Law and Order
The PCI-DSS assessor for Target is named in a lawsuit. Where does responsibility sit?
With all IT data breaches there is a common cycle. First there is the fear over who is at risk, then theories on how the breach occurred, and finally the blaming and lawsuits start to roll in. In the breach of retailer Target, the lawsuits are now coming in, but in a surprising move, one lawsuit isn't just going after Target; it's also going after security vendor Trustwave.
As the gap between the law and how technology and social media is used in the work place continues to widen, how is it possible for employees and employers to clearly understand what is and what is not acceptable in terms of monitoring?
Earlier this week, an ex-Microsoft employee was charged with the theft of trade secrets in the U.S. District Court for the Western District of Washington in Seattle. Alex Kibkalo allegedly sent code and other intelligence about Microsoft products to an unnamed French blogger.
In the course of tracking down the alleged leaker, Microsoft searched through the blogger's e-mail account -- before involving law enforcement -- according to court documents.
Well, that was fast. We just had our post about the unfortunate trademark situation that Sparkfun found itself in, with 2,000 multimeters held by US Customs at the border because they happened to have a yellow outside, and multimeter king Fluke happened to trademark an aspect of that look. Fluke, of course, had no direct hand in stopping this particular shipment, but had (a) gotten that trademark and (b) years ago gone to the ITC to get an injunction against other multimeter makers.
You’ve probably realized this by now, but the Supreme Court is having a very busy term when it comes to patent cases. In Nautilus, Inc. v. Biosig Instruments, Inc.—scheduled for oral argument on April 28—the Court will consider whether to hold vague patents to a more exacting standard.