August 2017

Earlier this month, the UK Government published a consultation on plans to implement the EU Directive on security of network and information systems (the “NIS Directive”, otherwise known as the Cybersecurity Directive).  The consultation includes a proposal to fine firms that fail to implement “appropriate and proportionate security measures” up to EUR 20 million or

By Benjamin Duke, Matt Schlesinger, and Scott Levitt

[This article was also published as a Client Alert.]

Two recent federal district court decisions involving computer “spoofing” scams highlight the uncertainty about whether such incidents may be covered under standard “computer fraud” provisions in widely used crime insurance forms. The conflicting results in these cases

In the first of a three-part series, Covington’s global cross-practice Digital Health team answers key questions that companies across the life sciences, technology, and communications industries should be asking as they seek to fit together the regulatory and commercial pieces of the complex digital health puzzle.
Key Regulatory Questions About Digital Health Solutions
1. What

The closely watched lawsuit alleging Spokeo, Inc., violated the Fair Credit Reporting Act (“FCRA”) may proceed, after a federal appeals court ruled — on remand from the Supreme Court — that publication of the inaccuracies alleged by the plaintiff would constitute a sufficiently “concrete” harm to give the plaintiff standing to sue in federal court. 

At the beginning of August, the D.C. Circuit found that the fact that a data breach has occurred and individual consumer information has been lost may constitute sufficient injury to confer standing on those individual victims at the pleading stage–irrespective of whether any stolen information has been misused. Specifically, Attias, et al. v. CareFirst, Inc.

By Alex L. Sarria and Marianne F. Kies

The recent settlement of a noteworthy “contractor-on-the-battlefield” case should serve as a cautionary tale to government contractors that perform high-risk work in support of military operations. In Suleiman Abdullah Salim v. James E. Mitchell and John Jessen, No. CV-15-0286, three foreign plaintiffs filed Alien Tort Statute (“ATS”)

By Alex Berengaut

[This article also was published in Law360.]

In May 2017, the “WannaCry” malware was used to launch a worldwide ransomware cyberattack. WannaCry encrypted files on victim computers and demanded a ransom payable in bitcoin to provide the encryption key. The attack was stopped when a British security researcher, Marcus Hutchins, accidentally