White House Turns Up Heat on Consumer Internet Privacy Legislation

| October 17, 2013

Recent revelations of widespread spying and eavesdropping by the National Security Agency (NSA) and other government agencies has triggered a heightened sense of concern on the part of privacy-sensitive European nations. These allies in turn have brought pressure on the Obama Administration to create legislative safeguards against undue privacy intrusion, a subject about which EU members are far more concerned than is the U.S.

As a result, the White House is turning up the pressure on Congress to initiate and pass legislation that would guarantee more stringent safeguards for American citizens against government-sanctioned invasions of privacy using electronic means including the Internet.

EU member nations and the EU as an organization have generally adopted sweeping pro-consumer laws, rules  and regulations controlling the use governments and businesses can make of information obtained over the Internet.

While little official information is yet available about the legislation the Administration is urging Congress to adopt, there are indications the new law will define privacy limits and call for a meeting among  businesses and consumer interest groups to hammer out the details of what will be allowed and what will be banned under the proposed new law. It is likely the Federal Trade Commission would be the agency to have enforcement responsibility.

In recent years, Congress has been reluctant to delve into an area it sees as complex and nuanced, preferring to rely on Internet companies’ cooperation with one another and with their customers to deal with the issue. That coupled with the significant increase in concern raised by the recent government spy leak cases suggests it could be a slow road to anything resembling final and impactful legislative action.

Network Access Responsible for 58% of Insider Theft of Trade Secrets, Study Finds

| October 17, 2013

The theft of intellectual property and particularly of trade secrets has become an area of increasing concern among businesses in the past decade. In part, this appears to be due to the relative ease with which such information can be stolen over legitimate network access links.

A study by the Insider Threat Lab of the CERT Program at Carnegie-Mellon’s Software Engineering Institute analyzed 58 cases of insider theft of trade secrets in detail. Its findings are contained in a report available here as a free PDF file.

According to the study, the three main techniques used by insiders to remove trade secrets from a company are:

  • email from work: 30 percent
  • removable media: 30 percent
  • remote network access: 28 percent

This means that 58% of all such incidents involve the use of network resources via email or direct remote network access. Only a relatively small percentage (30%) required physical access to the facility or the data source

Employment agreements should contain specific prohibitive clauses specifying limitations on the use of email and remote network access. In addition, your IT security teams should be identifying and implementing ways to protect trade secret information behind secondary password-protected firewalls or using other similar technologies to prevent the easy removal of such information electronically.

Melise’s New Book Due Out in Spring 2014

| October 3, 2013

Melise Blakeslee has announced that LexisNexis has agreed to publish her new book, Internet Crimes and Data Security in the Spring. This is Melise’s second published book. It expands greatly on her first title, Internet Crimes, Torts and Scams: Investigation and Remedies, published in previous years by Oxford University Press.

“The new book includes a major discussion of data security issues as they relate to the worlds of consumer protection, finance, health and Big Data in general,” Melise says.

Safe Harbor Exceptions Not Always Iron-Clad, Court Rules in Vimeo Case

| September 24, 2013

A Federal judge’s ruling in a big copyright lawsuit this week should serve as a reminder to everyone involved in copyright litigation: don’t give up merely because a safe harbor exception seems to be in play.

Several big record labels brought a suit against Vimeo, a user-generated content video web site, charging it had infringed copyrights of numerous well-known performers. Vimeo defended against the suit by claiming that it was covered by the safe harbor provisions of the Digital Millennium Copyright Act (DMCA).

The court broadly agreed, but it found a “triable issue” in some instances where the record labels alleged that Vimeo employees aided and participated in the upload and promotion of some specific user-posted videos. The key issue at trial will focus on whether Vimeo employees had actual notice of the infringements in which they allegedly participated. If they did, then the safe harbor provision won’t protect Vimeo from liability.

The moral: don’t give up copyright litigation just because a possible safe harbor exists. Examine the facts carefully, and look for evidence that someone employed by the “publisher” knew of the copyright.

 

CFOs Urged to Be More Vigilant Monitoring Topline IP Theft: $300 Billion Lost This Year

| September 21, 2013

The list of proprietary and intellectual property stolen from Corporate America has grown rapidly in size and impact over the last five years.

Company CFOs need to become more vigilant about the theft of intellectual property and proprietary information the value of which doesn’t always appear on the balance sheet, according to this article on CFO.com. One recent industry report puts the value of such topline stolen data and assets at more than $300 billion this year alone.

“This theft translates into financial statement impact in the form of shorter revenue streams and/or missed revenue growth expectations, and can translate into longer term deflated stock prices,” according to the article.