Taylor Carroll | March 16, 2017 | Data Privacy
There have been reports of Customs and Border Protection (CBP) agents asking people entering the U.S. to unlock their electronic device and inspect it. More often than not, a refusal to hand over the device and passcode could result in it being seized and the person...
Taylor Carroll | January 25, 2017 | Data Privacy
In Minnesota v. Diamond, the Minnesota Court of Appeals affirmed that an order requiring a suspect to provide his fingerprint to unlock his cellphone was constitutional. The suspect’s attorney argued that the court violated his client’s Fifth Amendment right against...
Andrew J. Ruxton | January 23, 2017 | Data Privacy
University of Pittsburgh Medical Center (UPMC) maintained a human resource database containing current and former employees’ names, dates of birth, social security numbers, tax information, addresses, salaries, and bank information. Hackers breached the database...
Mark L. Krotoski, Pulina Whitaker and W. Scott Tester | January 11, 2017 | Data Privacy
A key issue in determining whether notification is required following a data breach is whether “personal information” (PI) was acquired by an unauthorized person. US states vary significantly in defining what information qualifies as PI.1 As part of a recent trend,...
Thomas Dawson and Yuliya Feldman | January 4, 2017 | Data Privacy
The New York Department of Financial Services has released an extensively revised cybersecurity regulation applicable to the wide variety of financial services companies regulated by the NYDFS. Released on December 28, 2016, the revised regulation makes multiple...
Orin S. Kerr | December 9, 2016 | Data Privacy, Sentencing
This article argues that the existing regime for sentencing violations of the Computer Fraud and Abuse Act (“CFAA”) is based on a conceptual error that consistently leads to improper sentencing recommendations. The Federal Sentencing Guidelines treat CFAA violations...
