On Wednesday, February 12, the White House released the National Institute of Standards and Technology’s (NIST) Final Cybersecurity Framework: a set of industry best practices and standards to help owners and operators of critical infrastructure develop better cybersecurity programs. It is accompanied by a Roadmap which discusses NIST’s next steps with the Framework and identifies key areas of development, alignment, and collaboration. The Framework stems from President Obama’s February 2013 Executive Order on cybersecurity, previously covered on October 1, 2013. The overall core of the Framework is essentially unchanged from earlier drafts, also previously discussed on October 28, 2013.
As the world becomes more interconnected, data breaches and cyber-attacks are increasingly becoming an unfortunate reality for many organizations. The stakes are high: a data security breach can disrupt a company’s operations, damage the business’s reputation, cause its stock price to fall, lead to the loss of business, and attract government investigations, agency action, and class action lawsuits. Complicating matters is the fact that a patchwork of state and federal laws can apply to the same data security breach incident.
The National Institute of Standards and Technology (NIST) has just released its Preliminary Cybersecurity Framework: a set of best practices to help owners and operators of critical infrastructure reduce cybersecurity risks. This voluntary framework provides both private and public-sector organizations with a common language for understanding and managing cybersecurity risks internally and externally. The framework stems from President Obama’s February 2013 Executive Order on cybersecurity, previously covered by this blog. The Final Framework is due to be released in February 2014, following a 45-day public comment period on the Preliminary Framework.
A recent New Jersey Appellate Division decision in Fitzgerald v. Duff provides a potent reminder that if you are involved in litigation, anything you do or say online might be used against you in court. The Fitzgerald proceedings concerned a father’s attempt to modify a previously-entered child support order by submitting his 2011 income tax return, which reported a taxable income of $21,000 from a cash tattoo business. In opposition, the child’s legal custodian filed a certification opposing modification of the support order, suggesting that much of the defendant’s income was unreported, and that a much higher child support obligation was warranted. To support that position, the custodian submitted copies of defendant’s web site, Facebook photographs, and various social media comments evincing his success. The website identified multiple locations at which the tattoo parlor operated and plans for its imminent expansion, featured three staff tattoo artists, and advertised that defendant provided tattoo services for professional football players. The Facebook photographs depicted defendant throwing $100 bills, his speed boat, a 2011 Chevrolet Camaro (plaintiff also maintained defendant owned a Lincoln Navigator), his elaborate tropical wedding, and accompanying diamond engagement and wedding bands. Finally, comments from the father’s Myspace page included statements that in four hours he earns $250, his schedule had “been packed so [he could] pay for this wedding,” and that he purchased television advertising spots.
Surf at Your Own Risk: For the First Time in New Jersey, Judge Holds Juror In Contempt for Internet Use During Deliberations
Last month, the Hon. Peter E. Doyne, A.J.S.C. found jury foreperson Daniel M. Kaminsky to be in criminal contempt pursuant to R. 1:10-2 for violating several orders of the trial judge that prohibited jurors from engaging in any independent research during trial as set forth in In re Kaminsky, (N.J. Sup. Ct., Bergen County, Mar. 12, 2012). After a mistrial was declared in the underlying criminal drug case and two fellow jurors reported Kaminsky’s Internet use, the Court found beyond a reasonable doubt, in the context of an Order to Show Cause hearing and related in camera proceedings, that (1) Kaminsky conducted independent research; (2) the act was contemptuous; and (3) the conduct was willful and contumacious, “with a complete disregard of the court’s authority and instructions.” Although the foreperson was subject to a maximum punishment of six months in prison, a $1,000 fine or both, he was only fined $500.
“Anonymous” copyright infringers — in this case the downloaders of a pornographic video — should take note of a recent decision. In what is becoming increasingly common, a court was recently asked by a copyright holder to issue an order requiring non-party Internet Service Providers (“ISP”) to identify individual Internet users for purposes of filing a copyright lawsuit against them pursuant to 17 U.S.C. § 101 et seq.
Having recognized the challenges regarding jurors’ use of social media in the courtroom, the Committee on Court Administration and Case Management requested that the Federal Judicial Center (“FJC”) survey district court judges to identify effective mechanisms to curtail this growing problem. In response, the FJC queried 952 district judges and issued Jurors’ Use of Media During Trials and Deliberations, which demonstrates that despite the various strategies devised, it is virtually impossible to prevent jurors’ use of social media and is equally difficult to detect each and every impropriety. This issue is not novel; in fact, this blog has previously reported on instances where jurors’ use of social media had a significant impact on a proceeding as well as suggestions on how to avoid such pitfalls. Click here for those postings.
Ooops, They Did it Again — Jurors Continue to Improperly Use the Internet, and Courts Struggle with Solutions
All over the country, courts are struggling with how best to prevent juror communications and/or research on the Internet, including on social media such as Facebook. What’s the solution? Thus far, there is no clear answer, as evidenced by a recent New Jersey case in which a juror dodged sanctions for contempt after researching a child sex-crime case involving a former pastor on the Internet — even after being instructed to refrain from such Internet research.
The Fifth Annual Gibbons E-Discovery Conference Kicks Off with an Interactive and Thought-Provoking Overview of the Past Year’s Pivotal E-Discovery Case Decisions
The Fifth Annual Gibbons E-Discovery Conference kicked off with an interactive overview of the important judicial decisions from 2011 that shaped and redefined the e-discovery landscape. Before an audience of general and in-house counsel, representing companies throughout the tri-state area, the esteemed panel of speakers, including Michael R. Arkfeld, Paul E. Asfendis, and Mara E. Zazzali-Hogan, moderated by Scott J. Etish, tackled the issues faced by the courts over the past year. Through a series of hypotheticals, the panelists and attendees analyzed and discussed how to handle the tough e-discovery issues that arose and how the courts’ decisions again reshaped the e-discovery landscape as we know it. Litigation hold protocols and spoliation concerns, the use of social media in discovery with its attendant ethical concerns, and the use of social media and the Internet in the courtroom were the hot topics of the day. This interactive overview of the past year’s hot button, e-discovery issues was an instant success and clearly set the tone for the remainder of the conference.
Current Cybersecurity Issues and Laws Effecting Private Sector Industries Discussed at the Fifth Annual Gibbons E-Discovery Conference
On the heels of National Cybersecurity Awareness Month in October, the second panel discussion at the Fifth Annual Gibbons E-Discovery Conference dealt with pressing issues involving cybersecurity and their effect on private industries. Moderated by Gibbons Director and senior E-Discovery Task Force member Jeffrey L. Nagel, Esq., the panel opened with a presentation by Erez Lieberman, Esq., Deputy Chief of the Economic Crimes Unit and Chief of the Computer Hacking and Intellectual Property Section, Office of the United States Attorney, District of New Jersey. Mr. Lieberman discussed several cases of high profile cybersecurity breaches in recent years and the government’s role in those cases. Mr. Lieberman identified the various types of cybercrimes affecting businesses and provided the audience with a unique understanding of the interaction and coordination between his office, the Secret Service, the Federal Bureau of Investigations, and private companies. Mr. Lieberman also addressed the effect of data breaches on the public sector and the impact of public perception on the business.