such thing.  We do have bolstering amendments to Gramm-Leach-Bliley Act, embodied in the Consumer Data Security and Notification Act…

Internet of Things Security Claims

Internet of Things security claims have caught the attention of lawmakers and regulators. The Internet has been interesting to follow and work with as a realm of process and information exchange.  As the devices used to transmit information increase in our lives and work, protecting what is transmitted from unwanted eyes is not necessarily going…

Data Security Negligence

Data security responsibilities are, at times, not met with the requisite level of diligence for compliance.  Standards for compliance, for many businesses, institutions, and service entities, are not as specified as one would be drawn to believe.  The disjuncture between responsibilities and efforts are becoming more evident with passing days as cyber incidents leave alarming…

Cyber Security Claims

Cyber security claims are seldom tempered with an entities acknowledgement of its insecurity of electronically stored information (ESI) and its handling of consumer personal identifying information (PII).  Their efforts and planning executed, though they may be diligent, cannot anticipate cyber incidents and breach incidents nor should their efforts to prevent them be overstated.  All attention…

Trade Secrets in Databases

Database as a Trade Secret Trade secrets in database records fall victim to many who seek the potential value of stored records from a variety of entities, either from government agencies and competitor businesses, to also include medical and financial enterprises, and even from their own employer or client.  Intruding into another’s database is becoming…

Website Crawling and Data Scraping Thoughts

Website crawling and data scraping have burdened the growth of e-commerce as website owners are witnessing their data scraped.  The legal questions have lingered.  Many questions stand out.  The prevalence of crawling and scraping has become too of the norm for those using web content for business, research, or marketing purposes. The common theme is…

Data Security Practices

Data security practices are increasingly becoming a theme among management and employees in the administration of business and their daily work process.  The common element in data breaches is the element of human negligence, training or the underestimation of needed attention.   The extent that incidents are occurring, information technology personnel and operations personnel are finding…

Data Breach Notification and the Ransomware HIPAA Question

Notification of a data breach is a worrisome step of any governmental entity, association, medical office, law office, data management entity, and even of a school or university. The provisions that attempt to address this progressing act of cyber attempts to acquire data, of any sort, are evolving.   An initial reaction to an incident is…

Data Breach Insurance

Data breach insurance is becoming a growing concern and a topic for businesses to address their risk management administrative panoply. Considerations may sway a business towards a third-party insurance coverage or a first-party insurance coverage or both depending on the services provided.  Previously posted writing regarding the cyber insurance needs, we discussed the limits that…

Computer Abuse by Password Sharing

Computer abuse can occur by the simple act of password sharing to gain access to a computer and its network. Password sharing for use of a computer is seldom realized as a wrongful use.  It is as well not realized by many account holders that sharing their account passwords or access passwords is as well…

Cloud Storage of Data Across Borders

Cloud storage of data for business brings efficiencies and as well could bring unbeknown reasons for concern.  Data is not static and neither is how it be directed for load balancing.  It is not only stored, it is shared via transfers and as such it is accessed by users. How the data is accessed and…

Cloud Service Agreement Considerations – Business and Legal Issues II

Cloud service agreement considerations are many but few are addressed when cloud subscription services are sought.  In previous posts on this subject, the emphasis was on having an exit strategy[1] and embracing the possible regulatory requirements.[2]  A business’ or an institutions’ data could be at the mercy of the cloud service provider (CSP).  The growth…

Data Security Law and Internet Security Law

Lorenzo Law Firm is a presenting vendor at the Safety, Security, and Survival Expo in North Florida.  As data security law issues are presented, factors to considered will be discussed.  Everyone’s day to day interactions exposes them to privacy issues.  Whether one is at the doctor’s, taking the car to the shop, filling out an…

Cloud Computing Service Considerations

Cloud computing service considerations are developing as the concept catches on.  Incidents of a breach, contract disputes, hacking, and ongoing lawsuits are serving the way for conditions to be highlighted.  Nascent, cloud computing contracts were conceived as a data storage solution for businesses, municipal entities, and state organizations.  So long as remote access was guaranteed,…

Internet Security – Passwords’ Way into a Life

Internet account security and weak passwords are all too common when causes to cyber incidents are investigated.  The ease of use of one’s birthdate, anniversary, and the incredibly savvy use of ‘admin’ or ‘password’, not to mention ‘12345,’ has gotten many in a serious predicament.  Not following through on login processes and seeking shortcuts has…

Internet, Internet of Things and Cyber Threats

Internet of Things or “IoT,’ as commonly referred to, have proliferated our culture and will continue as they acquire growing attention with functionality and ease.  Their attraction is in their usefulness engendering efficiency, productivity, and an expectation of enhancing one’s fitness and along with self-awareness. The idea of IoT has brought the attention of platform…

Trade Secrets Extraordinary Provisions

Trade secrets are going to be dealt differently now that the President has signed into law the new Defend Trade Secrets Act (DTSA).  Through the bipartisan efforts of Sen. Orrin Hatch, R-Utah, and Sen. Choons, D-Del., DTSA is meeting the desired measure that has long been sought by businesses to address the delicate nature of…

Data Security and the Internal and External Cyber – Insecurity

Data security and the insecurity of electronically stored information (ESI) is ephemeral and any anticipation of its occurrence or origin is absolutely unpredictable.  All attention is always on the external incidents but little is focused on the internally sourced infraction.  Seldom do entities envision the internally sourced incident.  The risk from internal unauthorized access to…

Ransom Seeking Malware, What to know and Do

Ransom seeking malware is nefarious and it comes in different flavors.  The hedge of control is to hold hostage vital information within your network in exchange for compensation.  Healthcare providers, financial institutions, and government entities have been the victim.  Its variants and its methods are complicated means of affecting ways an entity accesses its information…

Data Security Relevance to More than Just PII

Data security relevance is customarily popping up in everyday life, business, and in our system of society.  To think that billions use handheld devices for entertainment, staying informed of news, and to also be able to know where they are and where they are going, there is another segment of our network life infrastructure, growingly…

Data Security Breaches Settled and Filed

Data security breaches are becoming too common for comfort and ease as we engage in daily as participants in the marketplace.  Companies, governmental institutions, nonprofits, and organizations are quickly learning that cyber incidents could be a day away.  If they claim that their information is secure their claim can be checked and they can be…

Internet of Things, Risks and Security

Internet of things and the interconnectedness of devices has inherent drawbacks.  Initially, the convenience of using interconnected devices overcomes the awareness of the lack of control over the information that is gathered about their use.  The convenience and allure of the novelty of Internet of Things catch everyone’s whim to acquire the latest. But unfortunately,…

Consumer Data Security Claims Monitored

Consumer data security claims by many businesses seek to settle the fears and doubts of many consumers engaging in electronic payments.  Those representations should be tempered with an accurate description of its practices to keep consumer information and transaction data secure.  Several agencies have been tasked with a different scope of authority.  Data security has…

Privacy Issue of FCC over ISPs

Privacy is a late to-come-by issue of the Federal Communications Commission (FCC) as Internet Service Providers (ISP) were reclassified.  As part of the push for net neutrality, ISPs were soon to be treated as common carriers by the FCC.  This has left the door open for broadband providers to access customer information that is proprietary…

Cyber Security Events and Lessons of 2015

The process of cyber security is an everyday occurrence in every entity, from government to small and large enterprises.  A handful of events took place in 2015, each shedding a lesson or two going forward.  Counseling clients on requirements always involves sharing best practices, despite them not being a guarantee.  But always the focus is…

How Private is our Privacy

Privacy may not be as private as we would consider, and not much more than what we are capable of to keep private, as long as we live a cyber life.  Take for instance, the wearables that caught the craze throughout 2015 and became a popular item to buy at Christmas and other items that…

Cloud Technology Use for a ‘God View’

Uber’s cloud technology use for a ‘God view’ was exciting to experience among its employees.  With every innovative creation there is always the bit of excitement and a bit of dreaming of the capability devoid of cognition for security and for its ramifications.  To insert concepts of security and considerations of ramifications is a downer,…

Cybersecurity Breach Aftermath with FTC

Cybersecurity and cybersecurity breach are difficult topics to discuss with clients because of the unknown variants and for their simple trepidation toward addressing the vulnerabilities and investing the capital for prevention and training.  From internal planning involving establishing a process to addressing external intrusion possibilities they tend to be cumbersome for a company’s administration to…

Cybersecurity, Internet of things in the Last Quarter

Cybersecurity and internet of things did capture Capitol Hill in this last quarter of 2015, pardon the football metaphor, and needless to say net-neutrality as well.  With physical objects being interconnected and collecting user data and sharing data as well, regulators and privacy groups saw the improved efficiency accompanied with the torment of loss privacy…

Cloud Service Use and Having an Exit Strategy

Cloud service uses, methods and liability considerations are all involved in an appropriately devised exit strategy for any enterprise.  This could be in the form of a backup method for redundancy in service delivery or data management.  For many businesses, the cloud use transitioning process is key for being able to maintain reliable services.  Minimizing…

Identity Theft Event Responses

Identity theft laws in states may vary by state but a notice requirement is common among them.  The frequency and extent of data breaches is staggering with the Identity Theft Resource Center (ITRC) recording over 700 breaches so far recorded in 2015 affecting roughly 200 million records.  The previous year, the ITRC recorded for 2014…

Crowdfunding and New Conditions

Crowdfunding, an Internet based means of raising capital is getting a lot of attention.  The attention it has garnered is not only from businesses resorting to it but from the SEC as well.  Crowdfunding is instrumental for startups and small business, but it has originally been a vehicle for fund raising for worthy and charitable…

Cybersecurity Buzz in Washington

Cybersecurity is at issue and a buzz in Washington with a bit of urgency and cluelessness.  From addressing anti-hacking methods to cyber security threat sharing, Congress, federal agencies, and the White House are trying to flatten their learning curve.  Private companies have been drawn in to give their two-bits and compare notes on cyber security…

Consumer Harm in Data Breach Cases

Consumer harm in data breach cases is a critical element to be proven.  Many cases are dismissed when standing is not established.   Commonly, the claims raised assert that some sort of reasonable and appropriate security measures to protect personal identifiable information in a company’s networks was not implemented. Any failure to do such is arguably…

Cloud Access Security Broker

As service providers and developers seek to encourage cloud service adoption, the role of a cloud access security broker, i.e., CASB, is seen as central to the effort.  The efforts to arrive at standard practices for cloud data security processes, are essential operational benefits of employing a CASB.  The role of a CASB is enhanced…

Cross Device Tracking

The Federal Trade Commission has noted that cross device tracking which is a consequence of the Internet of Things (IoT) falls essentially within its auspices.  Considering the concerns with transparency and the required notices to consumers, cross device tracking is just not getting attention for purposes of enhancing consumer protection.  The advertising industry representatives as…

Fate of the Internet

Life has changed with the Internet but it will change even more as the fate of the Internet is in court hands once again. The U.S. Court of Appeals for the D.C. Circuit will determine how Internet providers will change how we use the internet, what content will be permitted, and how we access and…

Personal Data Privacy in Wearable Tech

The industry is concerned with personal data privacy in wearable tech you buy and use. The personal data privacy in wearable tech that is collected has gotten the attention of the consumer electronic industry and have promulgated some guidelines.  They has set a voluntary standard of principles to follow. The CEA, Consumer Electronics Association has…

CISA

CISA The U.S. Senate passed the Cybersecurity Information Sharing Act (“CISA,” S. 754). In passing it had to consider a variety of issues before it regarding the amendments to CISA.  The proposed amendments of CISA have one goal in common, to enhance privacy and strengthen the privacy. One of the issues was to clarify the…

Net Neutrality European Points

Net Neutrality European Points Net neutrality European points are going before the EU Parliament soon where several proposals will be weighed.  The concept of an open internet without restrictions on traffic, how the networks manage traffic and how traffic is categorized is being considered in the EU Parliament.  There is a draft regulation proposed expressing…

Security of Internet of Things

The security of internet of things is unknowingly pervading our everyday life.  Items that can be remotely accessed for information, turned on to operate, adjust their operation settings, and process into a network are all fraught with vulnerabilities.  Security of internet of things is just becoming news worthy to some and ignored by great majority.…

Internet is Changing Business Models

Internet is changing business models on daily business operational practices from brick-n-mortar constructs to digital information transfers, from a letter or phone call to a “textmail” or “e-mail.” The process has brought a down scaling in what used to be large administrative organizations to efficient self-employed entrepreneurs. The latter is the future and it is…

Electronic Stored Information Business and Email Records

Electronic Stored Information Business and Email Records are a fundamental element in today’s business environment along with email records.  Today the great majority of business runs on computing information that is stored and shared, transferred, and collaborated on within a network.  Technological network where electronic stored information (ESI) serves as business records and communications by email…

Cloud Service Considerations – Business and Legal Issues

Software service – Data storage – Data Management – Internet Security Cloud service considerations – business and legal issues include many operational facets of a business’s management.   Each may have their own unique risks as well as benefits.  Cloud services are not new.  Remote access to business data has been part of business and…

Balancing Privacy and Encryption

There is no perfect security when balancing privacy and encryption. However, companies storing and collecting data are obliged to focus on higher protection levels. End user controls are receiving greater attention as events increase in frequency. The unfortunate aspect is the prevalence of naiveté about security among users of smartphones, laptops, tablets, and cloud applications.…

Social Media Information Used in Litigation

Social media use and its information is telling of someone and it is increasingly sought after in court cases where we see social media information used in litigation. Many times social media accounts are a well-spring of vital information that can tip a case on its head. The information can reveal truthfulness or the lack…

Personal Data Privacy and Consumer Privacy Bill

Personal data privacy and Consumer Privacy Bill may meet to give people more control over their personal information is in the horizon. Concern however remains with companies and data brokers having discretion. The proposed Consumer Privacy Bill of Rights Act, sets some requirements on companies that process personal information. The idea is to establish some…

Data Protection Harm

Data Protection Law – Consumer Protection Law Data protection harm has become key in courts determining standing in data breach cases.  Data protection harm was analyzed in a case involving breaches and hacking of personal information.  The 7th Circuit’s attention was drawn where it reversed a district court ruling holding that where future harm suffices…

Internet Privacy – Florida Privacy Protection Act

Internet Privacy Law – Florida Internet Privacy Law The flow of information from internet usage and ‘ Internet of Things’  is easily accompanied with its collection and systemic use for other purposes. Digital profiles are created with every online user’s key stroke, site visited, and key word used. In 2015, the Florida Legislature addressed many…

Right To be Forgotten and Personal Information

The right to be forgotten and the availability of personal information is being debated in the European Union.  Google has been restricted by the EU high Court from having personal information accessible in its search process respecting the right to be forgotten. Yet, while information is not available about people on search vehicles provided by…

Internet Password Security

Internet password security is a growing concern about internet user’s privacy. Services provided address the management of passwords to enhance password security and privacy on the internet.  There are considerations.  Pros – they offer secure storage, sync usernames and passwords, help prevent password reuse with provide password reminders, identify emails used as identifiers, use email confirmation…

Concerns with Facial Recognition

The EU has concerns with facial recognition used in social media.  The concerns with facial recognition stems from technology being able to identify Facebook friends to whom users can then forward the photos. Canadian and European regulators are not favorable of social network’s use of facial recognition technology. The general concern is that with the…

Internet of Things and Google

Internet of things and Google is the theme underlining Google establishing an internet of things (Iot) central system called Brillo. Google Brillo is designed to run on and connect multiple low-power devices, connecting anything from a washing machine to a rubbish bin and linking in with existing Google technologies. The move is an expansion of the company’s…

Email Vulnerability

Email vulnerability to hackers has many cyber security experts concerned.  With the White house emails being hacked, along with the former Secretary of State’s in private servers, encrypted email system are too vulnerable to attack by sophisticated hackers who may be working for foreign powers. Obama carries a specially secured BlackBerry device for top-secret communications. It appears…