Cyber security firms today must support businesses in a climate of constant cyber and technological changes. Helping them to navigate these changes and ensuring compliance while keeping them safe is a broad challenge. This requires support of a law firm that is immersed in current, constantly changing regulatory statutes across sectors; these range from international legislation in data and cybersecurity, HIPAA, data protection and cybersecurity laws.
Cybercrimes, such as the recent WannaCry Ransomware incident, are only the tip of the iceberg in a growing rash of data theft and continual security breaches occurring in the US and around the world. This means companies must take proper measures in safeguarding their networks and servers to protect their clients’ personal information. Of course, cybersecurity isn’t just about protecting your data from bad players hoping to leverage it for their own means. It’s also about protecting your business and your clients from authorities hoping to leverage access for legal proceedings.
Cybersecurity, CALEA & The Cloud Act
Privacy and data security law is wide ranging and protects both businesses and customers from potential government intervention when security and privacy is compromised. For example, the Communications Assistance for Law Enforcement Act (CALEA“) has become a high-profile issue with Facebook’s recent denial of the government’s request to assist with a wiretap. It can also be seen in the coverage of the Cloud Act as it pertains to the recent Microsoft warrant case as described in Reuters reports.
In March of 2018, the Consolidated Appropriations Act, 2018 was signed into law. A section of the law is known as the Clarifying Lawful Overseas Use of Data (CLOUD) Act., which applies to
law enforcement requests for access to communications information stored abroad. For companies that collect, transmit, and store such communications, the CLOUD Act seeks to clear up grey areas in previous laws involving tech companies and law enforcement reach in the digital age.
In addition to knowing the ramifications of these laws and how they impact a business, companies working in sectors such as communications, telecommunications, technology and media enact cybersecurity measures and protocols to protect users and proprietary data. This 360-degree protection can only be complete with the legal support for federal, state, and international data protection, as well as security and law enforcement regulations, including federal cyber security laws.
DMCA and CAN-SPAM Compliance
The Digital Millennium Copyright Act (“DMCA”) has been in effect for nearly two decades to protect the IP of content creators as well as shield internet companies from the misdeeds of their customers. The four “safe harbors” enacted by Congress for online service providers encompass the following:
- Transitory digital network communications
- System caching
- Online hosting
- Provision of information location tools that have their own eligibility requirements.
Still, businesses struggle with the definition of infringement and its use in court. When to take action, the level of proof required, as well as the methods and instances of infringement have all been somewhat vague.
The CAN-SPAM Act, which protects consumers from unsolicited emails has also been a point of misunderstanding for businesses and their mail campaigns. This confusion exists despite the existence of a Federal Trade Commission checklist that ensures a business’s emails and newsletters are not in violation.
Cyber security firms must be vetted to ensure that they can sustain a high level of cyber security and data protection for companies specifically operating in the technology and communications sectors. Having a deep understanding of cyber security law across sectors is vital to working as part of a larger team that ensures a company’s information privacy and data is protected in the digital age. That means staying ahead of regulatory evolution to smoothly navigate complex and evolving federal, state, and international laws that govern cyber security and law enforcement.