The UK Information Commissioner’s Office has issued a Monetary Penalty Notice to pensions release provider Grove Pensions Solutions Ltd, fining it £40,000 after the company used contact details collected by a third party for its direct marketing campaign.
Continue Reading UK ICO Fines Pensions Release Provider for Unsolicited Marketing Emails
UK ICO Fines Vote Leave £40,000 for Unsolicited Texts
The UK’s Information Commissioner’s Office has fined Vote Leave Limited (the UK’s official Brexit campaign) £40,000 for sending almost 200,000 unsolicited texts promoting the aims of the campaign.…
Continue Reading UK ICO Fines Vote Leave £40,000 for Unsolicited Texts
HHS Publishes Health Industry Cybersecurity Practices
The U.S. Department of Health and Human Services recently published “Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients,” which was developed by the Healthcare & Public Health Sector Coordinating Councils Public Private Partnership, a group comprised of over 150 cybersecurity and healthcare experts from government and private industry.…
Continue Reading HHS Publishes Health Industry Cybersecurity Practices
Sixth Circuit Declines Reconsideration of American Tooling Center’s “Spoofing” Win
Recently, the Sixth Circuit rejected Travelers Casualty & Surety Company’s request for reconsideration of the court’s July 13, 2018, decision confirming that the insured’s transfer of more than $800,000 to a fraudster after receipt of spoofed emails was a “direct” loss that was “directly caused by” the use of a computer under the terms of…
Second Circuit Stands By Medidata “Spoofing” Decision
The Second Circuit has rejected Chubb subsidiary Federal Ins. Co.’s request for reconsideration of the court’s July 6, 2018, decision, confirming that the insurer must cover Medidata’s $4.8 million loss under its computer fraud insurance policy.…
Continue Reading Second Circuit Stands By Medidata “Spoofing” Decision
FTC Study Recommends Wider Implementation of DMARC to Combat Phishing Attacks
On March 3, 2017, the FTC announced the results of a study about online businesses’ use of proper email authentication technology to prevent phishing attacks. …
Continue Reading FTC Study Recommends Wider Implementation of DMARC to Combat Phishing Attacks
House of Representatives Passes Email Privacy Act
On February 6, 2017, the House of Representatives suspended its rules and passed by voice vote H.R 387, the Email Privacy Act. The Email Privacy Act now moves to the Senate, where it will be considered by the Senate Judiciary Committee. …
Continue Reading House of Representatives Passes Email Privacy Act
Email Privacy Act Reintroduced in Congress
On January 9, 2017, Representatives Kevin Yoder (R-KS) and Jared Polis (D-CO) reintroduced the Email Privacy Act, which would amend the Electronic Communications Privacy Act to require government entities to obtain a warrant, based on probable cause, before accessing the content of any emails or electronic communications stored with third-party service providers, regardless of how long the communications have been held in electronic storage by such providers.…
Continue Reading Email Privacy Act Reintroduced in Congress
SEC Charges Chinese Traders with Trading on Information Stolen from Law Firms
On December 27, 2016, the Securities and Exchange Commission announced charges against three Chinese traders who allegedly made almost $3 million in illegal profits by fraudulently trading on nonpublic information that had been hacked from two New York-based law firms.…
Continue Reading SEC Charges Chinese Traders with Trading on Information Stolen from Law Firms
Court Rules Fraud Involving a Computer Is Not ‘Computer Fraud’ under Crime Protection Policy
On October 18, 2016, the United States Court of Appeals for the Fifth Circuit held in Apache Corp. v. Great American Ins. Co. that a crime protection insurance policy does not cover loss resulting from a fraudulent email directing funds to be sent electronically to the imposter’s bank account because the scheme did not constitute “computer fraud” under the policy. …
Continue Reading Court Rules Fraud Involving a Computer Is Not ‘Computer Fraud’ under Crime Protection Policy