Tag Archives: unauthorized access law lawyer

Commercial General Liability Insurance Policy Does Not Cover Damages Caused By Hackers

The Supreme Court of the State of New York held that a commercial general liability insurance policy would not cover damages caused by a third-party hacker’s unauthorized access to a computer. Zurich American Insurance v. Sony Corporation of America, Civil Case No. 651982/2011, Supreme Court of the State of New York (February 2014).

In this case, Sony Corporation suffered a well-publicized security breach that compromised over 70 million of its PlayStation user accounts. When PlayStation Users filed lawsuits against Sony Corporation for alleged damages they sustained from this security breach, the insurance companies that represent Sony Corporation filed declaratory lawsuits for the court to determine whether Sony Corporation’s commercial general liability insurance policy would cover it for the alleged damages caused by a third party’s unauthorized access to its computer network.

The Supreme Court of the State of New York found that Sony Corporation’s commercial general liability insurance policy was written to only cover security breaches committed by the insured, Sony Corporation, and not third party hackers. As a result, it appears that Sony Corporation’s insurance policy will not cover its defense and expenses in the PlayStation security breach lawsuits.

Due to the daily number of security breaches, the insurance industry is now offering new insurance options to businesses that would cover them for liability resulting from security data breaches committed by third-party hackers.

If you believe that your computer, website, cloud account, email account, or other device connected to the Internet was accessed without your authorization or access exceeded your authorization, or if you have been wrongly accused of accessing a device connected to the Internet without authorization, please contact Computer Law Attorney Mark Ishman at the Ishman Law Firm at (919) 468-3266 or mishman @ ishmanlaw.com.  To learn more about computer law, visit Mark Ishman’s computer hacking law web-page http://www.ishmanlaw.com/hacking-unauthorized-access.php.

Hacking Law and What To Do If Your Computer/Account Is Hacked

Businesses and individuals are affected everyday by unauthorized access to their computers, email and social media accounts (e.g., Facebook®, Instagram®,Yelp®, Google®, Yahoo®, LinkedIn®, Tweeter® and other social media forums and blog websites). When this occurs, it can result in substantial damage, such as theft of intellectual property, unauthorized communications, damage to goodwill and reputation and theft of personal pictures/videos.

 

When you are a hacking victim, you need legal assistance from a hacking law attorney.  Mark Ishman, of the Ishman Law Firm, is a computer and email hacking lawyer who helps victims in rectifying the injustice committed upon them.

 

There are two important steps that hacking victims must do immediately upon realizing that their computer, email or other accounts have been hacked.  First, create a back-up of all evidence of your hacking incident.  This would include access logs with date, time and IP addresses of when your computer/email/online account was accessed without your consent.  Second, a hacking victim needs to retain a hacking lawyer as soon as possible to provide assistance in preserving the data and identifying the hacker. As part of preserving evidence of your unauthorized access of your computer/email/online account, a hacking attorney will investigate your hacking incident and contact third parties to preserve evidence.  This is very important because many third-parties that could have helpful evidence to identify your hacker will delete such evidence as part of their regular business practices.  You must act quickly due to many third-parties practices deleting data every 7 days after your hacking incident. 

 

This is why it is so important to preserve all evidence of your hacking incident within your control, as well as retaining a hacking lawyer to investigate and assist you.  A hacking attorney will collect evidence aimed towards identifying the hacker who accessed your computer, email or other account without your authorization.

 

As you can imagine, hacking law is an emerging area of law, and there always seems to be new court opinions and laws enacted to assist hacking victims.  For example, computer-related laws interpreted by the courts allow hacking victims to recover their incurred expenses of “time, money and resources to investigate and repair” the damages incurred from their hacking incident.

 

If you are a victim of an unauthorized computer hacking, email hacking or other account hacking incident, please contact hacking law attorney Mark Ishman, of the Ishman Law Firm, to assist you in investigating, repairing and recovering from your hacking incident.  Hacking law attorney Mark Ishman, of the Ishman Law Firm, can be reached at mishman @ IshmanLaw.com or (919) 468-3266.  For more information on hacking law, visit http://www.ishmanlaw.com/hacking-unauthorized-access.php.

Mark Ishman Summarizes Key Internet Law Cases of 2013 – UNAUTHORIZED ACCESS

Throughout the year of 2013, there have been many noteworthy Internet Law cases.  Any attempt to summarize all of these Internet Law cases would be an epic accomplishment.  Rather then attempt such an astronomical task, Internet Law Attorney, Mark Ishman, has chosen a few Unauthorized Access cases of 2013, and has provided short summaries of them to explain how each of these cases have added clarity to Unauthorized Access Law.

  • Under the Computer Fraud and Abuse Act (CFAA), when employees access electronically stored confidential and proprietary data with permission from their employers, and then later misappropriate such electronically stored data before their company revokes their unlimited access to such data, such misappropriation of electronic data is not “unauthorized access” and does not violate the CFAA.  Aerofoil Techs. AG v. Todaro, 2013 WL 410873 (Southern District of New York 2013); see also <http://www.ishmanlaw.com/hacking-unauthorized-access.php>.  This is beginning to be the majority opinion in most federal circuits.
  • Under the CFAA, despite not having any legitimate reason to copy electronically stored confidential and proprietary data prior to resigning from his employment with his employer to take a position with another company, a former C-level officer was found not to have violated the CFAA because such copying conduct was ruled to be misappropriation, and not the unauthorized access, of data. Integral Dev. Co. v. Tolat, Case No. 3:12-CV-06575 (Northern District of California 2013), available publicly at <https://docs.google.com/file/d/0B4dsXU5JRvyidmxMUlRIOE0wc3M/edit>; see also <http://www.ishmanlaw.com/hacking-unauthorized-access.php>.
  • Under the CFAA, a jury found a man guilty of violating the CFAA for unauthorized access when he competed against his former employer by coaxing his former colleagues who still worked for his former employer to access the electronically stored confidential and proprietary data and provide it to him.  United States v. Nosal, Case No. 3:08-cr-00237 (California 2013);
  • Creating parody social media accounts do not violate the CFAA because defendant’s use of plaintiff’s name and image to create such accounts did not constitute “without authorization” of a protected computer under the CFAA. Matot v. CH, Case No. 6:13-cv-153 (Federal District of Oregon 2013) <http://scholar.google.com/scholar_case?case=14332075485572882838&hl=en&scisbd=2&as_sdt=20000006>. This appears to be the majority opinion among most scholars.
  • Under the CFAA, a publicly accessible website can remove access authorization to one of its users through notice, such as a cease and desist letter.  Thereafter, when such de-authorized user circumvents the website technology to access the website to obtain data, such circumvention is considered “without authorization” and such facts give rise to a bona fide claim under the CFAA.   Craigslist v. 3Taps, et al, Case No. CV12-03816 (Northern District of California 2013), <http://www.volokh.com/wp-content/uploads/2013/08/Order-Denying-Renewed-Motion-to-Dismiss.pdf>. Beware companies that employ scrapping technology;
  • Under the CFAA, when a website user accesses a website and obtains or uses data (e.g., scrapping) from such website in a way that is not authorized by such website, such as the website’s terms of use, then such gathering/scrapping of data “exceeds authorized access,” and violates the CFAA entitling the website to damages for “responding to an offense” and “conducting a damage assessment.”  Facebook, Inc. v. Power Ventures, Inc., Case No. 08-05780 (Central District of California, 2012), cert. denied (Ninth Circuit 2013).
  • The “cloud” is considered a protected computer under the CFAA.  Property Rights Law Group, PC v Lynch, Case No. 13-00273 (District of Hawaii 2013) <>;

If you believe that your computer, website, cloud account, email account, or other device connected to the Internet was accessed without your authorization or access exceeded your authorization, or if you have been wrongly accused of accessing a device connected to the Internet without authorization, please contact Computer Law Attorney Mark Ishman at the Ishman Law Firm at (919) 468-3266 or mishman @ ishmanlaw.com.  To learn more about computer law, visit Mark Ishman’s computer hacking law web-page http://www.ishmanlaw.com/hacking-unauthorized-access.php.