For over twenty years, my father was a wholesale seafood supplier. One day over dinner (probably lobster, because that’s just how we rolled), my father tells us that he has hired an off-duty US Department of Agriculture inspector to inspect the fish that his company will be sending out to its grocery store clients. When I asked him if this was a legal requirement, he said it was not (the Department of Health and Human Services, via the FDA, apparently regulates fish, not the USDA). When I then asked him why he was doing it, he said, “If you were in the grocery store and you saw one piece of fish labelled ‘USDA Government Inspected’ and one piece of fish without that label, which one would you buy?” An informal “seal” program had been born!

On March 17, the New York Times covered a new item on the growing list of high-profile data breaches with its article detailing how a British political consulting firm, Cambridge Analytica, obtained personal information from millions of Facebook users by way of a low-profile researcher. The revelation sent shock waves through the online community, and the public outcry was swift and resounding. As more details emerge, Facebook and Cambridge Analytica will continue to face political and legal repercussions from all angles—with one possible legal instrument being the Computer Fraud and Abuse Act (CFAA).

Earlier this month, Uber released its new program, Uber Health. In a nutshell, Uber Health is a program that facilitates patient transportation to and from appointments with healthcare providers. According to Uber, Uber Health works like this:

Recently, I counseled an employer regarding the termination of a high level HR employee. The termination wasn’t fun but the company’s termination process was followed. Unfortunately, that was the problem. The employer collected and turned off the exiting employee’s company badge. The employer took the same actions for the corporate credit card. The exiting employee’s laptop was collected and IT was informed to shut down the individual’s access to all systems immediately.

Semper Fidelis is the U.S. Marines’ motto – “always faithful.” Perhaps an ironic twist of phrase in the context of its recent and preventable data breach. Let’s recap. The Marine Forces Reserve recently announced that personal information of over 21,000 Marines, sailors, and civilians were “compromised.” The PI included social security numbers, bank account and routing numbers, card information, name, address and other contact information. In other words, PI which is a treasure trove for identity thieves. Some of the PI may have been redacted in part. How did this breach occur? The culprit was an e-mail incorrectly sent with an unencrypted attachment. The email was sent out by the Defense Travel System which manages travel itineraries and expense reimbursement. Obviously sensitive location information is also in play. Probably not a big thing for a travelling salesperson, but highly problematic for defense sector travel.

On February 27, 2018, the Supreme Court heard arguments in United States v. Microsoft Corp., a case that will decide whether a digital communications provider has to comply with a U.S. search warrant for user data that is stored outside of the U.S. U.S. v. Microsoft could have major consequences for digital privacy and international data sharing, especially for the cloud-computing industry.

The influence of the Internet of Things (IoT) will undoubtedly be transformational with a total potential economic impact estimated to be $3.9 trillion to $11.1 trillion a year by 2025. In the race into the IoT marketplace, there are both known and unknown legal hurdles that will affect those who offer of goods and services during the proliferation of the Internet of Things.