Tag: Cybersecurity

Cybersecurity, Regulatory

New State Privacy Laws Effective in 2023: Get Ready For the Colorado, Connecticut, and Utah Privacy Laws

Written by Susan Kohn Ross, Lucy Holmes Plovnick, and Stacey Chuvaieva Colorado, Connecticut, and Utah have enacted comprehensive state privacy laws that will become effective in 2023.  The Colorado Privacy Act (“CPA”) and the Connecticut Data Privacy Act (“CTDPA”) both go into effect on July 1, 2023. The Utah Consumer Privacy Act (the “UCPA”) becomes effective on December 31, 2023.  The UCPA, CTDPA, and CPA … Continue reading New State Privacy Laws Effective in 2023: Get Ready For the Colorado, Connecticut, and Utah Privacy Laws

mskllpLeave a comment
Cybersecurity, Regulatory

Getting Ready For Virginia’s Consumer Data Protection Act (VCDPA)

Written by Susan Kohn Ross, Lucy Holmes Plovnick, and Stacey Chuvaieva On November 21, 2022 we reported about the changes taking place to California’s Consumer Privacy Act (here) which are effective January 1, 2023. In this Alert, we turn to the Virginia Consumer Data Protection Act (VCDPA) which takes effect on January 1, 2023. Inspired by the European GDPR, Virginia’s state privacy law aligns with its … Continue reading Getting Ready For Virginia’s Consumer Data Protection Act (VCDPA)

mskllpLeave a comment
Cybersecurity, Regulatory

New York’s Department of Financial Services Initiates Its First Enforcement Action Under Its 2017 Cybersecurity Regulations

Written by Timothy M. Carter Following a publicized commitment to increased cybersecurity enforcement, the New York Department of Financial Services (“NYDFS”) initiated its first enforcement action against First American Title Insurance Co. (“First American”) on July 22, 2020. Stemming from First American’s alleged failure to adequately safeguard highly confidential, personal consumer information – including bank account numbers and statements, mortgage and tax records, Social Security … Continue reading New York’s Department of Financial Services Initiates Its First Enforcement Action Under Its 2017 Cybersecurity Regulations

mskllpLeave a comment
Cybersecurity, Regulatory, Videos

MSK Minute: Su Ross and Tim Carter Discuss Contact Tracing

In this video, MSK attorneys Susan Kohn Ross and Timothy Carter discuss contact tracing: what it is, what it means for employers and employees, and the impact it may have on your privacy right. If you are interested in learning more broadly about contact tracing or have any questions on this topic, please email Su at skr@msk.com or Tim at tmc@msk.com. Continue reading MSK Minute: Su Ross and Tim Carter Discuss Contact Tracing

mskllpLeave a comment
Cybersecurity, Regulatory

Amidst A Pandemic, New York Quietly Implements Its Enhanced Data Security Law

Written by Susan Kohn Ross and Timothy Carter

While much attention and focus has rightly been placed on the California Consumer Privacy Act and the dramatic expansion of privacy rights for California residents that it heralds, a number of other states have quickly followed suit, working to strengthen their respective data security and privacy laws.  Signed into law on July 25, 2019 by Governor Andrew Cuomo, New York enacted the Stop Hacks and Improve Electronic Data Security Act (the “SHIELD Act” or the “Act”).  The SHIELD Act amends New York State’s data breach notification law, by broadening existing the state’s data breach notification requirements and requires covered businesses to have “reasonable” data security safeguards. Continue reading “Amidst A Pandemic, New York Quietly Implements Its Enhanced Data Security Law”

mskllpLeave a comment
COVID-19, Cybersecurity, Regulatory

Tracing Concerns

Privacy Protection Acts Introduced in Connection with Contact Tracing

Written by Susan Kohn Ross and Timothy Carter

Across the globe, governments are harnessing surveillance-camera footage, mobile location data, and consumer purchase records to help track the recent movements of coronavirus patients, monitor those potentially exposed, and establish virus transmission chains. In China, for example, the government has installed surveillance cameras outside and inside quarantined individuals’ homes. A few thousand miles away, Israel’s internal security agency is primed to mine a cache of mobile phone location data, initially collected for counterterrorism operations, in order to pinpoint possible COVID-19 exposure among its citizens. Continue reading “Tracing Concerns”

mskllpLeave a comment
COVID-19, Cybersecurity, Regulatory

Privacy Takes Many Forms

Written by Susan Kohn Ross and Timothy Carter

Amazon’s Alexa, Google devices such as Google Assistant and Google Home, Apple’s Siri, and Microsoft’s Cortana are now commonplace in many homes. These devices and other lesser-known counterparts allow users to control nearly everything in their homes with only their voice. That convenience, however, comes at the cost of some degree of privacy. While seldom viewed as presenting a live microphone inside one’s home or office, these otherwise passive listening devices begin recording upon initiation of a verbal cue. While the use (or even presence) of such voice assistants may present privacy concerns when used in consumers’ homes, with millions of people working remotely across the world due to COVID-19, these potential privacy concerns can quickly escalate to a much broader concern, especially for attorneys, who, as we discussed earlier, are bound to maintain confidentiality regarding information concerning the representation of their clients. But this concern extends far beyond “just” attorneys, because so many business dealings involve the exchange of confidential information. What one thinks of as a private or confidential discussion with a business partner is now taking place at home, perhaps with others around, but all too frequently in close proximity to these devices. Continue reading “Privacy Takes Many Forms”

mskllpLeave a comment
COVID-19, Cybersecurity, Regulatory

Careful With The Remote

Cybersecurity Concerns with Remote Work

Written by Susan Kohn Ross and Timothy Carter

While likely not the first topic that comes to mind amidst a global pandemic, organizations and businesses that now find themselves entirely (or almost entirely) remote would be remiss not to consider the potential data and cybersecurity issues raised by this sudden and unexpected shift to remote work. For much of the country, COVID-19 has resulted in an abrupt shift in the way we work. Even for those businesses that maintained robust work-from-home policies and systems, this shift presents a learning curve. The more traditional data and cybersecurity concerns ever-present in normal business operations are compounded by the difficulties presented by an extensive remote workforce. Preoccupied remote workers can be more susceptible to online threats such as phishing emails or malware and ransomware, thereby “opening the door” and providing unauthorized access to bad actors. The other, often lesser considered concern is accidental disclosure of confidential business information. Continue reading “Careful With The Remote”

mskllpLeave a comment
COVID-19

COVID-19 Client Communication

As the COVID-19 crisis rapidly evolves, the health and safety of our employees, clients and our communities remain our highest priority. We wanted to share with you what we are doing as a firm. We have instructed attorneys and staff in all of our offices to work remotely (with rare exception for certain critical functions). This is happening seamlessly as part of our business continuity plan. We have been working round-the-clock in counseling clients on today’s mission-critical issues, from employment to immigration to tax, as it relates to the outbreak of COVID-19. Like you, we are constantly monitoring the situation, and we will provide additional updates in the coming days and weeks as appropriate. In the meantime, we want you to know that our thoughts are with you and your families, and we hope that you remain healthy and safe.

In an effort to support you during these uncertain times, we have assembled a firm-wide COVID-19 response team from all of our practice areas. For the coming weeks, and starting today in this alert, we intend to send a consolidated communication alert on a regular basis that touches on breaking news and relevant items that could affect you or your business across a range of topics. If there is anything else that we can do to help you during this challenging time, please do not hesitate in reaching out.

Continue reading “COVID-19 Client Communication”

mskllpLeave a comment
COVID-19, Cybersecurity, Labor & Employment, Regulatory

Telecommuting? Buckle Up

Are Your Employees Telecommuting Now? COVID-19 and Cybersecurity Concerns for Businesses

Written by Jeremy Mittman and Susan Kohn Ross

A topic of immediate concern to businesses that has not received a great deal of attention (but should) is cybersecurity. There are unscrupulous people out there who will try to take advantage of the situation! This is especially worrisome with the increased usage of telecommuting to facilitate business continuity.

Within the Dept. of Homeland Security sits the Cybersecurity and Infrastructure Security Agency or CISA which is “responsible for protecting the Nation’s critical infrastructure from physical and cyber threats.” CISA, through its National Cyber Awareness System, released Defending Against COVID-19 Cyber Scams, see here for the full text.  In short, beware of emails with malicious attachments and hyperlinks. Also be careful about social media pleas, texts and calls having to do with COVID-19.

The NCAS recommends:

Continue reading “Telecommuting? Buckle Up”

mskllpLeave a comment