Law.com Subscribers SAVE 30%
Call 855-808-4530 or email [email protected] to receive your discount on a new subscription.
Company Had No Duty to Encrypt Personal Information on Stolen Laptop
A Minnesota district court recently found that a financial institution was not negligent for failing to encrypt personal information contained on a laptop computer that was stolen from an employee's home office. In Guin v. Brazos Higher Education Service Corp., the court dismissed the negligence action brought against a student loan provider by a customer. In granting the defendant's summary judgment motion, the court ruled that the company did not breach a duty of care under the Gramm-Leach-Bliley Act ('GLB') to customers whose unencrypted data may have been contained on the laptop.
The decision has significant implications for financial institutions regulated by GLB. Faced with the novel argument that a financial institution breached its statutory duty of care established by GLB when it failed to encrypt personal information in its databases, the court found that GLB contains no such requirement. In a narrow interpretation of GLB's requirement that companies 'protect the security and confidentiality of customers' nonpublic personal information,' the court held that GLB does not require companies to encrypt personal information contained on company laptops. For financial institutions that feared a judicial mandate to encrypt their customer data or risk noncompliance with GLB, the decision comes as welcome relief.
Background
Major Differences In UK, U.S. Copyright Laws
This article highlights how copyright law in the United Kingdom differs from U.S. copyright law, and points out differences that may be crucial to entertainment and media businesses familiar with U.S law that are interested in operating in the United Kingdom or under UK law. The article also briefly addresses contrasts in UK and U.S. trademark law.
The Article 8 Opt In
The Article 8 opt-in election adds an additional layer of complexity to the already labyrinthine rules governing perfection of security interests under the UCC. A lender that is unaware of the nuances created by the opt in (may find its security interest vulnerable to being primed by another party that has taken steps to perfect in a superior manner under the circumstances.
Strategy vs. Tactics: Two Sides of a Difficult Coin
With each successive large-scale cyber attack, it is slowly becoming clear that ransomware attacks are targeting the critical infrastructure of the most powerful country on the planet. Understanding the strategy, and tactics of our opponents, as well as the strategy and the tactics we implement as a response are vital to victory.
Legal Possession: What Does It Mean?
Possession of real property is a matter of physical fact. Having the right or legal entitlement to possession is not "possession," possession is "the fact of having or holding property in one's power." That power means having physical dominion and control over the property.
The Stranger to the Deed Rule
In 1987, a unanimous Court of Appeals reaffirmed the vitality of the "stranger to the deed" rule, which holds that if a grantor executes a deed to a grantee purporting to create an easement in a third party, the easement is invalid. Daniello v. Wagner, decided by the Second Department on November 29th, makes it clear that not all grantors (or their lawyers) have received the Court of Appeals' message, suggesting that the rule needs re-examination.