Information Technology Law is our Focus

phone icon(313) 575-7234
divider

Alerts


E.U. Sets Privacy Shield Deadline for U.S.

/ 0 Comments

The European Union General Data Privacy Regulation (GDPR), which took effect in May 2018, covers the handling of personal information of E.U. citizens, including by U.S.-based companies. The E.U.-U.S. Privacy Shield is a framework to provide companies with a mechanism to comply with the GDPR. It includes self-certification of adequate data protection practices, including data transfers. The Privacy Shield program is administered by the International Trade Administration (ITA) within the U.S. Department of Commerce.

The U.S. has yet to appoint a permanent ombudsperson to handle any complaints by E.U. citizens that a company is not complying with the GDPR.  The E.U. has now set a deadline of February 28, 2019 for that appointment to be made. The acting ombudsperson, Judith Garber, has recently been nominated as U.S. ambassador to Cyprus. Whether the U.S. will meet the deadline remains to be seen.

More information about the E.U.-U.S. Privacy Shield is available here. Access an article with more information about the E.U.’s imposed deadline here. Contact us at Ossian Law P. C. regarding any information technology law matter.

© 2019 Ossian Law P.C.

Read More
separator

FCC Seeks New Call Authentication System in 2019

/ 0 Comments

The Federal Communications Commission (FCC) recently sent letters to telecommunications carriers asking them to establish plans to implement the Signature-based Handing of Asserted Information Using toKENS (SHAKEN) and the Secure Telephone Identity Revisited (STIR) authentication standards. The SHAKEN/STIR framework digitally validates the handoff of calls between carriers, ultimately making it possible for consumers to accurately determine a caller’s identity. The letters included questions about implementation plans and the importance of combating illegal call spoofing and unwanted robocalls.

In addressing the anticipated timeline for implementing the SHAKEN/STIR standards, FCC Chair Ajit Pai stated “[b]y this time next year, I expect that consumers will begin to see this on their phones . . . if it does not appear that this system is on track to get up and running next year, then [the FCC] will take action to make sure that it does.”

The FCC Press Release is available here. Contact us at Ossian Law P. C. regarding any information technology law matter.

© 2018 Ossian Law P.C.

Read More
separator

Facebook and Google Face Location Tracking Lawsuits

/ 0 Comments

Two recent class action-styled lawsuits have been filed against Facebook and Google, respectively, for allegedly tracking and storing user location data even after the user had turned off location tracking features.

In Heeger v. Facebook, Inc., the plaintiff claims that misleading conduct by Facebook “not disclos[ing] that turning ‘off’ Location History will have no impact on Facebook’s tracking, collection, and storage of users’ private location data.” Similar factual allegations are being made in Lee v. Google, Inc. Specifically, that statements made by Google lead users to believe that turning off Location History would disable that feature across all devices associated with a user’s account; instead, users must make changes in account settings in order to stop the data collection.

Both cases are pending in federal court in California. Claims asserted between the lawsuits include violation of the federal FTC Act and Stored Communications Act and violation of various state laws, including the California Invasion of Privacy Act and California’s constitutional right of privacy and the Colorado Consumer Protection Act.

Access the Heeger v. Facebook complaint here. Contact us at Ossian Law P. C. regarding any information technology law matter.

© 2018 Ossian Law P.C.

 

Read More
separator

California’s Connected Device Security Law

/ 0 Comments

California has become the first state to pass legislation to regulate the Internet of Things. The new law, which takes effect on January 1, 2020, applies to manufacturers of connected devices, which are defined as “any device, or physical object that is capable of connecting to the Internet, directly or indirectly, and that is assigned an [IP] address or Bluetooth address.”

Under the new law, manufacturers of connected devices must equip the device with reasonable security features that are appropriate to the “nature and function of the device” and the information that the device may “collect, contain or transmit.” Each device must also have a unique preprogrammed password. The law will not apply to any device that is already subject to federal security laws or regulations or to manufacturers are already covered by federal or state health privacy laws, including HIPAA.

It remains to be seen whether other states will follow California’s lead in enacting similar legislation. The text of the new legislation is available here. Contact us at Ossian Law P. C. regarding any information technology law matter.

© 2018 Ossian Law P.C.

Read More
separator

Small Businesses and the Equifax Breach

/ 0 Comments

Last year, credit reporting agency Equifax experienced a data breach that impacted 143 million consumers. Fallout from the breach included class action lawsuits initiated by various plaintiff classes such as consumers, financial institutions and a small business class.

In a recent motion to dismiss the claims of the small businesses, Equifax argued that the businesses lack the necessary “standing” to bring such claims, as the exposed data belonged to the owners of the small businesses rather than the businesses themselves. 

In response, the businesses argued that they are “foreseeable victims” in addition to their consumer owners and cite to the importance to small businesses of owner creditworthiness. The businesses pointed to damages incurred including credit reporting and monitoring and other steps that were taken to guard against the potential impact of the Equifax breach.The court has not yet decided Equifax’s motion to dismiss the small businesses’ claims.

The Consolidated Class Action Complaint for Small Business Claims is available here.  Contact us at Ossian Law P. C. regarding any information technology law matter.

© 2018 Ossian Law P.C.

Read More
separator

Suit Alleges Apple’s Website Not Accessible

/ 0 Comments

A visually-impaired and legally blind woman has filed a lawsuit against Apple, Inc. in federal court in New York, alleging that Apple’s website is not accessible and is therefore in violation of the federal Americans with Disabilities Act (“ADA”). Himelda Mendez claims that she tried to use the website with her screen reader but was unable to fully access the functions and features of the site. Specifically, Mendez alleges that the following constitute ADA violations:

  • Lack of alternative text (“alt-text”) or a text equivalent coded to each image so that screen-reading software can speak the alt-text where a sighted user sees the image;
  • Empty links that contain no text causing the function of the link to not be presented to a user; and
  • Redundant links where adjacent links go to the same URL address.

In addition to the ADA, Mendez alleges that the deficiencies also constitute violation of human rights laws of New York State and New York City. The Mendez complaint is available here.

Contact us at Ossian Law P. C. regarding any information technology law matter.

© 2018 Ossian Law P.C.

 

Read More
separator

Can Smart Cities be Hacked?

/ 0 Comments

Earlier this year, citizens in Hawaii experienced a false missile attack alert resulting from employee error. The potential for similar incidents caused by hackers in so-called “smart cities” has been identified by researchers at IBM X-Force Red and cybersecurity firm Threatware. Smart cities, including New York City, San Francisco, Chicago, Atlanta, Charlotte, North Carolina and Kansas City, Missouri use connected systems to operate municipal resources like traffic control and transportation, surveillance and to detect natural disasters.

Among the vulnerabilities the researchers identified were the use of default passwords and networks being exposed online. Potential hacking could cause traffic jams, false disaster alerts and hijacking surveillance systems. Each of the companies involved in providing the technology, Echelon, Battelle and Libelium have stated that the vulnerabilities have already addressed or are being dealt with.

An article with more information is available here. Contact us at Ossian Law P. C. regarding any information technology law matter.

© 2018 Ossian Law P.C.

Read More
separator

Pentagon Creating “Do Not Buy” Software List

/ 0 Comments

According to a Department of Defense official, the Pentagon has been working on a “do not buy” list of software vendors since early this year. Without identifying specific vendors or products, in a recent press conference, Ellen Lord, undersecretary of defense for acquisition, stated “[w]hat we are doing is making sure that we do not buy software that has Russian or Chinese provenance, for instance, and quite often that’s difficult to tell at first glance because of holding companies.”

This announcement comes on the heels of the Department of Homeland Security banning the use of AO Kaspersky Lab security products, solutions and services last fall. Kaspersky sued the government in an effort to lift the ban. In May, a federal court in Washington D.C. dismissed Kaspersky’s lawsuit for failure to state a valid claim.

An article with more information about the “do not buy” list is available here. Click here to see the DHS Statement on Kasperky Lab. The Kaspersky court dismissal is available here. Contact us at Ossian Law P. C. regarding any information technology law matter.

© 2018 Ossian Law P.C.

Read More
separator

Kathy Ossian Named to 2018 Best Lawyers In America

/ 0 Comments
Kathy Ossian, founder and CEO of Ferndale’s Ossian Law P.C. has once again been selected as one of the Best Lawyers in America in the practice area of Information Technology Law. The Best Lawyers titles were given based on a peer-review survey of attorneys in Metro Detroit. She has been included in this list since 2007. 
Along with practicing law, Ossian is a speaker, educator and editor of the PLI publication, “Social Media and the Law”. Ossian Law P.C. is an information technology law practice, based in Ferndale, Michigan.
Read More
separator

Cybersecurity Risk Tops CEO Concerns

/ 0 Comments

Global advisory firm Willis Towers Watson recently released its 2018 Management Liability (Directors & Officers) U.S. Survey. When asked the question “to what extent are the following risks a concern for your organization in the coming year,” 80 percent of the respondents identified cybersecurity incidents and cyber claims. Claims brought by employees ranked second at 55 percent, followed by regulatory enforcement risks at 48 percent.

The survey was conducted across industries, including manufacturing, information technology and telecommunications, financial services, healthcare and general services. Respondent organization size varied from less than 25 employees to over 50,000 employees.

Access the executive summary of the report and a download link here. Contact us at Ossian Law P. C. regarding any information technology law matter.

© 2018 Ossian Law P.C.

 

Read More
separator


separator