Author Archives: Patrick X. Fowler

CCPA Updates: California AG Releases Proposed Regulations

Posted on: December 2, 2019 By: Al Chakravarty and Sarah S. Anand

On October 11, 2019, California Attorney General Xavier Becerra signaled his enforcement priorities and released the long awaited proposed regulations under the California Consumer Privacy Act (“CCPA”), which was signed into law on June 28, 2018 and goes into effect … Continue reading →

Posted in California, CCPA, Data Protection, Government Regulations, Personal Information, Privacy

Pennsylvania Supreme Court Rules that Employers Have an Affirmative Duty to Protect Workers’ Personal Data from Cybercriminals: Will Other States Follow?

Posted on: November 30, 2018 By: James Melendres and Sarah S. Anand

In a landmark decision with far-reaching implication, the Pennsylvania Supreme Court recently held that employers have an affirmative duty to protect their employees’ personal information from criminal hacking. In particular, on November 21, 2018, the court ruled in Dittman v. … Continue reading →

Posted in Cyber Security, Data Breach, Data Protection, Uncategorized | Tagged Data Breach, Data Protection, Employees, Employers, Hacking, Pennsylvania Supreme Court

FTC’s “Stick With Security” #8: Make Sure Your Service Providers Use Reasonable Security Measures

Posted on: October 19, 2017 By: James P. Melendres and Sarah S. Anand

On September 15, 2017, the FTC released its eighth “Stick with Security” principle, which offers advice that individuals and organizations should consider when hiring others to process sensitive data. A few tips for making sure those service providers implement reasonable … Continue reading →

Posted in Cyber Security, Data Protection, FTC

FTC’s “Stick With Security” #7: Apply Sound Security Practices When Developing New Products

Posted on: October 18, 2017 By: James P. Melendres and Sarah S. Anand

On September 8, 2017, the FTC released its seventh “Stick with Security” principle, which offered guidance regarding how companies incorporate security by design to prevent or minimize threats in the following ways: Train Your Engineers in Secure Coding Companies would … Continue reading →

Posted in Cyber Security, Data Protection, FTC

FTC’s “Stick With Security” #6: Protect Remote Access To Your Network

Posted on: October 17, 2017 By: James P. Melendres and Sarah S. Anand

On September 1, 2017, the FTC released its sixth “Stick with Security” principle, which highlighted the steps businesses can take to ensure that “outside entryways” into network systems are secure. Securing remote access to a network involves two aspects: Ensure … Continue reading →

Posted in Cyber Security, Data Protection, FTC

FTC’s “Stick With Security” #5: Segment Your Network And Monitor Who’s Trying To Get In And Out

Posted on: October 16, 2017 By: James P. Melendres and Sarah S. Anand

On August 25, 2017, the FTC released its fifth “Stick with Security” principal, which focused on how companies can protect their virtual “entrances and exits” and make life harder for hackers. The FTC believes that the kind of attention businesses … Continue reading →

Posted in Cyber Security, Data Protection, FTC

FTC’s “Stick With Security” #4: Store Sensitive Information Securely & Protect It During Transmission

Posted on: October 15, 2017 By: James P. Melendres and Sarah S. Anand

On August 18, 2017, the FTC released its fourth “Stick with Security” principle, which explained the importance of keeping confidential data only when needed, and securely storing the data when it must be kept. To that end, an essential security tool … Continue reading →

Posted in Cyber Security, Data Protection, FTC

FTC’s “Stick With Security” #3: Require Secure Passwords and Authentication

Posted on: October 13, 2017 By: James P. Melendres and Sarah S. Anand

On August 11, 2017, the FTC released its third “Stick with Security” principle, which touched on the necessity of strong authentication practices. Secure passwords and fortified authentication practices make it that much harder for hackers to “bluff” their way into … Continue reading →

Posted in Cyber Security, Data Protection, FTC

FTC’s “Stick With Security” #2: Control Access to Data Sensibly

Posted on: October 13, 2017 By: James P. Melendres and Sarah S. Anand

On August 4, 2017, the FTC released its second “Stick with Security” principle, which addressed the next step a company should take after it has identified confidential data in its possession and determined what information it needs to maintain for … Continue reading →

Posted in Cyber Security, Data Protection, FTC

“Stick With Security” – Getting Up to Speed With the FTC’s New Initiative

Posted on: September 28, 2017 By: James P. Melendres and Sarah S. Anand

Companies that have experienced data breaches or security hacks have subsequently found themselves the subject of enforcement actions by the Federal Trade Commission (“FTC”) for violating the FTC Act, due to inadequate protections and provisions that should have been in … Continue reading →

Posted in Cyber Security, Data Protection, FTC