Social media has played an oversized role in lawsuits under state and local biometric privacy laws, including especially the Illinois Biometric Information Privacy Act (BIPA). See, e.g., Thornley v. Clearview AI, Inc., 984 F.3d 1241 (7th Cir. 2021) (plaintiffs alleged that defendant used a proprietary algorithm to “scrape” pictures from social media sites such as

Connecticut Governor Ned Lamont recently signed into law “An Act Incentivizing the Adoption of Cybersecurity Standards for Businesses” (Public Act No. 21-119). Under the Act, “covered entities” that implement certain cybersecurity measures to protect against data breaches of “personal information” and “restricted information” will be insulated against the imposition of punitive damages arising from tort

Alan Rutkin authored the Best’s Review article,  “Cyber Threats: Get Ready and Get Tough.”

In the article, Rutkin discusses the steady increase of cyber incidents and how insurers should prepare for future attacks.

“Cybercrimes, along with the related coverage issues, are among the biggest challenges now facing insurers,” Rutkin says.

A wide range of federal and state authorities are involved in the regulation of emerging technologies in one way or another. Numerous agencies as well as the U.S. Department of Justice lead the national effort, while the Department of Financial Services, the attorney general, and local prosecutors are the principal parties in New York State.

For much of the past few years, Section 230 of the Communications Decency Act of 1996 (CDA) has been in the news. Section 230 generally immunizes providers of interactive computer services (such as internet service providers or ISPs, social media companies, and website hosting entities, among others) from liability in connection with third party

Sometimes a comprehensive overview is needed to recognize that individual anomalous conduct is indicative of a criminal scheme.

Recently, the Department of Financial Services (DFS) looked at an unusual pattern of interaction with multiple insurance websites and concluded that cybercriminals were exploiting data obtained from those website interactions to commit benefit fraud. Website operators of

On February 4, 2021, New York’s Department of Financial Services (DFS) issued Insurance Circular Letter No. 2, which builds on the robust cybersecurity regulation provided in its 2017 Cybersecurity Regulation (23 NYCRR 500). The Letter discusses the current state of the cyber insurance industry and provides a seven-part Cyber Insurance Risk Framework which may assist

As businesses in New York and elsewhere begin to enter a second year of partially or fully closed offices and of dealing with a workforce operating remotely, an issue that was top-of-mind for much of 2020 – computer security – should remain a key concern in 2021 and should not be overlooked or ignored.

In

Alan Rutkin’s article, “2021 Liability Forecast: COVID, Cyber, Opioids, Sex Abuse,” appeared in the February 2021 issue of Best’s Review.  Alan notes that these liability issues will, in turn, create insurance coverage issues.

To read the article, click here.

At the start of the 2021-2022 legislative session, the New York state legislature proposed a raft of new regulations related to data privacy which may create challenges for entities doing business in the state. We expect that some or all will pass in some form, as many believe that current laws do not adequately protect