LEGAL INSIGHTS

The digital economy is revolutionizing every aspect of our lives, and success in today’s economy requires that businesses become disruptors and innovators. At Patrick Law Group, we believe that a critical component of competitiveness in the digital economy is the pursuit of sharing and collaboration of relevant information.

We recognize the increasing complexity our Clients face in identifying relevant content and insightful business perspectives on changes and developments important to their practice areas and business interests. We invest in creating and sharing Client-centric content, and provide our Clients with current insights and knowledge that affect critical business decisions and the development of cogent business strategies.

RSS

  • DHS Cybersecurity Arm Directs Executive Agencies to Develop Vulnerability Disclosure Policies December 3, 2019
    On November 27, 2019, the Cybersecurity and Infrastructure Security Agency (CISA) of the Department of Homeland Security (DHS) released for public comment a draft of Binding Operational Directive 20-01, Develop and Publish a Vulnerability...
    Patrick Law Group, LLC
  • Open Internet Advocates Rejoice: Ninth Circuit Finds Web Scraping of Publicly Accessible Data Likely Does Not Violate CFAA October 28, 2019
    The Ninth Circuit Court of Appeals recently handed open internet advocates a big win by upholding the right of a data analytics startup to use automated bots to scrape publicly available data (hiQ Labs, Inc. v. LinkedIn Corp., No. 17-16783 (9th...
    Patrick Law Group, LLC
  • The ABA Speaks on AI August 15, 2019
    Earlier this week, the American Bar Association (“ABA”) House of Delegates, charged with developing policy for the ABA, approved Resolution 112 which urges lawyers and courts to reflect on their use (or non-use) of artificial intelligence (“AI”)...
    Patrick Law Group, LLC
  • Is Anonymized Data Truly Safe From Re-Identification? Maybe not. August 5, 2019
    Across all industries, data collection is ubiquitous.   One recent study estimates that over 2.5 quintillion bytes of data are created every day, and over 90% of the data in the world was generated over the last two years. Not surprisingly, the...
    Patrick Law Group, LLC
  • FTC Settlement Reminds IoT Companies to Employ Prudent Software Development Practices July 31, 2019
    Smart home products manufacturer  D-Link Systems Inc. (D-Link) has reached a proposed settlement with the Federal Trade Commission after several years of litigation over D-Link’s security practices. The dispute, which dates back to early 2017, has...
    Patrick Law Group, LLC
  • Beyond GDPR: Brexit’s Effect on other Data Laws June 20, 2019
    Since the United Kingdom (UK) voted in June, 2016, to exit the European Union (i.e., “Brexit”), the question in many minds has been, “Whither GDPR?”  After all, the UK was a substantial contributor to this legislation.  The UK has offered...
    Patrick Law Group, LLC
  • San Francisco Says The Eyes Don’t Have It: Setting Limits on Facial Recognition Technology May 16, 2019
    On May 14, 2019, the San Francisco Board of Supervisors voted 8-1 to approve a proposal that will ban all city agencies, including law enforcement entities, from using facial recognition technologies in the performance of their duties.  San...
    Patrick Law Group, LLC
  • NYC’s Task Force to Tackle Algorithmic Bias: A Study in Inertia May 2, 2019
    In December, 2017 the New York City Council passed Local Law 49, the first law in the country designed to address algorithmic bias and discrimination occurring as a result of algorithms used by City agencies. Local Law 49 created an Automated...
    Patrick Law Group, LLC
  • U.S. Lawmakers Want Companies to Check their Bias April 26, 2019
    Although algorithms are often presumed to be objective and unbiased, technology companies are under increased scrutiny for alleged discriminatory practices related to their use of artificial intelligence. As a result of the rising concern that...
    Patrick Law Group, LLC
  • The Weight of “GDPR Lite” March 19, 2019
    In June, 2018, California’s legislature took the first steps to ensure that the state’s approach to data privacy was trending more closely to the European Union’s General Data Protection Regulation (GDPR), the de facto global industry standard for...
    Patrick Law Group, LLC
Predictive Algorithms in Sentencing: Are We Automating Bias?

Predictive Algorithms in Sentencing: Are We Automating Bias?

By Linda Henry | Although algorithms are often presumed to be objective and unbiased, recent investigations into algorithms used in the criminal justice system to predict recidivism have produced compelling evidence that such algorithms may be racially biased.  As a result of one such investigation by ProPublica, the New York City Council recently passed the first bill in the country designed to address algorithmic discrimination in government agencies. The goal of New York City’s algorithmic accountability bill is to monitor algorithms used by municipal agencies and provide recommendations as to how to make the City’s algorithms fairer and more transparent.

read more
My Car Made Me Do It: Tales from a Telematics Trial

My Car Made Me Do It: Tales from a Telematics Trial

By Dawn Ingley | Recently, my automobile insurance company gauged my interest in saving up to 20% on insurance premiums.  The catch?  For three months, I would be required to install a plug-in monitor that collected extensive metadata—average speeds and distances, routes routinely traveled, seat belt usage and other types of data.  But to what end?  Was the purpose of the monitor to learn more about my driving practices and to encourage better driving habits?  To share my data with advertisers wishing to serve up a buy-one, get-one free coupon for paper towels from my favorite grocery store (just as I pass by it) on my touchscreen dashboard?  Or to build a “risk profile” that could be sold to parties (AirBnB, banks, other insurance companies) who may have a vested interest in learning more about my propensity for making good decisions?  The answer could be, “all of the above.”

read more
When Data Scraping and the Computer Fraud and Abuse Act Collide

When Data Scraping and the Computer Fraud and Abuse Act Collide

By Linda Henry | As the volume of data available on the internet continues to increase at an extraordinary pace, it is no surprise that many companies are eager to harvest publicly available data for their own use and monetization.  Data scraping has come a long way since its early days, which involved manually copying data visible on a website.  Today, data scraping is a thriving industry, and high-performance web scraping tools are fueling the big data revolution.  Like many technological advances though, the law has not kept up with the technology that enables scraping. As a result, the state of the law on data scraping remains in flux.

read more
Is Your Bug Bounty Program Uber Risky?

Is Your Bug Bounty Program Uber Risky?

By Jennifer Thompson | In October 2016, Uber discovered that the personal contact information of some 57 million Uber customers and drivers, as well as the driver’s license numbers of over 600,000 United States Uber drivers had been hacked.  Uber, like many companies, leveraged a vulnerability disclosure or “bug bounty” program that invited hackers to test Uber’s systems for certain vulnerabilities, and offered financial rewards for qualifying vulnerabilities.  In fact, Uber has paid out over $1,000,000 pursuant to its program, which is administered through HackerOne, a third-party vendor.  Uber initially identified the breach as an authorized vulnerability disclosure, paid the hackers $100,000, and the hackers deleted the records.  Yet, Uber has faced lawsuits, governmental inquiry and much public criticism in connection with this payment.

read more
IoT Device Companies: COPPA Lessons Learned from VTech’s FTC Settlement

IoT Device Companies: COPPA Lessons Learned from VTech’s FTC Settlement

By Jennifer Thompson | In “IoT Device Companies:  Add COPPA to Your “To Do” Lists,” I summarized the Federal Trade Commission (FTC)’s June, 2017 guidance that IoT companies selling devices used by children will be subject to the Children’s Online Privacy Protection Act (COPPA) and may face increased scrutiny from the FTC with respect to their data collection practices.  That warning became a harsh reality for VTech Electronics Limited (VTech), which recently entered into a settlement with the FTC to, among other things, pay $650,000 for alleged violations of COPPA and the FTC Act.

read more
Beware of the Man-in-the-Middle: Lessons from the FTC’s Lenovo Settlement

Beware of the Man-in-the-Middle: Lessons from the FTC’s Lenovo Settlement

By Linda Henry | The Federal Trade Commission’s recent approval of a final settlement with Lenovo (United States) Inc., one of the world’s largest computer manufacturers, offers a reminder that when it comes to consumers’ sensitive personal information, transparency is key, and failure to assess and address security risks created by third-party software vendors may be deemed an unfair act or practice under Section 5 of the FTC Act.

read more