Welcome to the ninth edition of Decoded for 2023 – our e-newsletter focused on technology law insights.
Our Technology Practice Group has committed to hosting a variety of webinars in the future to address issues and topics we feel are of great importance to our clients and friends of the firm. You can pencil in the following on your calendar:
- October 24, 2023 - Data Privacy Issues with Alex Turner and Malcolm Lewis
- January 23, 2024 - AI and Copyright Issues with Shane Riley
We will be sending detailed information as we get closer to these dates. If there is a topic you would like addressed in a webinar format, let us know!
We want to take a moment and congratulate the 71 firm attorneys that were selected by their peers for inclusion on the 2024 Best Lawyers list, nine were selected as Best Lawyers "Lawyers of the Year," and 18 others were selected as Best Lawyers "Ones to Watch." Recognition by Best Lawyers is based entirely on peer review. Its methodology is designed to capture the consensus opinion of leading lawyers about the professional abilities of their colleagues within the same geographical area and legal practice area. You can learn more here.
Congratulations to everyone!
We hope you enjoy this issue and, as always, thank you for reading.
Nicholas P. Mooney II, Co-Editor of Decoded, Chair of Spilman's Technology Practice Group, and Co-Chair of the Cybersecurity & Data Protection Practice Group
and
Alexander L. Turner, Co-Editor of Decoded and Co-Chair of the Cybersecurity & Data Protection Practice Group
| |
Are Automakers Making Sufficient Efforts to Protect Customer Data? | |
By Alexander L. Turner and Malcolm E. Lewis
With the ever-expanding Internet of Things, data privacy is a growing concern in today’s digital age. The automotive industry is no exception. The National Highway Traffic Safety Administration has broad regulatory authority over the safety of passenger vehicles, but the Federal Trade Commission is the primary federal agency responsible for protecting consumer privacy. However, neither of these regulatory agencies has taken a significant step in investigating and protecting consumers against automakers' intrusive collection of their personal data.
Based on a recent study, if an automotive industry report card were to ever be released, most major auto manufacturers would receive an “F” for data privacy.
Click here to read the entire article.
| |
“Regulation for artificial intelligence is on the horizon.”
Why this is important: “There’s some chance – above zero – that A.I. will kill us all. I think it’s low, but there’s some chance.” That was part of the message Elon Musk delivered in a closed-door meeting with Senators recently. Musk was joined by several other “tech titans” to discuss A.I., whether government needs to regulate it, and to what extent. The tech leaders unanimously espoused that government needs to be involved in regulating A.I., but there was disagreement over how that regulation should work. It seems that regulation is in the works, but is months away from completion. When it finally does emerge, the regulation must strike a balance. One part that must be achieved is to ensure the U.S. remains competitive with the rest of the world on the A.I. front. It’s important to address the fast-growing disruptive effects of A.I., but regulation needs to be careful not to stifle competition or innovation. Congress isn’t the only one taking steps toward A.I. regulation. The White House has stated that it is working on an A.I. Executive Order. All of this signals that some form of A.I. regulation is coming. Let’s hope Congress, or the White House, strikes the right balance of regulating without stifling innovation and the country’s ability to compete internationally. --- Nicholas P. Mooney II
| |
“The substantial theft was first spotted by an anonymous blockchain watcher on social media, who noticed that Cuban’s crypto wallet was being drained of all its funds.”
Why this is important: Tech maverick Mark Cuban apparently fell for a phishing scam after searching for a crypto wallet on Google. An anonymous blockchain watcher noted the nearly $1 million-dollar fraud on social media. Cuban acknowledged the loss to news outlet DL News, explaining "I'm pretty sure I downloaded a version of MetaMask with some [stuff] on it." The scammers pounced when Cuban later went on MetaMask after a several month hiatus, draining Cuban's crypto wallet. Cuban's misfortune is a good reminder that nobody is immune from the dangers of cybercrime. While the $870,000 loss may be just a drop in the bucket for Cuban, this is a good reminder to keep your guard up around the net. --- Christopher M. Green
| |
“Recently, researchers in Japan have developed a new gene editing technique that is as effective as CRISPR/Cas9 while significantly reducing these unintended mutations.”
Why this is important: While proven to be a revolutionary tool to fix genetic mutations quickly and economically, the CRISPR/Cas9 technique can also result in unintended mutations, which raises safety concerns for clinical applications in humans. Researchers in Osaka hope to have resolved this issue and advanced the technology with a method they call NICER. NICER uses Cas9 nickase rather than the traditional Cas9 enzyme to create single strand breaks in DNA during editing. The use of nickase has significantly increased gene correction efficiency and rarely induced off-target mutations in the researchers’ experiments. More experimentation is sure to come, but the research shows a promising step toward fully realizing the potential of therapeutic gene editing in humans. --- Shane P. Riley
| |
“The Education Department will launch a coordinating council to provide formal collaboration between government officials and district leaders to help schools strengthen their cybersecurity capabilities in the face of attacks that have closed campuses and exposed highly sensitive student and educator information online.”
Why this is important: As we have discussed in previous editions of Decoded and The Academic Advisor, the education sector has been experiencing devastating cyberattacks, ransomware attacks, and data breaches over the last few years. In fact, the education sector is one of the most targeted parts of the U.S. economy, outpacing health care, technology, financial services, and manufacturing. The education sector is such an inviting target because of the large number of vulnerabilities and the vast amount of easily available data. This data includes not just the personal data of students and staff, but in relation to higher education, sensitive research data. As IT specialists in the education sector try to change and adapt to these ever-evolving attacks, they are unable to keep up with the new tactics utilized by these bad actors. What is enabling bad actors to continue to be successful in attacking the education sector is the continuing trend to digitize instruction and daily operations. This trend has accelerated with the increased use of distance learning during the pandemic.
The Biden administration wants to break this cycle of attack on public school districts. The school districts, especially the smaller ones, often lack the funding and resources necessary to effectively combat these attacks. In response to this problem, the Department of Education is going to establish a group to coordinate with school districts to thwart these ever increasing and sophisticated cyberattacks. This includes partnering with the Los Angeles and Minneapolis school districts, both of which have recently experienced devastating cyberattacks. The plan is to have teams of federal cybersecurity experts visit school districts to help them create incident response plans. Additionally, several technology companies have committed to partner with school districts to provide them with free and low-cost resources to combat these cyberattacks. The Department of Education’s goal is to make cybersecurity a greater priority by giving school districts the tools they need to protect their sensitive data. --- Alexander L. Turner
| |
“Three questions can help determine whether enough has been done.”
Why this is important: A cyberattack at the right company can affect the entire country and escalate to the President’s office. Remember the 2021 ransomware attack on Colonial Pipeline, a critical fuel supply pipeline for part of the eastern United States? In response to the attack, the company shut down the pipeline to try to determine the extent of the attack and the damage. However, this resulted in gasoline supply issues, panic buying, more shortages, soaring prices, and a press briefing by the Secretary of Homeland Security and Secretary of Energy. This article makes the point that this attack and its resulting harm could happen again. It advises that CEOs need to consider themselves as guardians of the public trust. Regardless of whether you agree with that thought or not, the article provides sound advice for some of the actions companies should take during a cyberattack. First, they should communicate with (instead of avoiding) the public and be careful to communicate the right message. Second, they should coordinate with the government to keep from making a bad situation worse. Third, they should know beforehand the contacts in government with whom to coordinate and have a plan in place for making these contacts. Fourth, they should have an incident response plan, and practice it. Fifth, the CEO should have a high-level understanding of the company’s technology departments. Sixth, they should be ready to ask for assistance as soon as an attack happens and leverage the expertise of the right consultants in the government and private sector. At bottom, this article provides a great discussion of points to consider in preparing for an attack. It also provides a “self-check for CEOs” to determine their level of preparedness. It’s an obvious statement to say that cyberattacks will continue to happen, and all CEOs hopefully are spending some mental bandwidth on this topic. The advice in this article should be incorporated into their preparations. --- Nicholas P. Mooney II
| |
“Lower courts have ruled that some government agencies and officials should be restricted from communicating and meeting with social media companies to moderate content.”
Why this is important: In response to an injunction issued by the U.S. District Court for Western Louisiana and upheld by the 5th Circuit, the Supreme Court has issued a temporary block which allows the government to continue interacting with social media companies as they currently are. The order stems from a lawsuit filed by GOP Attorneys General in Louisiana and Missouri who allege that the government has gone too far in pressuring social media companies to moderate content that the administrations deem to be misinformation or disinformation, mostly as it relates to the COVID-19 vaccines and the outcome of the 2020 presidential election. Solicitor General Elizabeth Prelogar is arguing that the original injunction is overbroad and could impose irreparable harm to the government and the public. As of September 26, the pause order has been extended until September 27 at 11:59 pm, allowing more time for the states to respond. The issue arises at a time when government censorship is a forefront issue at both the state and federal level and the ultimate ruling could have an effect on the role of social media in the upcoming 2024 presidential election. --- Shane P. Riley
| |
“The administration has been working with various cabinet agencies to bolster cybersecurity in water, rail, aviation, energy and other sectors.”
Why this is important: Ever since the ransomware attack on Colonial Pipeline (May 2021) and a hacker’s attempt to poison public water in Oldsmar, Florida (February 2021), cyberattacks have brought infrastructure security to the forefront of energy discussion. A rating system for providers could be a step in the right direction, if the system is implemented correctly. Before publicly releasing a rating, providers that are determined to be on the lower end of the cybersecurity rating system should be permitted the opportunity to implement corrective measures. Otherwise, a publicly distributed low cybersecurity rating could place a hacking target on certain providers. --- Joseph C. Unger
| |
This is an attorney advertisement. Your receipt and/or use of this material does not constitute or create an attorney-client relationship between you and Spilman Thomas & Battle, PLLC or any attorney associated with the firm. This e-mail publication is distributed with the understanding that the author, publisher and distributor are not rendering legal or other professional advice on specific facts or matters and, accordingly, assume no liability whatsoever in connection with its use.
Responsible Attorney: Michael J. Basile, 800-967-8251
| | | | |