Call 855-808-4530 or email Gro[email protected] to receive your discount on a new subscription.
On June 3, 2021, the United States Supreme Court issued a 6-3 opinion in Van Buren v. United States, No. 19-783, resolving the circuit split regarding what it means to “exceed[] authorization” for purposes of the Computer Fraud and Abuse Act (CFAA) 18 U.S.C. §1030 et seq. The Court held that only those who obtain information from particular areas of the computer which they are not authorized to access can be said to “exceed authorization,” and the statute does not — as the government had argued — cover behavior, like Van Buren’s, where a person accesses information which he is authorized to access but does so for improper purposes. This was a long-awaited decision interpreting the CFAA, which has become an important statute in both criminal and civil enforcement relating to computer crime and hacking.
Continue reading by getting
started with a subscription.
New U.S.-China Investment Dynamic Focuses On AI and Sensitive Technologies
By David A. Holley
An Executive Order released by the Biden Administration on Aug. 9 places increased importance on due diligence when investing in specific foreign countries. The Executive Order will regulate outbound investments in China with a focus on key technologies critical to safeguarding U.S. national security, including artificial intelligence.
New York’s Latest Cybersecurity Commitment
By Erik B. Weinick
On Aug. 9, 2023, Gov. Kathy Hochul introduced New York’s inaugural comprehensive cybersecurity strategy. In sum, the plan aims to update government networks, bolster county-level digital defenses, and regulate critical infrastructure.
Data Breach Defense: Mobilizing Against Weaponized Mass Arbitration
By Daniella Main and Brooke Bolender
Most companies have experienced or will experience a data breach. Increasingly, companies also face the risks associated with mass arbitration weaponized by the overwhelming volume of claims after a breach.
By Wim Nauwelaerts
Businesses and organizations that (regularly) transfer personal data from the EU to the U.S. should carefully assess, on a case-by-case basis, whether it makes sense to rely on the new EU-U.S. Data Privacy Framework or to use one of the other data transfer tools that are available under the GDPR.