This morning, the European Commission released a Proposal for a Regulation addressing the EU’s cybersecurity industry as part of its next step towards a Digital Single Market, which is the EU’s strategy to ensure fair competition, consumer and data protection, and removal of copyright and geo-blocking issues for individuals participating in online activities and

Is your organization ready for the new EU General Data Protection Regulation?

On May 25, 2018, the EU General Data Protection Regulation (“GDPR”) will impose significant new obligations on all U.S. companies that handle personal data of any EU individual. U.S. companies can be fined up to €20 million or 4% of their global annual

Yesterday, organizations around the world were hit by yet another ransomware attack.  Similar to the recent WannaCry attacks, the Petya attack works to encrypt documents and files and subsequently demands a ransom to unlock them.  Unlike WannaCry, it is believed that the Petya attack spreads internally through an organization (rather than across the Internet) using

On June 13, 2017, the Department of Homeland Security published an alert regarding malicious cyber activity by the North Korean government, known as Hidden Cobra.  Per the DHS and FBI, Hidden Cobra uses cyber operations to the government and military’s advantage by exfiltrating data and causing disruptive cyber intrusions.  Potential impacts of a Hidden Cobra

shutterstock_506771554Another week, another well-concocted phishing scam.  The most recent fraudulent activity targeted businesses that use Workday, though this is not a breach or vulnerability in Workday itself.  Specifically, the attack involves a well-crafted spam email that is sent to employees purporting to be from the CFO, CEO, or Head of HR or similar.   Sometimes the

Natalya Northrip and Emily Dorner will be presenting on two interesting eDiscovery topics this April; presentations will focus on litigation hold maintenance and best practices, as well as recordkeeping for human resources professionals.  Presentations will take place on April 6, and April 26, respectively.  Summaries of presentation content and links to sign up are provided

In an interesting decision regarding the spoliation of evidence via a mobile device, Magistrate Judge Terry F. Moorer determined that the newly amended Federal Rule 37(e) – enacted on December 1, 2015 – did not apply to the spoliation case, as the case was filed prior to the rule’s enactment.  (Morrison v. Charles J. Veale, M.D., P.C., 2017 BL 21478, M.D. Ala., No. 3:14-cv-1020-TFM, 1/25/17).

Karla Morrison, a former employee of the medical practice Charles J. Veale, M.D., P.C. sued her employer in October of 2014 alleging that the practice violated the Fair Labor Standards Act.  Following the close of discovery in August of 2016, the defendant filed a motion for sanctions for spoliation of evidence alleging that Morrison logged into her office email account after her termination and deleted emails from the account.  The defendant bolstered this argument by alleging that Morrison added 2-step verification to her log-in process in April 2015 – almost 6 months after her termination.  Morrison admitted to accessing her office email days after her termination to “close out” items, but denied any further use of the account.

For those unfamiliar, 2-step verification is an additional security measure that confirms a user’s identity through two components, usually a password followed by a code sent to a personal device, for example.  When in place, it adds an additional level of security to an account, thus making it less susceptible to hacking. 
Continue Reading Interesting Sanctions Analysis Applies “Old” Bad Faith Standard Post-December 2015 Amendments

shutterstock_414067906

At the end of September, the U.S. the U.S. District Court for the District of Kansas held that a warrant for an entire email mailbox did not violate the parameters of the Fourth Amendment in In re Microsoft Corp., 2016 BL 320715, D. Kan., No. 16-MJ-8036, 9/28/16.  Here, the court looked to balance an individual’s right to privacy and the government’s capability to effectively prosecute suspected criminals.

Continue Reading Fourth Amendment, Stored Communications Act Allow for Collection of Entire Personal Email Account

shutterstock_423624865

In Moore v. Lowe’s Home Centers, LLC, Case No. 14-01459 (W.D. Wash., June 24, 2016), plaintiff Marla Moore brought a Motion for Sanctions for Defendant Lowe’s Home Centers’ willful spoliation of evidence.  In short, Plaintiff claimed she was the target of verbal harassment, a hostile work environment, and was demoted as a result of her pregnancy.  The Plaintiff was ultimately terminated for violation of the Defendant’s photo copying policy.

Plaintiff’s sanctions motion stemmed from Defendant’s deletion of Plaintiff’s email account following her termination. 
Continue Reading Duty to Preserve Not Triggered by Employee Complaints