By Rob Philbrick
The United States Postal Service Office of Inspector General released a national report last month finding that 84% of people surveyed expect drone deliveries to occur within the next ten years. Leading the international charge, Domino’s Pizza has already launched commercial drone deliveries in New Zealand. Assuming the resolution of various U.S. regulatory and socio-technical problems, it may be commonplace by the year 2030 for items to be shipped autonomously, up in the sky. In such a future, a breakfast ruined for lack of bacon is only a short drone flight away from remedy. So, as promised: flying pigs.
However, what appears to not be on the U.S.’s technology-dependent horizon is ubiquitous nationwide online election voting. What explains this?
By Brennen Johnson
Lawmakers in the U.S. Senate just passed CISA (the “Cybersecurity Information Sharing Act”) on Tuesday, October 27. If the White House does not veto it, CISA will allow tech companies to share internet traffic information with the government without fear of liability for the disclosure of private or sensitive data. Not only would the law potentially allow companies to violate their own privacy statements with users, but also it would allow them to hide the fact that they are sharing information with the government.
So what is CISA, where did it come from, and why does it matter? This is not the first time that lawmakers have brought this type of information-sharing scheme before Congress. Back in 2011, lawmakers introduced CISPA (the “Cyber Intelligence Sharing and Protection Act”) in an attempt to help prevent cyber attacks. The basic premise behind the bill was that quickly sharing information about threats and vulnerabilities could help prevent attacks. The House of Representatives passed CISPA, but it failed in the Senate, due to a lack of confidentiality and civil liberties safeguards. The White House even proclaimed that it would veto the bill should it be passed. CISPA was reintroduced by the House in 2013, where it again failed to pass the Senate. Continue reading
By Julie Liu
As we know well from news coverage of hacks and leaked information, consumers and employees take a gamble whenever they give their personal information to a company. Consciously or not, these individuals count on the company’s technological savvy in combination with its data security policies to keep the information safe. While this status has not changed much since businesses first became digitized, regulations are gradually catching up. For the Federal Trade Commission (FTC), cybersecurity has been a top priority in recent years, and it will likely tighten its grip on businesses with inadequate security measures.
Late last month, the U.S. Court of Appeals for the Third Circuit issued its long-awaited ruling in FTC v. Wyndham Worldwide Corporation, a case which reevaluated the FTC’s authority to regulate cybersecurity. Litigation began in 2012 when the FTC sued Wyndham Worldwide, a hotel chain company, for unfair business practices. The FTC alleged that Wyndham’s inadequate data security led to three data breaches at Wyndham hotels in two years. According to the complaint, these breaches compromised more than 619,000 payment card accounts and caused over $10.6 million in fraud loss. Wyndham responded with a motion to dismiss the complaint, arguing that the FTC did not have the authority to bring the suit in the first place. The district court denied the motion last year, and the Third Circuit has now affirmed this order on interlocutory appeal.
By Andrew H. Fuller
As Cybersecurity becomes a prominent global issue for nation states, governments consider options to curb their nation’s digital vulnerability. On July 6th, China, an undisputed major player on the global digital frontier, released the Cyber Security Law of the People’s Republic of China (“CSL”) for public comments. The CSL will, among other things, encourage education and training in cybersecurity related fields, establish new protections and rights for personal and sensitive data, and create government set standards for information technology hardware and software. Once adopted, the CSL will be the first Chinese law that exclusively focuses on cybersecurity. Continue reading