Publication

Privacy & Cybersecurity Newsletter

February 2016

Locke Lord’s Privacy & Cybersecurity Newsletter provides topical snapshots of recent developments in the fast-changing world of privacy, data protection, and cyber risk management. For further information on any of the subjects covered in the newsletter, please contact one of the members of our privacy and cybersecurity team.

To read the Locke Lord Privacy & Cybersecurity Newsletter, click here.

In This Issue

California Attorney General Defines Minimum Requirements for 'Reasonable Cybersecurity'
California has now weighed in on the definition of “reasonable” security and minimum security requirements for all businesses through the California Attorney General’s 2016 Data Breach Report. read more

OCR for the Win: Lincare, Inc. HIPAA Enforcement Action
For the second time in history, on January 13, 2016, an Administrative Law Judge (ALJ) upheld the imposition of civil money penalties charged against a covered entity by the Office of Civil Rights in the Department of Health and Human Services (OCR) for violations of the Health Insurance Portability and Accountability Act of 1996, as amended (HIPAA). read more

A Common Standard for Evaluating Cyber Risk - Insurers Walk the Walk
Insurers have struggled to find a common baseline to measure cyber risks. Changes in technology, hacking and other data security risks and the shifting legal landscape concerning liability for data breaches have made the terrain particularly uncertain. read more

Testing the Limits - Cyber Coverage Litigation Update
The growing percentage of businesses that purchase cyber security and data privacy insurance portends a growing number of claims and, inevitably, litigation over some of those claims. read more

Rhode Island Amends Identity Theft Protection Act
Rhode Island recently amended its 10-year-old Identity Theft Protection Act effective June 26, 2016, further defining and refining existing data security and breach notification requirements, and adding a requirement to notify the Rhode Island Attorney General of certain breaches. read more

Executive Action: Obama Administration Budgets for Cybersecurity
On February 9, 2016, the Obama administration released its final budget, which includes a request for $19 billion to fund the Cybersecurity National Action Plan (CNAP). read more

President Obama Signs Cybersecurity Act of 2015 into Law
On December 18, 2015, President Obama signed into law the Federal Cybersecurity Act of 2015 (the Act). read more

Sixth Circuit Rules 10 Weeks of Camera Monitoring from Public Utility Pole Does Not Require a Warrant
A panel of the United States Court of Appeals for the Sixth Circuit ruled earlier this month in a case styled U.S. v. Houston (No. 14-5800) that a warrant was not required under the Fourth Amendment for federal agents to gather evidence of a defendant's activities in which he, according to the court, did not have a "reasonable expectation of privacy," despite the activities taking place on private property where the defendant lived. read more

Should Apple Always Have a Key to All iPhone Data? To Some iPhone Data?
On February 16, 2016, U.S. Magistrate Judge Sheri Pym of the U.S. District Court for the Central District of California issued an Order under the All Writs Act directing Apple Inc. to cooperate with efforts by the Federal Bureau of Investigation to access the contents of an iPhone used by Syed Farook, a deceased alleged gunman in a shooting spree that left 14 dead in San Bernardino, California. read more

New Safe Harbor Agreement for EU Data Transfer Announced
Companies are relieved that there will now be a new Safe Harbor for cross-border transfer of personal data from Europe to the U.S. read more