Tag archives: Internet of Things

The UK ICO updates its cookie guidance

By Lara White (UK) and Marcus Evans (UK) on July 10, 2019 Posted in Compliance and risk management

Norton Rose Fulbright - Data Protection Report blog

On 3 July 2019, the ICO published its updated guidance on the use of cookies and similar technologies. This came shortly after it updated the cookie consent collection mechanism on its own website. Much of the guidance is unsurprising and reflects what companies already do in practice. However, other parts of the guidance are likely … Continue reading

Discovery of New Internet of Things (IoT) Based Malware Could Put a New Spin on DDoS Attacks

By on November 3, 2017 Posted in Compliance and risk management, Cybercrime

Slightly over one year ago, several major distributed denial-of-service (“DDoS”) attacks took place, including a major event affecting the domain name service provider Dyn, which caused outages and slowness for a number of popular sites, including Amazon, Netflix, Reddit, SoundCloud, Spotify, and Twitter. Now, a new Internet of Things (IoT) botnet, called IoT Reaper, or … Continue reading

US Senators introduce IoT cybersecurity bill

By Anna Rudawski (US) on August 3, 2017 Posted in Compliance and risk management, Regulatory response, Vendor management and transactions

Data Protection Report - Norton Rose Fulbright

On August 1, 2017, US Senators unveiled a bipartisan bill to mandate baseline cybersecurity requirements for internet connected devices purchased by the federal government. Recent attacks demonstrate that connected devices, which make up the Internet of Things (“IoT”), can paralyze websites, networks, and even components of critical infrastructure. The draft bill, introduced by a bipartisan … Continue reading

NIST Releases Internet of Things (IoT) Security Guidance

By on January 30, 2017 Posted in Compliance and risk management

Late last year, the National Institute of Standards and Technology (“NIST”) released Special Publication 800-160 (the “Guidance”) on implementing security in Internet-of-Things (“IoT”) devices. The Guidance was released following several highly-publicized distributed denial-of-service (“DDoS”) attacks in 2016 and is intended to provide a framework for software engineers to better address security issues and to develop … Continue reading

Legal Implications of DDoS Attacks and the Internet of Things (IoT)

By on December 5, 2016 Posted in Cybercrime

Several significant distributed denial-of-service (“DDoS”) attacks have taken place in the last few weeks, including a major event involving a domain name service provider (Dyn), which caused outages and slowness for many popular sites like Amazon, Netflix, Reddit, SoundCloud, Spotify, and Twitter. This significant attack came on the heels of two major DDoS attacks against … Continue reading

Major DDoS Attacks Signal Need for Strengthened Cyber Defenses

By Daniel Leslie (CA) on November 3, 2016 Posted in Compliance and risk management, Cybercrime

On Friday, October 21, a series of Distributed Denial of Service (DDoS) attacks were launched against the servers of Dyn, a major DNS host. DNS hosts operate in a manner akin to a switchboard for the Internet, helping to route domain names (e.g., dataprotectionreport.com) to underlying IP addresses (e.g., 104.28.6.115). By attacking Dyn, hackers were … Continue reading

Caution ahead – Internet of Things and cyber insurance – A talk with Chris Valasek, the “Jeep Hacker” event

By on January 7, 2016 Posted in Compliance and risk management

Data Protection Report - digital privacy, CCPA and cybersecurity

On Thursday, January 28, Boris Segalis and David Navetta, who co-chair Norton Rose Fulbright’s Data Protection, Privacy and Cybersecurity practice in the US, invite you to join Chris Valasek, security lead at Uber Advanced Technology Center and recognized “Jeep Hacker,” along with a panel of our cybersecurity professionals, for an intimate discussion on the revolutionary possibilities … Continue reading

Health information privacy and security: New compliance considerations in an era of increased interconnectivity – web seminar

By on September 30, 2015 Posted in Compliance and risk management

On Tuesday, October 6, 2015, Norton Rose Fulbright attorneys Boris Segalis, Mark Faccenda and Kimberly Gold will present a health information privacy and security web seminar focused on compliance risks and obligations surrounding connected medical devices and healthcare data.… Continue reading

The Security, Privacy and Legal Implications of the Internet of Things (“IoT”) Part one – The Context and Use of IoT

By on May 19, 2015 Posted in Compliance and risk management, Data breach

Disrupted, yet again. The world is fast preparing for the invasion of objects connected to the Internet, otherwise known as the Internet of Things (“IoT”). IoT is here, and it will revolutionize how both individuals and corporations interact with the world. In this multi-part series we will explore this quickly evolving revolution and the privacy … Continue reading

FTC issues new privacy and security report on the internet of things

By on January 27, 2015 Posted in Compliance and risk management

In advance of what will likely be a flood of interconnected devices to soon hit the market, the Federal Trade Commission (“FTC”) today announced the release of a new report on the Internet of Things (the “Report”). Focusing on privacy and security, the FTC makes several suggestions to companies developing Internet of Things devices that are marketed … Continue reading