Amazon Inc. agreed to hand over to the Circuit Court of Benton County, Arkansas the Echo device data with the defendant consent

Delusion in those who were expecting to witness a new battle between Courts and the hi-tech industry.  The Circuit Court of Benton County, Arkansas has jurisdiction on a murder case that sees J.B. as defendant. The Court issued a warrant for the release of the data of the defendant’s Amazon Inc. Echo device for investigative purposes, which was initially challenged. Evident is the relevance of the case as a new test of the limits of privacy protections for data gathered by connected devices in consumers’ homes and possible First Amendment’s arguments presented by Amazon Inc. However, the defendant has subsequently consented to the production of the recordings from his Echo device.

Find the stipulation and consent order here

European Union Commissioner for Justice, Consumers and Gender Equality releases an interview on the US – EU future on the Privacy Shield

The European Union Commissioner for Justice, Consumers and Gender Equality, Ms. Věra Jourová, has released an interview to Bloomberg Technology where she accentuates that the EU expects continuity from President Trump’s Administration on the Privacy Shield agreement.

Read more about the interview from Bloomberg

Law Firms can be subject to the NY Cybersecurity Regulation because “service providers” without their knowledge

On March 1, the Regulation on Cybersecurity Requirements for Financial Services of the Department of Financial Services of New York has come into force.  Section 500.11 Third Party Service Provider Security Policy of the Regulation could very well be applied to at least some law firms since they might fall into the definition of “service providers”.
Should this be the case, as covered entities they should develop and written policies and procedures to identify and assess risks, implement minimum cybersecurity practices, implement due diligence processes to evaluate the adequacy of cybersecurity practices, and conduct periodic assessments.

Read the text of the Regulation

A Bank of Italy report on the risk of cyberattacks against small businesses indicates that one third of them suffered damages from such attacks

The Bank of Italy has published a report that focuses on preliminary evidence on the risk of cyber-attacks in the private sector.  It is an annual survey spanning from September, 2015 to September, 2016 on companies with more than 20 employees in industry and non-financial services.

The report is available here

U.S. Chicago District

The U.S. Chicago District Judge Edmond E. Chang has issued a Memorandum Opinion and Order that Google Inc. is subject to claims because, when gathering and storing biometric data of millions of users without their consent, it violated their privacy.
A similar case is pending in front of the San Francisco Federal Court against Facebook Inc.

Read More