A recent report by the Government Accountability Office (GAO) is recommending that Congress adopt comprehensive federal data privacy legislation. The GAO’s proposal is, in part, meant to address limitations of the current privacy regulatory landscape, which is mostly piecemeal, industry-specific regulation at both the federal and state levels. The GAO’s 56-page report follows more than a year of interviews with officials from various federal agencies that have taken active roles in data security issues, including the Federal Trade Commission (FTC), Federal Communications Commission, and the Consumer Financial Protection Bureau, as well as stakeholders from industry and academia.
Data Security Law BlogVisit the Full Blog
DataSecurityLaw.com is the firm’s resource for the latest news, analysis, and thought leadership in the critical area of privacy and cybersecurity law. Patterson Belknap’s Privacy and Data Security practice provides public and private enterprises, their leadership teams and boards with comprehensive services in this critical area. Our team of experienced litigators, corporate advisors and former federal and state prosecutors advises on a broad range of privacy and data protection matters including cyber preparedness and compliance, data breach response, special board and committee representation, internal investigations, and litigation.
A federal appeals court is giving Google and the Justice Department more time to work out their differences in a standoff over whether the tech giant must hand over customer emails stored outside of the United States.
Yesterday, we reported that the Department of Justice has asked the U.S. Supreme Court to remand its dispute with Microsoft Corp. concerning access to customer emails stored abroad to the U.S. Court of Appeals for the Second Circuit with instructions to dismiss it as moot. The government argued that the newly enacted “CLOUD” Act clarifies prior law and makes clear that information stored abroad can, under certain circumstances, be subject to a domestic warrant. The government added that it obtained a new warrant for Microsoft to turn over the requested information in the days following the CLOUD Act’s passage.
We’ve written several times about the landmark dispute between the U.S. government and Microsoft Corp. over access to a customer’s emails stored in Ireland. Now, a month after the U.S. Supreme Court heard oral argument on the government’s appeal, the Justice Department has asked the Court to remand the case to the U.S. Court of Appeals for the Second Circuit with instructions to dismiss it as moot.
The fight over the privacy of electronic communications and the government’s ability to reach emails stored abroad in criminal investigations has finally moved to the U.S. Supreme Court.
Court Rejects DOJ’s Depiction of Google as “Willful and Contemptuous” Tactics in Ongoing Battle over SCA Search Warrant
A federal judge in California has agreed to hold Google in contempt for not following his order to turn over data stored overseas. The order is largely symbolic, however, since a contempt order is required for Google to appeal the ruling.
The Supreme Court is poised to finally answer the question that’s been plaguing federal courts across the country: must U.S. tech companies comply with warrants issued under the Stored Communications Act (“SCA”) that demand information from customer accounts that is stored on servers in a foreign country?
The ongoing dispute between the government and Google concerning the company’s refusal to hand over customer data stored on foreign servers has taken an odd twist. Now, the Justice Department is demanding that Google be sanctioned for not abiding by the court’s most recent decision—ordering it to produce data associated with 22 email accounts—and calling Google’s conduct “a willful and contemptuous disregard of various court orders.” The case is In the Matter of the Search of Content that Is Stored at Premises Controlled by Google, No. 16-mc-80263 (N.D. Cal.).
Judge Sides with Government over Google in the Latest Battle Rematch over the Territorial Reach of the SCA
Another federal judge has rejected the U.S. Court of Appeals for the Second Circuit’s interpretation of the Stored Communications Act (SCA), and has ordered Google to hand over customer email traffic—wherever located—to U.S. law enforcement. More than a year ago, the Second Circuit held that Microsoft Corp. was not required to produce customer emails stored on foreign servers in response to an SCA warrant. Since then, the Second Circuit’s ruling has been rejected by three different federal courts around the country.
Another Rematch Between Tech Companies and the Government over the Territorial Reach of the Stored Communications Act
Lawyers for the tech community are gearing up for argument next month in the U.S. District Court in San Francisco, seeking to overturn another magistrate’s order that requires digital information stored outside of the U.S. to be turned over in response to a U.S. search warrant.
We previously posted about a case before the New York Court of Appeals that concerned whether Facebook has the legal standing to challenge search warrants seeking its users’ data. In April, the court sided with the Manhattan District Attorney’s office and rejected Facebook’s challenge. The three opinions by the judges—particularly the concurrence by Judge Jenny Rivera—provide insight into this evolving area of law.
Does Facebook Have the Right to Challenge Search Warrants Seeking Facebook Users’ Data? New York’s Highest Court Hears Argument
Facebook is the latest social media giant to push back on law enforcement efforts to seek user information. On Tuesday, the New York Court of Appeals heard oral argument in a case focusing on whether Facebook has the right—or legal standing—to challenge bulk search warrants issued by the Manhattan District Attorney’s office for its users' data. The case is In re 381 Search Warrants Directed to Facebook, Inc. and Dated July 23, 2013.
The Electronic Frontier Foundation (“EFF”) and the American Civil Liberties Union (“ACLU”) have weighed in on Facebook’s high-profile dispute with a social media aggregation company over whether it had unlawfully accessed Facebook’s computers. The EFF and ACLU warned the Ninth Circuit that the panel’s ruling for Facebook risks chilling important investigations and makes “potential criminals out of millions of ordinary Americans on the basis of innocuous online behavior.” The case is Facebook, Inc. v. Power Ventures, Inc., No. 13-17102.
When Is Using a Computer a Crime? Rehearing Sought on Ninth Circuit’s “Distressingly Unclear” Answer
Facebook recently won a landmark victory in the Ninth Circuit against a company that accessed Facebook’s computers to help users manage their social network accounts. Now the company, Power Ventures, Inc., says that the Ninth Circuit’s decision risks creating “widespread confusion” about when it is a crime to use a computer to access a website.
Has North Korea struck again? Do its recent attacks signal a shift from those motivated by political retribution to those motivated by financial gain? What does this mean for financial institutions?
We have previously written about the ongoing debate regarding the proposed EU-U.S. Privacy Shield. The European Parliament has now added its voice to those who say that the current proposal is inadequate.
After several fits and starts, Congress finally passed the Cyber Information Sharing Act of 2015 (CISA) as part of the omnibus budget bill. President Obama signed the bill into law on December 18, 2015.
In a significant development, the FTC announced today that LifeLock, the identity theft protection company, has agreed to settle the FTC contempt charges against it for $100 million. This is the largest monetary award the FTC has ever obtained in an order enforcement action.
Upcoming Oral Argument in US v. Microsoft: Does a U.S. Warrant Apply to Email Stored on a Foreign Server?
On September 9th, the Second Circuit Court of Appeals will hear a case with global business, technology, and legal implications. The case, United States v. Microsoft, presents a deceptively simple question: What’s a multinational company to do when it receives a U.S. court order to turn over customer emails that are stored on a server in a foreign country and that may be subject to different data privacy laws?