Tag Archives: IoT

The New IoT Cybersecurity Act Is Here

By Daniel Pepper and Adam Cohen on December 11, 2020 Posted in Internet of Things

Background Growing awareness regarding cybersecurity concerns with the Internet of Things (IoT) has achieved a milestone with the promulgation of the IoT Cybersecurity Improvement Act (the Act), which was signed into law by President Donald Trump on December 4, 2020. The Act requires the development, adoption and implementation of security standards for IoT devices by … Continue Reading

Advancing Digital Strategies (and Hello from the Future!)

By James A. Sherer and Katherine Lowry on February 28, 2020 Posted in Blockchain, Emerging Technology, Internet of Things

The following story is one in a six-part series devoted to the pioneering teams that comprise the firm’s new Digital Asset and Data Management Practice Group. A prime example of BakerHostetler’s preeminence in the legal industry is on display in its latest Practice Group, Digital Asset and Data Management (DADM), which offers holistic, enterprise-wide risk solutions to … Continue Reading

Just How Far Does California’s New IoT Security Law Reach?

By Daniel Pepper on September 13, 2019 Posted in Internet of Things

On January 1, 2020, California’s new Internet of Things (IoT) Security Law goes into effect. The law is the first IoT-specific security law in the United States and, simply put, requires all IoT devices sold in California to be equipped with reasonable security measures. There has been a significant amount of discussion regarding exactly what … Continue Reading

HHS OIG Launches Cybersecurity Webpage to Raise Awareness and Boost Cybersecurity Best Practices

By Lynn Sessions and BakerHostetler on December 5, 2018 Posted in Cybersecurity, HHS

Healthcare data can be up to 10 times more valuable to cyber criminals than credit card numbers, according to a report from the Department of Health & Human Services’ (HHS) Office of the Inspector General (OIG). And, with healthcare-focused ransomware attacks like WannaCry and NotPetya in the news more frequently, it’s no wonder that HHS OIG … Continue Reading

Connecting the Dots Between Security Practices and Legal Obligations: California’s Connected Devices Bill

By Carolina Alonso and Alan L. Friel on April 4, 2018 Posted in Internet of Things

Turning on the lights, hearing the weather forecast, learning fun facts, and playing your favorite song in the kitchen are simple when one can give short voice commands to a personal assistant device that is connected to the internet and to other devices in your home. Connected devices are increasingly being used in the home, … Continue Reading

Toying With Children’s Data: Lessons From the FTC’s First Connected Toys Settlement Action

By Alan L. Friel and Carolina Alonso on January 17, 2018 Posted in Advertising, Children’s Privacy

Every year, especially around the holidays, more and more products that connect to the internet hit the market. For adults, connected home devices that act like personal domestic assistants have become increasingly popular. Children have been adding connected toys, some of which have the intelligence and programming to become a child’s best friend, to their … Continue Reading

Deception and Unfair Practices Come Preinstalled

By Benjamin Barnes and Alan L. Friel on October 23, 2017 Posted in Internet of Things, Online Privacy

Lenovo, a manufacturer of personal computers, recently agreed, among other things, to implement a software security program in a settlement with the Federal Trade Commission (FTC) over issues with third-party software preinstalled on some laptops. The software was later found to have significant security vulnerabilities that put consumers’ personal information at risk. The software created … Continue Reading

Babies and Baby-making, or Not… Privacy and Security Lessons for the Internet of Things

By Alan L. Friel on May 2, 2017 Posted in Internet of Things

What do babies, sex toys and wireless head phones have in common? Apparently, the privacy concerns of the Federal Trade Commission (FTC), state AGs and legislatures, class action plaintiffs, and consumer advocacy groups, at least when it comes to the Internet of Things (IoT). The IoT refers to consumer devices that are connected, directly or … Continue Reading

Crowdsourcing Cybersecurity in 2017

By Craig A. Hoffman and Erich Falke on April 11, 2017 Posted in Cybersecurity, Ransomware

BakerHostetler began publishing its Data Security Incident Response Report in 2015. Although we were the first law firm to do so, inspiration for the report came from similar reports that cybersecurity firms issue. We will be publishing our 2017 Report on April 13, 2017, containing statistics and insights from the 450+ incidents we led clients … Continue Reading

IoT Device Maker Settles Class Claims for $3.75 Million

By David M. Brown on April 7, 2017 Posted in Big Data, Internet of Things, Mobile Privacy, Privacy Class Actions, Retail Industry

In one of the first Internet of Things (IoT) class action settlements, the maker of a Bluetooth-enabled personal vibrator agreed to settle privacy class claims for $3.75 million. The We-Vibe product allows a user to connect the product to a smartphone. The user can then control the device from the phone via Bluetooth connection. The … Continue Reading

FTC’s $2.2m Smart TV Settlement Signals Continued IoT Enforcement Focus

By Alan L. Friel and Melinda L. McLellan on March 1, 2017 Posted in Behavioral Advertising, Big Data, Enforcement, Information Security, Internet of Things, Marketing, Online Privacy

On February 6, 2017, the Federal Trade Commission announced that it had settled charges against VIZIO, Inc., a consumer electronics manufacturer of Internet-connected televisions. The FTC alleged that VIZIO unfairly tracked sensitive TV viewing data of millions of American consumers, and deceptively failed to disclose how the collected data was being used. This action was … Continue Reading

FTC Goes After IoT Device Manufacturer for Alleged Security Vulnerabilities in Routers, IP Cameras

By Melinda L. McLellan and Kathryn Mellinger on January 13, 2017 Posted in Enforcement, Internet of Things

On January 6, the Federal Trade Commission (FTC) announced that it had filed a complaint against Taiwanese D-Link Corp. and its U.S. subsidiary, D-Link Systems Inc. (D-Link), alleging the company made deceptive claims about the security of its products and engaged in unfair practices that put U.S. consumers’ privacy at risk. The case is noteworthy for … Continue Reading

Six Proposals to Stop IoT-Based DDoS Attacks

By Randal L. Gainer on November 10, 2016 Posted in Cybersecurity, Internet of Things

On Oct. 21, 2016, an extremely large distributed denial-of-service (DDoS) attack on Dyn prevented many internet users on the East Coast of the U.S. from accessing websites such as Netflix, PayPal, Spotify and Twitter for several hours. Dyn provides domain name system (DNS) services to other businesses. DNS services resolve web addresses into IP addresses, … Continue Reading

2016 Mobile Data Privacy and Security Update and 2015 Review

By Fernando A. Bohorquez, Jr. and Jenna N. Felz on April 4, 2016 Posted in Mobile Privacy

To say that mobile device usage has reached a tipping point would be an understatement. There are now more mobile devices than people in the world, a staggering 7.9 billion mobile devices for 7.4 billion people on Earth. In the U.S., more time is spent on mobile media than on desktop and other media, 2.8 … Continue Reading

Legal Developments in Connected Car Arena Provide Glimpse of Privacy and Data Security Regulation in Internet of Things

By F. Paul Pittman on February 2, 2016 Posted in Cybersecurity, Online Privacy

With the holiday season in the rear view, automobiles equipped with the newest technology connecting carmakers with their vehicles, vehicles with the world around them, and drivers with the consumer marketplace – Connected Cars – have moved from the lots to driveways. Automakers are remaking their fleets to offer unprecedented choice and convenience to drivers. … Continue Reading