Supreme Court Limits Scope of Computer Fraud and Abuse Act
It is a common story: An employee who knows he is about to leave his employer for a competitor uses his last days of computer access to download (or email himself) confidential information from his employer’s network. Once his employer discovers the misappropriation, the employee has moved on to his … Read More
Fund Managers Targeted in Sophisticated Cyberattacks
There has been a spike in 2019 of targeted cyberattacks against Asia-based fund managers, especially those in a startup phase of business. Regulators worldwide, including the Securities and Futures Commission of Hong Kong, have issued guidelines for reducing and mitigating hacking risks. This post summarizes the practical measures that may … Read More
In an Eagerly Anticipated Decision, the Ninth Circuit Sides With Web Scrapers
For years, companies seeking to block web scrapers from collecting the information on their website would invoke the Computer Fraud and Abuse Act (CFAA), a U.S. law that criminalizes accessing a computer “without authorization.” But the U.S. Court of Appeals for the Ninth Circuit has now ruled that merely instructing … Read More
Georgia Governor Vetoes Broad-Reaching Computer Crime Bill, Highlighting Debate Around Bug Bounty Programs
On May 8, Georgia Governor Nathan Deal announced that he was vetoing Senate Bill 315 (“SB 315” or “the bill”), cybersecurity legislation that would have expanded the criminalization of “unauthorized computer access” to capture, in addition to traditional hacking, activity that opponents warned is necessary to robust private and public … Read More
Northern District of California Enjoins LinkedIn from Preventing Scraping of Public User Profiles
In a decision that may have profound implications for social media companies, the big data industry and website terms of use everywhere, Judge Edward Chen of the Northern District of California granted hiQ Labs’ motion for preliminary injunction on August 14, 2017, enjoining LinkedIn from “preventing hiQ’s access, copying, or … Read More
FBI Issues Guidance on Ransomware Response
On April 29, 2016, the FBI published an alert regarding “Incidents of Ransomware on the Rise.”
The piece provides FBI guidance on how to protect organizations, as well as the FBI’s recommendation not to pay the ransom (though in practice, they have acknowledged that it may be necessary … Read More
Defend Trade Secrets Act Offers a New Response to Cyber Intrusions
Companies may soon have a new way to respond to hacking. On Wednesday, April 27, the House passed the Defend Trade Secrets Act (“DTSA”) by a vote of 410-2. The bill has already been approved by the Senate and has the Obama administration’s support, which means little stands in the … Read More
President Takes Action On Cybersecurity
President Obama today unveiled a “Cybersecurity National Action Plan.” The administration’s proposed budget includes $19 billion for cybersecurity spending, $3 billion of which will be devoted to updating agency systems. The plan includes the creation of a Federal Chief Information Security Officer to guide the implementation of increased … Read More
Patient Access and Medicare Protection Act
On December 28, 2015, President Obama signed into law S. 2425, the Patient Access and Medicare Protection Act (the “Act”). In addition to provisions intended to ensure that Medicare reimbursement policies promote continued access to certain durable medical equipment, like wheelchair accessories, the Act includes provisions that affect adoption of … Read More
OFAC issues Cyber-Related Sanctions Regulations
In the aftermath of the cyber attack on the Office of Personnel Management and the significant loss of corporate intellectual property, the U.S. government has announced new tools to respond to and to deter such harmful attacks. On December 31, 2015, the Department of the Treasury’s Office of Foreign Assets … Read More