Photo of Paul M. Rosen

On November 6, the Information and Communication Technology (ICT) Supply Chain Risk Management (SCRM) Task Force, a public-private supply chain risk management partnership, published Lessons Learned During the COVID-19 Pandemic. In laying out the challenges posed by the pandemic, the report highlights the inevitable tension in supply chain risk management between achieving efficiencies and

On June 9, the U.S. Senate Judiciary Committee held a committee hearing entitled “COVID-19 Fraud: Law Enforcement’s Response to Those Exploiting the Pandemic” for representatives of the Department of Justice (DOJ), the Federal Bureau of Investigation (FBI), and the Secret Service to address how they are combatting, investigating, and prosecuting COVID-19-related crimes. The witnesses included

The Department of Justice (DOJ) on Friday reemphasized its commitment to protecting the federal programs providing COVID-related aid when it announced charges against a Beverly Hills film producer for his allegedly false statements to the Small Business Administration (SBA). Where recent Paycheck Protection Program (PPP) fraud cases focused on false statements in the applications, the

Federal authorities continue to prioritize and aggressively pursue individuals across the country who seek to exploit coronavirus relief programs meant to aid small businesses and their employees. Over the past week, Muge Ma of New York and Samuel Yates of Texas were arrested, each for submitting multiple fraudulent applications for COVID-19 relief through the Paycheck

The Justice Department filed the first of likely many criminal charges related to the coronavirus stimulus Paycheck Protection Program (PPP), the $660 billion taxpayer fund to provide largely forgivable loans to small businesses suffering under the strain of the pandemic.

Click here to continue reading the full version of this alert.

 

Today, the Cybersecurity and Infrastructure Security Agency (CISA) released guidance to help state and local jurisdictions and the private sector identify and manage their essential workforce while responding to coronavirus (COVID-19). The White House Coronavirus Guidelines direct that Critical Infrastructure Industry, as defined by the Department of Homeland Security, has a special responsibility to maintain

On January 31, 2020, the Trump administration issued an executive order cracking down on U.S. businesses that import directly or facilitate the import of counterfeit or pirated goods, illegal narcotics and other contraband. The order, entitled “Ensuring Safe & Lawful E-Commerce for US Consumers, Business, Government Supply Chains and Intellectual Property Rights,” directs

This week it was reported that Indian police arrested four people accused of leaking a pre-release episode of the blockbuster HBO show, “Game of Thrones.”  The leak is supposedly the result of employees from a Mumbai-based company that stores and processes the series for the Indian streaming website Hotstar.

These arrests—which appear unrelated to the recent and well-publicized corporate hack of HBO—underscore the challenges that businesses operating around the world face in safeguarding their intellectual property in the supply chain.  Many corporations rely on third party vendors to deliver their business services and products—in this instance television content—around the world.  Yet, the security capabilities of these vendors varies widely, which is why companies can and should take key steps to protect their sensitive information as they share it with these third parties.

The two primary threats that third party vendors pose to companies are: (1) ensuring strong cybersecurity protections to mitigate the chance of a damaging hack; and (2) minimizing the chance of theft of sensitive business information by insiders with access.  To address these concerns, companies should consider the following.Continue Reading Risks Posed by Third Party Vendors Increasingly a Challenge for Businesses

Can U.S. law enforcement reach data stored oversees by using a warrant under the Stored Communications Act, 18 U.S.C. § 2701, et seq.?  Until the Supreme Court decides the issue, which may happen next term, the answer is: it depends where the government applied for the warrant.

Over the last few years, U.S.-based technology companies have been increasingly resisting warrants under the Stored Communications Act for data those companies store oversees.  These warrants, they claim, represent an extraterritorial application of the law, which Congress has never permitted.

Traditionally, if the government has probable cause to believe that a person’s email account contains evidence of a crime, and a federal magistrate judge agrees, a warrant would issue directing the email service provider­ to turn over those emails to the government.  But data is increasingly stored in the “cloud.”  And, as it turns out, the “cloud” consists of server farms located all over the world.  Companies like Microsoft, Google, Amazon, Facebook, and Apple now host large quantities of data abroad, raising complicated jurisdictional questions.Continue Reading DOJ Asks Supreme Court to Resolve Split Over Its Ability to Compel Foreign Records