Privacy & Security Law Blog

Privacy & Security Law Blog

Legal Commentary and Resources for the Payment Industry

Insight & Commentary on Information Management and Protection

Category Archives: DWT

Subscribe to DWT RSS Feed

PrivSec News Briefing

Posted in DWT

NRC Declines Security Boost for Nuclear Plants
by David Kestenbaum, NPR Morning Edition, January 30, 2007 ·
Fearing terrorism, activist groups have asked the Nuclear Regulatory Commission to strengthen safeguards at power plants. On Monday, the NRC decided not to require plants to build additional defenses.

Banks on notice over security. Privacy watchdog wants to force disclosure of credit card breaches
By Susan Bradley Staff Reporter, The Chronicle Herald, January 30, 2007.
Canada’s privacy commissioner wants financial institutions and corporations to be required by law to notify their customers when a security breach takes place.

Comment, Critique And Debate On Security And Open Source Implementations At LinuxWorld OpenSolutions Summit
Business Newswire, January 30, 2007 ... Continue Reading

PrivSec News Briefing (1/9/07)

Posted in DWT

RFID Strategy — RFID Privacy And Security Issues: A look at the evolving state of tag security.
By Paul Faber
(, 1/9/07) 

Technology Companies Are Exposed to Security Breach Litigation.
Some Cyber Policies, By Themselves, Can Leave Gaps in Protection
(PRNewswire, 1/8/07)

Airport scanners allow some to skip security lines — for a price.
By Stephen Majors
(The Associated Press, Published in the Seattle Post Intelligencer, 1/8/07)... Continue Reading

FinCEN Publishes Updated SAR Statistics

Posted in Data Protection, DWT

Posted by Peter Mucklestone and Kevin Tu

The Financial Crimes Enforcement Network (FinCEN) recently published the seventh issue of the SAR Activity Review – By the Numbers. The publication compiles and updates numerical data gathered from all suspicious activity reports (SARs) filed with FinCEN. The most recent compilation covers the over 3.6 million SARs filed with FinCEN on or before June 30, 2006. Depository institutions, certain money services businesses, casinos and card clubs, and certain segments of the securities and futures industries must file SARs with FinCEN.   A review of the compiled data highlights certain statistics and general observations with respect to each type of SARs filing, as follows:... Continue Reading

PrivSec News Briefing

Posted in DWT

Personal data security breaches hit 100 million milestone in US (12/19/2006 –
Over 100 million data records of US residents have been exposed due to security breaches since February 2005, according to records maintained by the Privacy Rights Clearinghouse.

Privacy Watch: Phishers reach cell phones  (12/19/2006 – Techworld)
Have you ever been SMiShed? That’s not as personal a question as it may sound to the uninitiated, but it does relate to protecting your personal data.... Continue Reading

PrivSec News Briefing

Posted in DWT

Posted by DWT

No End in Sight: Data Breach Tally Approaches 100 Million (9/25/06 – ETC News)

The total number of records containing sensitive personal information involved in security breaches over the past two years now stands at 93,754,333, according to the Privacy Rights Clearinghouse. The updated tally includes thousands of instances of data exposure in the past month alone.

"Not a Suicide Pact": A Stone-Posner Conversation (9/23/06 – The Huffington Post)

In commemoration of Judge Richard Posner’s newest book, Not a Suicide Pact: The Constitution in a Time of National Emergency, Judge Posner and I participated in the following four-part exchange on the American Constitution Society blog.

OMB issues data breach guidance (9/22/06 – GCN)

On the heels of the House Government Reform Committee issuing the results of their data breach survey, the White House and its Identity Theft Task Force outlined steps agencies should take in responding to an identity theft or ways to prevent one from happening. 

Congress Unlikely to Pass Wiretapping (9/27/06 — Associated Press)

Congress is unlikely to approve a bill giving President Bush’s warrantless wiretapping program legal status and new restrictions before the November midterm elections, dealing a significant blow to one of the ... Continue Reading

Shameless Self-Promotion

Posted in DWT

Posted by DWT

We are pleased to have recently been given permission to link to two articles by members of the DWT Privacy and Security group that were recently published in Privacy and Data Security Law Journal

Please click here to read Lawsuits Challenge the NSA’s Warrantless Data Mining and Surveillance Program by Randy Gainer.

And click here to read Current Privacy Issues Facing Marketers  by Robert J Driscoll.... Continue Reading

Blog Law and Blogging for Lawyers

Posted in DWT

Posted by DWT

This April in San Francisco, our own Bruce Johnson and Greg Kopta will be giving presentations at the “Blog Law and Blogging for Lawyers” conference in San Francisco, co-hosted by Dennis Crouch of Patently-O and Cathy Kirkman of the Silicon Valley Media Law Blog.

Other presenters will include Denise Howell, Raymond Nimmer and our friend Kevin O’Keefe at LexBlog. A more complete list of speakers with links, can be found on Patently-O.... Continue Reading

…and more…

Posted in DWT

Posted by Kraig Baker David Brin, the science-fiction writer and futurist, was one of the keynote speakers this morning. He was quite interesting and was somewhat provocative for a privacy conference. His greatest concern was the impact of the rise of secrecy on accountability in our society. His point was that we are an enlightened society that is not ruled by the rich, the elites, or the strong, because we have transparency and accountability through markets, science, democracy, and the courts. He views the rise of privacy and security as a threat to that accountability and enlightenment and threatens the framework of American society. Although it takes a while to get exactly where Brin is going, Brin’s ideas on accountability as a contrast to secrecy are pretty persuasive and an interesting counterpoint to the remainder of the conference.... Continue Reading

And still more…

Posted in DWT

Posted by Lance Koonce

Our afternoon keynote speaker at the IAPP Privacy Academy was Kevin Mitnick, of hacker fame, who spoke on social engineering as the gravest threat to corporate security. Kevin’s talk was quite engaging, in particular because it was interspersed with real-life examples of social engineering scams that vividly demonstrated his theme that humans are always the weakest link in any security system.... Continue Reading

More from the IAPP Privacy Academy

Posted in DWT

Posted by Kraig Baker

Lance Koonce and I are blogging from the IAPP (International Association of Privacy Professionals) annual conference in Las Vegas this week. The organization seems to be getting a lot of traction as a trade group. They have over 600 attendees this year — many more than last year. They also have a much more impressive roster of companies and organizations participating and many of the attendees seem to be more senior than in years past. Of course there are also more lawyers here this year…never a good sign.... Continue Reading


Posted in DWT

Several of us will be blogging this week from the IAPP’s Privacy Academy 2005 in Las Vegas, which runs from October 26th through the 28th. Lance Koonce will be speaking on a panel entitled “Privacy in a Public World: Emerging Issues”. Hope to see some of you there!... Continue Reading

Welcome to the Blogosphere

Posted in DWT

Although a bit farther afield from the realm of privacy and security than our regular posts, we just wanted to mention that a DWT colleague of ours, John Parnass, has recently launched his own blog on Construction Law. It’s a great looking site and John is an experienced attorney whose insight in this area will be invaluable. Welcome, John!... Continue Reading

The New Dictionary is Here . . . I’m SOMEBODY Now!

Posted in DWT

Posted by Lance Koonce The new Meriam-Webster Collegiate Dictionary has been released, and included among the 100 or so new words now recognized by that dictionary are the following that may be of interest to P&SLB readers:

metadata (noun) 1983 : data that provides information about other data DHS (abbreviation) : Department of Homeland Security steganography (noun) 1985 1 archaic : cryptography 2 : the art or practice of concealing a message, image, or file within another message, image, or file Wi-Fi (certification mark) て羽sed to certify the interoperability of wireless computer networking devices

And yet….no dictionary entries for blog, blawg, vlog, moblog, podcast, splog, phish, pharm, mmorpg, VoIP, wardriving, spit, spim, HIPAA, RFID….?... Continue Reading

Welcome to the Privacy and Security Law Blog (PrivSecBlog)

Posted in DWT

Today marks the launch of Davis Wright Tremaine LLP’s privacy and security blog – thanks for dropping in. Several years ago, a small group of attorneys at our firm recognized that issues surrounding the electronic collection and protection of sensitive information were throwing off new legal questions at an accelerating rate. Thus was born the Privacy and Security Group at DWT, and that original core group of attorneys has now grown to almost 40 professionals spread across seven offices, advising clients on every aspect of privacy and security.

While we share our expertise with our clients every day, this blog is an opportunity to contribute to the broader discussion on these constantly evolving topics. We welcome your comments and suggestions, and hope that we can serve a useful role in the public debate.... Continue Reading