Connecticut Business Litigation Blog : Connecticut Business Lawyer & Attorney : N. Kane Bennett : Aeton Law Partners LLP : Hartford, Middletown, Glastonbury

The FTC released its 122 page Privacy Report today.  This Report has been anticipated for some time. The FTC Chairman, Jon Leibowitz, summed up the purpose behind the FTC's involvment in data privacy and security with release of the Report stating:

Technological and business ingenuity have spawned a whole new online culture and vocabulary – email, IMs, apps and blogs – that consumers have come to expect and enjoy. The FTC wants to help ensure that the growing, changing, thriving information marketplace is built on a framework that promotes privacy, transparency, business innovation and consumer choice. We believe that’s what most Americans want as well.

The Report is issued as "A Proposed Framework For Business and Policymakers."  The Report is intended to "inform policymakers, including Congress, as they develop solutions, policies, and potential laws governing privacy."  It is also intended to be a framework for how companies should address privacy. 

The biggest news making aspect of the Report is the endorsement of a Do Not Track system that would permit consumers to limit or control the amount of information given to advertisers that track consumers' online behavior.  This would be similar to the Do Not Call registry. 

For an excellent review of this far reaching Report, and its implications, read this post on the Privacy and Security Law Blog.  For more information on the Do Not Track and online behavior tracking aspects of the Report, here is a post from Electronic Frontier Foundation.  In the days ahead, there will be many more blog posts about the Report.

For now, if you are a company that collects data for online behavior tracking or stores personally identifiable information (PII such as name, address, ss#, date of birth, etc),  this Report should be reviewed albeit with the understanding that it is a proposed framework and will not be a final report until sometime in 2011.  The Report will be subject to much debate and critical comment, but might also serve as a best practices guide post. 

My general take away points from the Report are that the FTC: 

• Endorses a Do Not Track system
• Expects privacy policies to be based on notice and choice for consumers
• Opines that many companies "do not adequately address consumer privacy"
• States privacy policies should reflect the level of sensitivity of the data it seeks to protect
• Wants companies to promote consumer privacy throughout development of its services and products or adopt "privacy by design"
• Wants Companies to make it easier for consumers to understand privacy policies and data collection
• Wants consumers to have more choice on opt in or opt out for data collection

The FTC will take public comment on the Report (click here) until January 31, 2011.

• Email This
• Print
• Comments
• Trackbacks
• Share Link

I have written several posts on risk management and litigation arising out of social networking or media websites such as Facebook, Twitter and LinkedIn. Dan Schwartz's Employment Law Blog includes coverage of a variety of concerns with use of social media and the need for internal policies and procedures.  While Dan's blog covers employment law and this blog covers business litigation, social media ends up a frequent topic on both blogs.  In fact, you can read about social media on legal blogs across the country covering litigation, intellectual property, privacy, defamation, and the first amendment.  

Some say social media is a fad so why the extensive coverage on legal blogs?  The facts is that as the use of social media continues to grow and involve massive numbers of users, so does the risk of litigation and potential for numerous other legal issues.   To see some staggering statistics on social media,  check out the link to this video I came across on Tyson Snow's blog Social Media Esq. The video is by Erik Qualman, the author of socialnomics.  Here is a link to the video on YouTube (social media revolution 2 refresh).

If you want a real world example of social media's growing impact on the legal industry, consider Citigroup (Citi).  Citi posted on its website a job listing for Associate General Counsel.   The Citi job is not for auditing, compliance, or litigation.  Instead, in what may be a new trend, the Citi job is for Associate General Counsel-Social Media Attorney.   Citi is not alone.  Clorox also sought out an attorney to oversee its social media programs. I expect more companies will follow with new stand alone social media attorney positions.

The responsibilities posted for the Citi position give business owners a snap shot of the potential areas for concern. As posted on its website:  

The Citi Social Media Attorney will be responsible for the legal oversight of social media in three spheres:

 

A.        Citi-sponsored media such as company websites, Twitter accounts, and   YouTube;

B.        Social media interaction between Citi and the public/third parties; and,

C.        Employee participation in social media, as site user and/or site administrator.

The specific duties of the Citi Social Media Attorney provide a glimpse of the need for management of a vast array of legal areas.  The duties for the Citi job include:

Advertising, Intellectual property, Information privacy/data security including specifically relevant sections of Lanham Act; Copyright Act as amended by Digital Millennium Copyright Act;  FTC Act and Guides (including recent Endorsements/Testimonials Guidelines); rights of publicity/privacy; promotions law; defamation law; Communications Decency Act.

 

In my view, Citi has smartly recognized that managing social media does not fall into a traditional field of law such as advertising or intellectual property alone, but rather overlaps several areas that can rapidly change.  As such, proper management of social media issues for a large company likely requires a dedicated position.  This could be a sign of a new practice area or niche: the Social Media Attorney. Either way, it certainly confirms that business and employment attorneys need to understand these areas of law to address the risks clients face as the use of social media continues to grow.

• Email This
• Print
• Comments (2)
• Trackbacks
• Share Link

I recently attended the Connecticut Privacy Forum.  One of the presentations was by Kim Peretti who is Director of Forensic Services at Pricewaterhouse and a former federal prosecutor that chased down identity thieves globally. (read an interview with Kim here about the infamous TJX case).   I learned quite a bit of information about trafficking in personal identifying information also known as PII.  You can read my live tweets from her presentation here. 

In the data theft industry, the thieves are called "carders."  They are out there looking for victims in person and online.   The primary goal is not only credit card information, but  "full wallets."  Full wallets is when the carder gets all the information you might have in your wallet.  Credit cards, license, bank cards, etc.  The thieves might get this information from you personally, but more likely through a company that keeps this type of information.  Once they get a full wallet, they typically sell it overseas where the information is stored on computer servers and offered for sale on websites.  Scary stuff. 

As a coincidence, I have had a recent uptick of inquiries from victims of identity theft.  There are many laws that are implicated in cases of identity theft such as wire fraud, computer fraud, and theft statutes. The theft may also involve a data breach such as in the case of TJX.   

Here is a quick summary of Connecticut's statutory law for identity theft.

In Connecticut, an attorney can file a civil lawsuit on behalf of a victim of identity theft and obtain an award of one thousand dollars or treble damages, whichever is greater pursuant to statutory law. In addition, a victim can obtain an award of costs and reasonable attorney's fees.  Damages may include documented lost wages, or any financial loss that can be tied to the identity theft. Courts have the ability to award other types of relief also, including but not limited to, not less than two years of commercially available identity theft monitoring.  

In Connecticut, attorneys may prove identity theft for civil damages by showing a violation of the criminal identity theft statutes.  This is similar to the civil theft statute and computer crime statute.  In general, the criminal identity theft statutes may be broken down under the following categories:

• Class B felony identity theft.  This violation concerns cases where the victim is under the age of 60 and the value of money or theft exceeds ten thousand dollars or the victim is over the age of 60 and the value is greater than five thousand dollars.
• Class C felony identity theft.  This violation occurs where the victim is under 60 and the value is greater than five thousand dollars, or if the victim is over 60.
• Class D felony identity theft.  This occurs for any violation regardless of age or value.

To prove the underlying violation or actual identity theft, an attorney must prove in the following:

A person commits identity theft when such person knowingly uses personal identifying information of another person to obtain or attempt to obtain, in the name of such other person, money, credit, goods, services, property or medical information without the consent of such other person.
 

Personal identifying information is defined by the statute as:

any name, number or other information that may be used, alone or in conjunction with any other information, to identify a specific individual including, but not limited to, such individual's name, date of birth, mother's maiden name, motor vehicle operator's license number, Social Security number, employee identification number, employer or taxpayer identification number, alien registration number, government passport number, health insurance identification number, demand deposit account number, savings account number, credit card number, debit card number or unique biometric data such as fingerprint, voice print, retina or iris image, or other unique physical representation.
 

If you are a victim of identity theft, you should take fast action.    Some of the actions you might consider: 

• Identify potential defendants for a lawsuit, such as the actual perpetrator or the source where the perpetrator obtained the information
• Assess provable damages
• Seek police involvement and file a private complaint
• Take immediate action to help restore credit ratings
• Filing for an injunction, damages or other lawsuit against perpetrators

Consulting an identity theft attorney is also a good idea.  An identity theft attorney can help a victim sort through the various options, take direct action on behalf of the victim, and determine if there are grounds for a lawsuit to seek an injunction, restraining order, or damages. 

• Email This
• Print
• Comments
• Trackbacks
• Share Link

The tragic suicide of Rutgers University student, Tyler Clementi, shows the potential devastating impacts arising from misuse of the Internet and social media sites such as YouTube, Facebook, and Twitter.  This incident also serves as a reminder of the rapid sea change that technology brings and how our laws struggle to keep pace especially when it comes to new forms of media and the Internet.  I have seen two trends develop as it relates to lawsuits and social networking litigation. Both of these trends will continue. 

The first trend concerns the potential problems and risks to business owners over social media.  These issue have been well documented for over a year now.  Some of these issues include privacy rights, defamation, trade secrets, non-competition agreements, electronic monitoring, evidentiary use, and concerns over social media policies in the workplace. 

The second trend that has developed is the unfortunate increase and rise in cyber bullying, harassment, and invasion of privacy from users posting content on Blogs, Facebook, MySpace, Twitter, and YouTube.  The sad fact is that this often involves school age children as victims of cyber attacks or as users who do not fully understand the significance and devastation that might result from posting content online to the entire world.

As another glaring example, Anderson Cooper of CNN reported just last night on the disturbing story of Chris Armstrong, an openly gay student at the University of Michigan.  The story detailed how a Michigan Assistant Attorney General, Andrew Shrivell, was outright harassing and stalking Mr. Armstrong both in person and on a blog.   Mr. Shrivell's conduct was revolting and disturbing for anyone let alone a law enforcement official.   His actions are an example of someone running wild on the Internet with harassment.

Individuals facing harassment or bullying over the Internet often feel as if there is nothing that can be done to stop the conduct.  For example, as of last night, the Michigan Attorney General had done nothing to discipline Shrivell for his conduct based on purported concerns for "First Amendment" rights.  Although the available laws for bringing a lawsuit for improper use of the Internet continue to evolve, an attorney can help a victim of Internet or online harassment.  In short, something can be done.  Some of the legal theories available for a civil lawsuit include defamation, negligent misrepresentation, invasion of privacy, stalking statutes, and infliction of emotional distress.  

The explosive growth of use of social media is not going to end. Instead, these trends will continue to dominate and grow.   As use and misuse of social media and the Internet continues, litigation attorneys would be well served to stay on top of the evolving legal issues.  Businesses and individuals will continue to need legal representation  to address these growing trends.

• Email This
• Print
• Comments (1)
• Trackbacks
• Share Link

You might be surprised how many times I am asked this question.  Of course, the circumstances of every case warrant separate consideration, but here are the basic facts concerning recording of phone conversations in Connecticut as it relates to civil litigation and lawsuits: 

Civil Liability.  You are subject to liability in a civil lawsuit if you violate Connecticut General Statutes 52-570d entitled "Action for illegal recording of private telephonic communications."  The full text of the statute is here, but the basic summary is that an aggrieved person may bring a civil lawsuit for the recovery of damages and attorney's fees if someone uses a device to record "an oral private telephonic communication" unless the use of the recording device involves:

• the consent of all parties (some states only require one party consent), and such consent is obtained prior to the recording
• the consent documented in writing or part of the recording
• verbal notification given at the start of the recording
• an automatic tone warning device producing a signal every 15 seconds

There are various exceptions to this rule, including for law enforcement and FCC officials.  In addition, one of the more relevant exceptions is for "any person who, [is] the recipient of a telephonic communication which conveys threats of extortion, bodily harm or other unlawful requests or demands."  For example,if your Mel Gibson's girlfriend, and you are in Connecticut, its probably safe to record his phone calls. To recover in Connecticut, however, you have to prove actual damages related to the recording.

Many people that want to record phone conversations are trying to document conversations as evidence for potential use in a lawsuit.   However, if the recording is done unlawfully, Connecticut law prohibits the use of the recording in "any court of this state." As such, although an improperly recorded phone call might be available for use in a deposition, it will not be permitted as evidence in any court.  

Whether an improper phone recording is criminal will depend on the circumstances.  For example, it is a Class D Felony in Connecticut to engage in wiretapping or "mechanical overhearing" of a conversation.  Wiretapping and mechanical overhearing are defined to include "intentional overhearing or recording" of telephonic communication or conversations without the consent of at least one person involved.  This is more likely to apply to a situation like the allegations against Shaq O'Neal for intercepting cellular phone conversations he was not a part of as opposed to private two way conversations. However, the possibility of criminal penalty should be factored into any decision to record a phone call.

Keep in mind also that this post is only a summary as it pertains to Connecticut state law. If phone calls involve an out-of-state caller, different laws might apply.  For a good example of the intersection of various state recording laws, visit the website for the Reporters Committee for Freedom of the Press.  In addition to state law, there are federal wiretapping laws that might come into play. For an example of some federal laws, see this post on the Citizen Media Law Project.

The takeaway here is that if you improperly record phone conversations in Connecticut you could: (1) face criminal penalties; (2) face a civil lawsuit for damages and attorney's fees; and (3) be precluded from using the recordings in court in any civil lawsuit.  As such, if you are planning on recording phone conversations of any kind, you would be well served to contact an attorney and get advice on whether to proceed.

• Email This
• Print
• Comments (2)
• Trackbacks
• Share Link

Previously, I have posted about non-compete agreements and the duty of loyalty for employees.  Many times, businesses do not have written contracts to protect confidential and proprietary information from not only competitors and vendors, but also their own employees.  Without a contract, the common law of Connecticut concerning breach of fiduciary duty is one of the ways attorneys can seek to protect business clients against improper use of confidential information.

Another method for attorneys to seek to protect their clients' confidential information stored on a computer system or network is through the federal Computer Fraud and Abuse Act (CFAA).  The CFAA is largely a criminal statute, but is being used more frequently in civil cases on behalf of businesses faced with loss or theft of confidential and proprietary information and trade secrets.   The CFAA, 18 U.S.C. 1030, essentially provides for civil liability for unauthorized access to protected computers with intent to defraud or cause damage.  There are civil enforcement provisions that allow private actions for recoverable loss related to prohibited conduct if a series of factors can be proved in court.

Recently, Peter J. Toren wrote an excellent article in the New York Law Journal  where he detailed methods in which the CFAA might be useful for attorneys to protect client trade secrets and other confidential information.   Peter listed the six factors necessary for proof of damages.  Peter also noted some of the limitations of the CFAA when it comes to employee theft of trade secrets and described the narrow and broad views taken by different courts when interpreting improper access of a protected computer without authorization. Peter further provides some useful tips for businesses on how to construct a policy in light of the different court interpretations of improper access. 

Lee Berlik, publisher of the Virginia Business Litigation Blog, also has a recent post about the series of hurdles necessary for attorneys to prove loss or damages under the CFAA.  Lee's post describes a threshold of $5,000 in value that must fit into the categories of potential loss defined in the CFAA.  Similar to Peter's article, Lee also describes how a case was unsuccessful in court because of insufficient facts to show loss under the CFAA.

In Connecticut federal courts, the reported cases under CFAA, largely have been unsuccessful for a variety of reasons, many of which Peter's article details.  Some cases were dismissed for failing to meet damages thresholds (Register.com v. Verio, 356 F.3d 393 (2004)) , while another case was dismissed because the facts were insufficient for unauthorized access (Cenveo, Inc. v. Rao, 659 F. Supp. 2d 312 2009)).   However, in a recent case, in the federal district court, Judge Vanessa Bryant issued an order of sanctions and for production of electronic devices for forensic inspection in a case based, in part, and the CFAA. (Genworth Financial Wealth Mngmt. Inc., v. McMullan). 

The takeaway here is that the CFAA provides another potential basis for a business to protect its confidential and proprietary information when the information resides on a computer system or network.  Of course, there are a series of factors that must be met before liability can be established.  Some of these factors may not apply and eliminate the CFAA as a method of recovery as we have seen in several reported cases.  However, the CFAA should be considered and evaluated in any case involving unauthorized access of confidential information through a computer system as it provides an additional basis for potential recovery.  Also, advanced planning with sound internal policies might provide a business with a better chance of success under the CFAA.

I will do a post soon on another statute, Connecticut's Computer Crime Act, that may provide additional remedies for improper access of a computer system or network.

• Email This
• Print
• Comments
• Trackbacks
• Share Link

My firm receives many calls from new or existing businesses with Internet privacy questions.  Many calls come from e-commerce businesses, start ups, or businesses that want to utilize information gathered from users accessing their Web sites. Some business owners have ideas or concepts that test the limit on use of user profiles, preferences, and content.  The question becomes, just what are the limits for user expectations on privacy?

Take Facebook for example.  Facebook has a reported 400 million users.  Facebook is constantly in the headlines over its privacy policies and security settings related to its user's profile information.  Whether it is a class action lawsuit in California  or the recent $10 million settlement for its Beacon program, you can count on Facebook to have dealt with any number of privacy issues in litigation.  

Recently, another lawsuit has been filed over Facebook's "opt out" setting concerning the instant personalization feature.  Wendy Davis on  Online Media Daily reported on the story.  This feature automatically shares user information with three outside companies, Microsoft Docs, Pandora, and Yelp.  The lawsuit was filed in U.S. District Court in Rhode Island for violation of the Stored Communications Act (Download here).  By my count, Facebook has been sued at least 30 times in Federal court in recent years.

In the Internet privacy area, Facebook tests the outer limits of what is acceptable for privacy rights and user expectations.  When Facebook makes a change or tries something new, everyone pays attention.  As a result, Facebook's privacy policies get vetted by 400 million users, numerous industry and trade groups, leading technology blogs like TechCrunch, and even the federal government. 

If you want to know what crosses the line when it comes to privacy on the Internet,  just watch Facebook.   

• Email This
• Print
• Comments
• Trackbacks
• Share Link

That was the question posed in an email newsletter I received today from the International Association of Privacy Professionals.   I am a member of this group out of personal interest and to to stay on top of issues related to privacy laws and technology.   One of the benefits of belonging to this group is that I get email newsletters with summaries of new laws, regulations, and lawsuits dealing with privacy issues from all over the world. 

Today's email posed the question in the title of this post and featured an article from the New York Times by Natasha Singer called "Shoppers Have No Secrets."   The article details the technology of "behavioral tracking" by retail and advertising businesses and how the Federal Trade Commission (FTC) is playing catch up when it comes to regulating this technology.

Online behavioral tracking has been a hot button issue for both businesses and privacy rights groups for a few years.  Natasha's article lists several types of new tracking to include:

• Cameras that can follow you from the minute you enter a store to the moment you hit the checkout counter, recording every T-shirt you touch, every mannequin you ogle, every time you blow your nose or stop to tie your shoelaces.
• Web coupons embedded with bar codes that can identify, and alert retailers to, the search terms you used to find them.
• Mobile marketers that can find you near a store clothing rack, and send ads to your cellphone based on your past preferences and behavior.

The article is a very good summary of the issue and has links to advocacy groups on both sides of the debate.  The article also highlights the differences between European and US based privacy laws. In general, the EU is far more advanced and stringent when it comes to personal data protection. 

In the US, the FTC publishes guidelines and takes enforcement action under its authority to regulate unfair trade.  There are also the states' Attorney Generals and class action and individual lawsuits.  Nevertheless, to answer the question I posed in this post, it is clearly a "NO" in the US.   Data protection laws will not catch up to new technology. At least, not anytime soon.

So, should Connecticut businesses ignore consumer privacy issues?    Not if the business wants to stay ahead of the game and out of litigation over privacy violations.   The FTC and state Attorneys General still have broad enforcement powers to regulate unfair trade.  Also, individual consumers continue to bring lawsuits over these issues.  

For Connecticut businesses, it is a good idea or best practices to implement  a policy related to protection of consumer data, preferences, and personal identifiers.  I have posted some tips about these issues before.  If you are looking for "do it yourself" resources, another good place to start is the FTC guidelines on behavioral tracking or its Guide for Business in protecting personal information. 

Of course, by the time you implement a privacy plan for today's technology, it will be time to start updating it for what tomorrow brings.  Good thing I get an email to remind me.   

• Email This
• Print
• Comments
• Trackbacks
• Share Link

A recently filed class action lawsuit (download complaint) against RockYou highlights the very real threats to businesses related to hackers stealing customer data also known as personally identifiable information (PII).

According to the complaint filed in federal court in San Francisco, RockYou is a publisher and developer of popular online applications and services for use with social networking sites such as Facebook and MySpace.  RockYou allegedly exposed 32 million of its users to identity theft by failing to encrypt or otherwise protect email account information and passwords.  The suit alleges violations of California Civil Code, breach of contract, and negligence.

 Jason Remillard of Web Host Industry Review provided a detailed post on the lawsuit noting that RockYou may face more difficulties than expected because RockYou is a "launchpad type of service, that hold credentials for other services (myspace, facebook, etc)..."  As such,  RockYou may face liability for data exposures across other platforms. 

Mr. Remillard notes that he has been warning site owners about the risks of holding PII information of consumers.  I agree with Mr. Remillard that avoiding storage of such personal data  in the first place is often the best way to prevent liability exposure for both loss of data and a security breach.  If a business must store PII in its systems then a data loss and security plan must be in place to protect the data.  In prior posts, I offer some suggestions and tips for Connecticut business owners that have sensitive data or store PII of its customers.

Dave Kravets of Wired.com offers some more details about RockYou's alleged security failures that apparently resulted from the same common vulnerability exploited by hackers in the cases of Hannaford Brothers, 7-Eleven and Heartland Payment System.  The vulnerability results from RockYou's SQL database,which relates to the actual storage method and management of millions of email accounts and passwords.  The complaint against RockYou alleges that the prior well publicized flaws in SQL should have been addressed with readily available protection measures.

Brennon Slattery of PCworld wrote about the security breach and compared RockYou's security system to storing passwords and emails on sticky notes.  He noted that RockYou stored the information in plain text words.  In other words, once the hacker got inside RockYou's system, the passwords and email accounts were easy to read like sticky notes because there was no encryption of the text. 

RockYou has issued a statement explaining the breach and intends to defend the lawsuit. RockYou also has implemented new steps to avoid future breaches including implementation of encryption for all passwords.  Encryption is the method used to make the passwords unreadable once the hacker gains access to the system. 

The RockYou case is another example of the increasing number of data loss and security lawsuits and should serve as a reminder to any business that stores PII to implement a data loss and security plan. 

• Email This
• Print
• Comments
• Trackbacks
• Share Link

Attorney General Richard Blumenthal issued a scathing press release related to Health Net's recent data loss and security breach.  Blumenthal called Health Net's story on it "sanitized" and its six month delay in reporting "unconscionable."  Blumenthal called for a federal investigation and intensified state efforts because of the sensitive financial and health information at risk for exposure.

Health Net is based in Shelton, Connecticut and is one of the largest health plans in the Northeast serving approximately 580,000 members.  A report by Lucas Mearian of Computerworld stated that the information stolen was a portable hard drive that had not been encrypted.  Proper encryption could have prevented access of the information.

Connecticut consumers have been affected by the data loss and more than a million people had social security numbers and financial and medical information exposed. Consumers in Arizona, New Jersey, and New York also had sensitive information exposed.  Thus far, there has been no report of identity theft or misuse of the information.

• Email This
• Print
• Comments
• Trackbacks
• Share Link

The National Cyber Security Alliance recently released a new study with some startling numbers concerning small businesses and the threat of data loss, security breach, or cyber attack.  Some of the key numbers obtained from polling small business owners include:

• 65% store customer information on computer systems
• 43% store financial records
• 33% store credit card information
• 86% do not have anyone focused on system security
• 11% of owners never check their computer security systems.
• 75% use the internet to communicate with customers
• 28% have formal internet security policies

What do these numbers suggest? Deborah Cohen, who covers small business for Reuters.com, published an article following release of the study and “confirmed that small businesses are among the most vulnerable to Internet crime. . .” She quoted Michael Kaiser, executive director of the National Cyber Security Alliance, who noted that “small businesses are pretty robust targets” for cyber attacks citing the lack of Internet protocol and employee training. Cohen’s article also offers some tips from Kaiser for small businesses to help confront cyber attacks.  

If you are looking for some guidance or help with cyber security, read here for some of my earlier posts.  If you are looking for a do-it-yourself placer to start, try the U.S. Chamber of Commerce.  The Chamber offers a great resource entitled“Common Sense Guide to Cyber Security for Small Businesses.” It’s a 12 step plan to increase cyber security. Here are some highlights:

·         Use strong passwords and change them regularly

·         Watch for strange email attachments

·         Install computer security software and network security

·         Keep software updated

·         Limit access to sensitive and confidential data

·         Establish and follow security plan

·         Maintain insurance coverage

The threat of data loss or security breach is not going away, but will only increase. Lawsuits concerning data loss and security breach are more frequent. Business owners need to stay on top of the threat by implementing a sound data loss and privacy plan. There is no one size fits all approach and every business will have its own risk exposures. If you are a business owner, consider having your business evaluated for risks of cyber attack or data loss. 

• Email This
• Print
• Comments (1)
• Trackbacks
• Share Link