The fallout from the Yahoo data breaches continues to illustrate how cyberattacks thrust companies into the competing roles of crime victim, regulatory enforcement target and civil litigant.

Yahoo, which is now known as Altaba, recently became the first public company to be fined ($35 million) by the Securities and Exchange Commission for filing statements that failed to disclose known data breaches. This is on top of the $80 million federal securities class action settlement that Yahoo reached in March 2018—the first of its kind based on a cyberattack. Shareholder derivative actions remain pending in state courts, and consumer data breach class actions have survived initial motions to dismiss and remain consolidated in California for pre-trial proceedings. At the other end of the spectrum, a federal judge has balked at the U.S. Department of Justice’s (DOJ) request that a hacker-for-hire indicted in the Yahoo attacks be sentenced to eight years in prison for a digital crime spree that dates back to 2010. Continue Reading The Hacked & the Hacker-for-Hire: Lessons from the Yahoo Data Breaches (So Far)

The Pennsylvania Supreme Court recently issued a sweeping ruling “that accessing any information from a cell phone without a warrant” violates the Fourth Amendment to the United States Constitution. In Commonwealth v. Fulton, the Court suppressed the warrantless search of the contents of a ‘flip phone’ and reversed a murder conviction that flowed from the unlawful search.  The Supreme Court held that the Superior Court’s decision contravened U.S. Supreme Court precedent in Riley v. California and United States v. Wurie, 134 S. Ct. 2473 (2014), holding that searches of cell phones generally require a warrant.

In June 2010, Philadelphia Police arrested I. Dean Fulton and three others on suspicion of unlawful drug activity and gun possession. They seized Fulton’s “smart phone” from his body at the time of the arrest.  They subsequently obtained a search warrant for the vehicle Fulton and the others were in at the time of their arrests.  That search turned up a firearm, a holster, three cell phones and other property.  The cell phones – which included one ‘flip phone’ later connected to Fulton –were provided to the Homicide Division, which was investigating a recent drug-related murder.  Continue Reading Pennsylvania Supreme Court: If You Want to Search a Cell Phone, Get a Warrant!

The U.S. Supreme Court heard oral arguments this morning in United States v. Microsoft, No. 17-2, which presents the question whether a United States court may issue a search warrant to a U.S.-based electronic communications service for email account data held on a server outside of the United States.

Here’s the transcript of this morning’s oral argument.  We will blog more about this case — and the important issues at stake — down the road.