On 3 July 2019, the ICO published its updated guidance on the use of cookies and similar technologies. This came shortly after it updated the cookie consent collection mechanism on its own website. Much of the guidance is unsurprising and reflects what companies already do in practice. However, other parts of the guidance are likely … Continue reading
Slightly over one year ago, several major distributed denial-of-service (“DDoS”) attacks took place, including a major event affecting the domain name service provider Dyn, which caused outages and slowness for a number of popular sites, including Amazon, Netflix, Reddit, SoundCloud, Spotify, and Twitter. Now, a new Internet of Things (IoT) botnet, called IoT Reaper, or … Continue reading
On August 1, 2017, US Senators unveiled a bipartisan bill to mandate baseline cybersecurity requirements for internet connected devices purchased by the federal government. Recent attacks demonstrate that connected devices, which make up the Internet of Things (“IoT”), can paralyze websites, networks, and even components of critical infrastructure. The draft bill, introduced by a bipartisan … Continue reading
Late last year, the National Institute of Standards and Technology (“NIST”) released Special Publication 800-160 (the “Guidance”) on implementing security in Internet-of-Things (“IoT”) devices. The Guidance was released following several highly-publicized distributed denial-of-service (“DDoS”) attacks in 2016 and is intended to provide a framework for software engineers to better address security issues and to develop … Continue reading
Several significant distributed denial-of-service (“DDoS”) attacks have taken place in the last few weeks, including a major event involving a domain name service provider (Dyn), which caused outages and slowness for many popular sites like Amazon, Netflix, Reddit, SoundCloud, Spotify, and Twitter. This significant attack came on the heels of two major DDoS attacks against … Continue reading
On Friday, October 21, a series of Distributed Denial of Service (DDoS) attacks were launched against the servers of Dyn, a major DNS host. DNS hosts operate in a manner akin to a switchboard for the Internet, helping to route domain names (e.g., dataprotectionreport.com) to underlying IP addresses (e.g., 104.28.6.115). By attacking Dyn, hackers were … Continue reading
On Thursday, January 28, Boris Segalis and David Navetta, who co-chair Norton Rose Fulbright’s Data Protection, Privacy and Cybersecurity practice in the US, invite you to join Chris Valasek, security lead at Uber Advanced Technology Center and recognized “Jeep Hacker,” along with a panel of our cybersecurity professionals, for an intimate discussion on the revolutionary possibilities … Continue reading
On Tuesday, October 6, 2015, Norton Rose Fulbright attorneys Boris Segalis, Mark Faccenda and Kimberly Gold will present a health information privacy and security web seminar focused on compliance risks and obligations surrounding connected medical devices and healthcare data.… Continue reading
Disrupted, yet again. The world is fast preparing for the invasion of objects connected to the Internet, otherwise known as the Internet of Things (“IoT”). IoT is here, and it will revolutionize how both individuals and corporations interact with the world. In this multi-part series we will explore this quickly evolving revolution and the privacy … Continue reading
In advance of what will likely be a flood of interconnected devices to soon hit the market, the Federal Trade Commission (“FTC”) today announced the release of a new report on the Internet of Things (the “Report”). Focusing on privacy and security, the FTC makes several suggestions to companies developing Internet of Things devices that are marketed … Continue reading