The Court of Appeals for the State of New York recently rejected Facebook’s appeal of its challenge to bulk search warrants issued pursuant to the Stored Communications Act (SCA) and separately challenged the warrants’ nondisclosure component. The Court affirmed the lower court’s ruling that Facebook could not appeal the rejection of its motion to quash the SCA warrant.
In this case, at the request of the Manhattan District Attorney’s Office, the New York Supreme Court issued 381 warrants directing Facebook to “retrieve, enter, examine, copy, analyze, and . . . search” the targeted [...] Read more
The Department of Justice has announced the indictment of seven Iranian hackers alleged to work for the Iranian government on charges stemming from a coordinated string of distributed denial of service (“DDoS”) attacks primarily against U.S. financial institutions from 2011 to 2013. One of the hackers is also charged with hacking into the supervisory control and data acquisition (“SCADA”) systems of a dam in Rye, New York, outside of New York City, in 2013. Loretta E. Lynch, the Attorney General of the United States, Preet Bharara, the United States Attorney for the Southern District [...] Read more
Alston & Bird has announced the expansion of its Privacy & Data Security Practice in Los Angeles with partner, Michael Zweiback. Zweiback, a former federal prosecutor, has rejoined the firm as partner in its Privacy & Data Security Practice and Government & Internal Investigations Group, bringing not only extensive experience in cybersecurity, but also an exceptional background in white collar criminal defense and government enforcement litigation. He arrives from Arent Fox LLP, where he was a partner and co-leader of its Cybersecurity and Data Protection Group.
Zweiback has [...] Read more
Last week, the Federal Financial Institutions Examination Council (FFIEC) issued a joint statement warning of an “increasing frequency and severity of cyber attacks involving extortion.” The statement warned that criminals have been extorting financial institutions using a variety of tactics, including denial of service attacks, theft of sensitive information, and use of “ransomware,” which is software that prevents legitimate users from accessing company files unless a ransom is paid. To protect against these attacks, the FFIEC encouraged financial institutions to “develop and implement [...] Read more
On October 29, Alston & Bird’s Cybersecurity Preparedness & Response Team will host a live program and webinar called National Security, Cyber Espionage and “Bulk PII” Breaches in our Washington, DC office. The program will examine the recent phenomenon of allegedly state-sponsored actors executing major cyber-attacks specifically targeting large databases of personal data for espionage purposes. Speakers on the panel will include our own Senior Counsel Peter Swire; Luke Dembosky, Deputy Assistant Attorney General, National Security Division, U.S. Department of Justice; and Charles [...] Read more
Dominique Shelton, partner in Alston & Bird’s Privacy & Data Security Group, was named to the Los Angeles Business Journal’s “Most Influential Lawyers in White Collar & Cyber Crimes Law” of 2015.
Described by the publication as “one of the top practitioners dealing with privacy and cyber law, with particular focus on the media and entertainment industry,” Shelton is one of only 25 attorneys in Los Angeles County to be honored for having demonstrated outstanding leadership in their fields.
In 2014, Shelton was named one of the “Most Influential Lawyers: Digital [...] Read more
The Federal Trade Commission recently announced that it views companies that report data breaches to appropriate law enforcers “more favorably” than those companies that are less cooperative. Mark Eichorn, Assistant Director in the Bureau of Consumer Protection’s Division of Privacy and Identity Protection, included the announcement in a May 20, 2015 blog post, describing a typical FTC data breach investigation to help companies know what to expect if they are investigated.
When investigating a breach, the FTC gathers facts on the circumstances surrounding the incident, the protections [...] Read more
On Wednesday, April 29, 2015, the Department of Justice Computer Crime and Intellectual Property Section (CCIPS) Cybersecurity Unit issued new, detailed guidance on data breach incident response best practices. The document was announced at an invitation-only round table hosted by DOJ and provides guidance on what DOJ regards as “best practices for victims and potential victims to address the risk of data breaches, before, during and after cyber-attacks and intrusions.” The document was prepared with input from federal prosecutors as well as private sector companies that experienced cybersecurity [...] Read more
On April 29, 2015, the Department of Justice’s Criminal Division will host a cybersecurity industry roundtable on data breaches. The event, which will include audience question and answer sessions, will focus on a range of recent industry developments.
The event will feature a discussion of cybersecurity from the national security perspective by John P. Carlin, Assistant Attorney General in the National Security Division; a conversation on government-industry interaction featuring James C. Trainor, Acting Assistant Director of the Cyber Division at the FBI, and Stuart J. Tryon, Special Agent [...] Read more
The Federal Financial Institutions Examination Council (FFIEC) has issued two joint statements warning of specific cyber risks. The warnings, which were issued on March 30, 2015, address risks arising from destructive malware, which can destroy sensitive data, and cyber-attacks that compromise user credentials. In both statements, the FFIEC also provides guidance on how to mitigate these risks.
The statement on destructive malware warns financial institutions about the increasing use of malware that successfully compromises databases and destroys the information or renders the system hosting [...] Read more
