Federal

DoD Releases Public Draft of Cybersecurity Maturity Model Certification and Seeks Industry Input

Susan B. Cassidy, Samantha Clark, Ryan Burnette and Ian Brekke of Covington & Burling write: On September 4, the Office of the Assistant Secretary of Defense for Acquisition released Version 0.4 of its draft Cybersecurity Maturity Model Certification (CMMC) for public comment.  The CMMC was created in response to growing concerns by Congress and...

Capital One Hack Prosecution Raises New and Old Questions about Adequacy of CFAA

Timothy H. Gray, Ethan Kisch and Michael F. Buchanan of Patterson Belknap write: On August 28, 2019, almost a month after Paige A. Thompson was arrested based on allegations that she hacked into servers rented by Capital One Financial Corporation, a criminal indictment was returned charging her with one count each of computer and...

LinkedIn Can’t Block Analytics Company From Scraping Profiles

Wendy Davis reports: LinkedIn can’t rely on a 33-year-old anti-hacking law to prevent prevent the analytics firm HiQ Labs from mining data, a federal appellate court ruled Monday. The ruling, issued by a three-judge panel of the 9th Circuit Court of Appeals, leaves in place an injunction that requires LinkedIn to allow publicly available...

FTC Takes Tougher Data Security Stance After LabMD Fight

Sara Merken reports: The Federal Trade Commission is issuing specific data security requirements to companies as part of agency settlements, policing businesses more aggressively than before, attorneys and former staff said. Proposed settlements reached this year with LightYear Dealer Technologies LLC, ClixSense.com, Unixiz Inc, and D-Link Systems Inc. show what the FTC is expecting...