The Law of Cybersecurity & In-House Counsel
Last month saw an interesting study emerge from the Maurer School of Law at Indiana University. It discusses the current and potential role of lawyers in the area of cybersecurity and the emerging, but still nascent, field of cybersecurity law. This is not a topic one sees today at CPD sessions for lawyers and that alone […]
Getting Fired for Privacy Violations: The New Normal?
I never thought I’d ever mention Kim Kardashian in a blog post but, surprisingly, I find myself doing so in the context of a privacy breach. The “human element” in privacy violations – whether by error or omission in conduct or a willful or deliberate act – plagues organizations subject to breach notification requirements. Leaving aside […]
Securities, Security & Transparency
A “tipping point” is the culmination of small events that cause a significant change. Malcolm Gladwell tells us it comes from the world of epidemiology: that point in time in an epidemic where a virus reaches critical mass. Have we now seen the tipping point where business takes cybersecurity far more seriously than ever before?
The Continuing Travails of Digital Identities
I was asked the other day if I thought identity issues were any different from when I dealt with them at TBS some 10 years ago. I paused, thought about it, hummed a bit, thinking of the intervening work done — Oasis (SAML), Liberty Alliance, WS-* — and finally said I didn’t think so. The […]
New ABA Book on Information Security & Privacy
I was pleasantly surprised to receive my copy of Information Security and Privacy: A Practical Guide for Global Executives, Lawyers and Technologists — I contributed the section on Canada. It is a new book from the Science and Technology Law Section of the American Bar Association. Thomas Shaw did a very good job piecing together a […]
Trusting Medical Researchers with PHI
The subject of medical research and personal information protection can quickly become a quagmire. Even raising the subject risks one being tagged as a Grinch-like character who surely must drown kittens and tell those young cancer-stricken children appearing in telethons that there’s no Santa Claus. The win-win scenario is de-identified information with good security around […]
“Your Word Is Your Bond”
“Your word is your bond.” It’s a phrase that draws its origins from the Third Commandment and demands a high degree of integrity. However, substitute “password” for “word” and “security” for “bond”, and the story is very different in the world of online authentication.
The Cloud, Security & Standards
For better or worse, the cloud can be seen as a “game-changer” in how we store and process information. While the placement of intellectual property, business confidential or personal information in the Cloud raises security concerns, it does offer benefits. In other words, it’s coming – whether we like it or not.
Lawyers, Ethics, Security & The Cloud
The regulatory bodies governing lawyers have long recognized the benefits and the risks of information technology in modern legal practices. However, with “Cloud computing” seemingly (and finally) “catching on”, one can’t help but wonder when the ethical guidance provided lawyers will be amended to address its possible use by the legal community in Canada.
UHN. Encryption. Devil. Details.
Another lost laptop; another press release, something entirely too common these days. But one press release issued last week had an element that caught my eye and serves as a reminder that encrypted laptops are not a panacea for those who want to have data readily at hand in a portable device.