Following President Obama’s State of the Union address on February 12, the White House released its much-anticipated cybersecurity executive order, Improving Critical Infrastructure Cybersecurity.  The EO was an opportunity for the Administration to address widely acknowledged cyber threats to domestic critical infrastructure and to clarify Executive Branch authority to respond fully to cyber-attacks by

Photo of Tracy P. Marshall

The Obama Administration’s consumer data privacy framework released last month will impact companies’ data collection, use, and retention practices, and raises complex legal issues. As explained in a recent article by Keller and Heckman LLP, the notion of codes of conduct developed through a multistakeholder process, to be enforced by the Federal Trade Commission (“FTC”),

Photo of Tracy P. Marshall

Do you know whether and how your websites use “cookies” or other technologies to collect information from users and/or target advertising?  Do you know what information is being collected and how it is being used?  The Federal Trade Commission has endorsed an online “Do Not Track” mechanism, and recent inquiries, investigations, and lawsuits relating to

Photo of Tracy P. Marshall

Companies should not assume that their general liability policies cover cyber attacks, and they should anticipate disputes from insurers when seeking defense and/or indemnity under these policies.  This is illustrated by a Complaint filed by Zurich Insurance Company in the Supreme Court of New York against various Sony entities relating to claims for coverage after

Photo of Tracy P. Marshall

Online hacking, lost or stolen laptops, and improper disposal are just some of the ways that personal information that a company collects from customers and employees can get into the wrong hands and be used to commit identity theft.  There are a variety of laws that dictate how companies must respond to a data breach,