March 2010
S M T W T F S
« Feb    
 123456
78910111213
14151617181920
21222324252627
28293031  

Legal Disclaimer

Your use of this Blog does not create an attorney-client relationship. Your e-mail or comments do not create an attorney-client relationship. We have no duty to keep confidential the information that is submitted to this blog. This blog is not a substitute for, nor does it constitute legal advice. Only an attorney who knows the details of your particular situation and is properly licensed in the applicable state (or states) is able to appropriately and properly address any legal issues you may have.

Blog Categories

9th Circuit Decision in LVRC Holdings Rejects 7th Circuit’s Holding in Citrin Based on a Motivation Theory of Liability Under the Computer Fraud and Abuse Act

By Robert Hudock, on September 18th, 2009 Print This Post Print This Post

The Ninth Circuit rejected an employer’s argument that a former employee violated the Computer Fraud and Abuse Act (“CFAA”), 18 U.S.C. § 1030, when he emailed company client lists and financial data to himself for personal use. LVRC Holdings LLC v. Brekka, ___ F.3d ___, 2009 WL 2928952 (9th Cir. 2009). Superficially this decision is at odds with another decision in the Seventh Circuit. The employer in LVRC Holding based its theory on the 7th Circuit’s application of agency law as a basis for finding liability under the CFAA. However, the 9th Circuit decision seems sound and consistent with avoiding turning the CFAA into a catchall basis for finding criminal and/or civil liability in the absence of other relevant legal authority. While I disagree with the reasoning of the 7th Circuits decision, I believe justice was served in both cases, and the 9th Circuit laid out a logically more stable basis for assessing liability under the [...]

September 18th, 2009 | Tags: , , , , , , , , , , | Category: 18 USC 1030, 7th Circuit, 9th Circuit, Circuit Courts, Computer Security Law -- Federal, Forensic Tools | Leave a comment Print This Post Print This Post

Evaluating Secutiy Incidents — Security Incident DOs and DON’Ts

By Robert Hudock, on September 8th, 2009 Print This Post Print This Post

Security Incidents can be accidental incursions or deliberate attempts to break into systems and can be benign to malicious in purpose or consequence, each incident requires a careful response at a level commensurate with its potential impact to the security of individuals and your organization as a whole however few organizations have an appropriate security incident policy. The fundamental components of a security incident response plan include the following — [...]

September 8th, 2009 | Tags: , , , , , , | Category: Computer Security Law -- Federal, Data Hemorrages, FTC Security Breach Notification, Forensic Tools, HIPAA Privacy, HIPAA Security, Identity Theft, Law and Technology, Media Sanitization, NIST, Peer-2-Peer File Sharing, Privacy, State Privacy and Computer Security Laws, State Security Breach Laws | 2 comments Print This Post Print This Post

Analysis of Former Employee’s Laptop Can Raise Privilege Issues

By Robert Hudock, on July 10th, 2009 Print This Post Print This Post
In Stengart v. Loving Care Agency, Inc. et al. , --- A.2d ----, 2009 WL 1811064 (App. Div. 2009 Docket No. A-3506-08T1, published June 26, 2009), a three judge panel of the New Jersey Appellate Division ruled, despite a written policy to the contrary, an employee had a “reasonable expectation of privacy” in e-mails with her attorney via an employer-owned laptop. The Court remanded the case for a determination of appropriate sanctions, including possible disqualification of the employer's counsel. The policy in question was ambiguous in part because it contained an “occasional use [...]
July 10th, 2009 | Tags: , , | Category: "Expectation of Privacy", Attorney-Client Privilege, E-Discovery, Forensic Tools | Leave a comment Print This Post Print This Post

Fingerprinting (Writeprinting) Text Using Stylistic Features Can Be Used To Accurately Identify the Authorship of Anonymous Emails, Blog Entries and IRC Chat Sessions

By Robert Hudock, on June 20th, 2009 Print This Post Print This Post

Going to Court to force an ISP to disclose the identity raises many issues including First Amendment issues. For example,

On June 13, 2007, the New Jersey Township of Manalapan filed a malpractice suit against its former attorney Stuart Moskovitz, alleging misconduct regarding the Township’s purchase of polluted land in 2005. The decision to file suit was met by a lively debate in the regional press and among localbloggers. One blogger who was particularly critical of the Township, of this and other decisions, was Blogspot blogger “datruthsquad”

(http://www.eff.org/cases/manalapan-v-moskovitz).

Long story short the Township lost, a copy of EFF’s motion squash is available here motiontoquashmpa-signed; and the Court order squashing the subpoena is available here order-122107. However, there may exist an alternative method for “unmasking” anonymous bloggers, cyber-stalkers, etc. using public information. Everyone has a unique writeprint (basically a written fingerprint that can be used to identify him or her). This technique s has traditionally been used to identify the true author of a text (e.g. a book) where authorship is disputed or unknown. Forensics linguistics has been used to provide evidence in trademark disputes cases, identifying the author of anonymous texts (such as threat or harassment letters), and identifying cases of plagiarism. The identification process relies on the analysis of an individual’s particular patterns of language use (vocabulary, collocations, pronunciation, spelling, grammar, etc.). The term “idiolect” is defined as the speech patterns of a specific person (a dialect, unique in pronunciation, grammar, and vocabulary to a single person). Stylistic features can be used to create a fingerprint of an individual’s writing style (a linguistic fingerprint is called a “writeprint”). A writeprint is composed of features that represent an author’s writing style, which are consistent across all of an individual’s writings. For a gentle introduction, see Digital fingerprints: tiny behavioral differences can reveal your identity, by Julie Rehmeyer in the January 13, 2007 issue of Science News (Westlaw cite 2007 WLNR [...]

June 20th, 2009 | Tags: , , , | Category: Forensic Linguistics, Forensic Tools, Law and Technology, Open Source, Privacy, Privacy Law, Statistical Methods Use Thereof | One comment Print This Post Print This Post

File Identification Tool — Good Product for Identifying Encrypted Files.

By Robert Hudock, on May 20th, 2009 Print This Post Print This Post

I recently identified an excellent product for identifying encrypted files (and other attributes of said files). Forensic Innovations’ File Identification Technology tool identifies 3,312 File Types. Recently the product announce support for identifying “TrueCrypt”. (See www.TrueCrypt.org, they claim that “no TrueCrypt volume can be identified (volumes cannot be distinguished from random data). Computer Forensics tools might see the files as unknown or unimportant [...]

May 20th, 2009 | Tags: , , | Category: E-Discovery, Forensic Tools | Leave a comment Print This Post Print This Post
Improve the web with Nofollow Reciprocity.