What if your next idea—which could be the next big idea—involves a web-based collection, compilation, or a sliver of “big data” that is so ingenious that customers and investors will line up to get their hands on it? The idea most likely comes with an e-commerce angle, such as a unique feature complete with pricing
Kris Kappel
As co-vice-chair of the firm’s Intellectual Property practice specialty center, Kris counsels clients on how to manage and protect their intellectual property and data and use their IP assets strategically.
Unauthorized Access: Cambridge Analytica’s Use of Harvested Facebook Profiles
On March 17, the New York Times covered a new item on the growing list of high-profile data breaches with its article detailing how a British political consulting firm, Cambridge Analytica, obtained personal information from millions of Facebook users by way of a low-profile researcher. The revelation sent shock waves through the online community, and the public outcry was swift and resounding. As more details emerge, Facebook and Cambridge Analytica will continue to face political and legal repercussions from all angles—with one possible legal instrument being the Computer Fraud and Abuse Act (CFAA).
Continue Reading Unauthorized Access: Cambridge Analytica’s Use of Harvested Facebook Profiles
SOC It To ‘Em: Securing Your Outsourced Data with SOC 2 Reports
With the rise of innovations like cloud technology and software-as-a-service, clients are increasingly finding that it makes business sense to outsource computerized services, from payroll processing to the storage of electronic medical records. While doing so often cuts costs, routing (frequently confidential) data through third-party service providers also implicates serious cybersecurity concerns and, in some cases, may increase potential liability. Further, one of the pillars of a commercially reasonable information security program is selecting and retaining service providers capable of maintaining appropriate safeguards. To address these concerns, and to keep data safe, clients should require service providers to furnish them with Service Organization Control (“SOC”) Reports, particularly SOC 2 Reports.
SOC Reports were developed by the American Institute of CPAs (AICPA) to provide information about the robustness and quality of a service provider’s internal controls over certain types of data. There are three types of SOC Reports, each serving separate functions.Continue Reading SOC It To ‘Em: Securing Your Outsourced Data with SOC 2 Reports