7/25/2017 Mail - bennetkelley@outlook.

com

Cyber Report: Cyber Attacks Inflict Billions in Damages

Bennet <bennet@bennetkelley.com>
Tue 7/25/2017 6:45 AM

To: bennetkelley@outlook.com <bennetkelley@outlook.com>;

July 25, 2017

Click to listen to an audio summary or view on the web.

TOP STORY
Global Cyber Attacks Inflict Billions in Damages

In May the WannaCry ransomware attack hit approximately 400,000 computers in 150
countries. WannaCry was the largest ransomware attack in history, yielding over $100,000 in
ransomware payments and causing approximately $1-4 billion in economic damage.

That was the warning. In late June the NotPetya attack struck and spread to 65 countries in what
seemed like a WannaCry sequel. Except that the ransomware component was a lure to control the
media narrative and hide what was an attack by a state actor (which is believed to be Russia).

https://outlook.live.com/owa/?path=/mail/inbox/rp 1/8
7/25/2017 Mail - bennetkelley@outlook.com
While targeted at Ukraine, the NotPetya attack spread with serious collateral damage across the globe
including U.S. companies such as FedEx, Merck, Nuance Communications, several hospitals and the
worlds largest law firm DLA Piper.

FedEx, which was a victim of both attacks, has filed a warning with the Securities and Exchange
Commission that the NotPetya attack would have a material impact on its performance and revealed
that it did not have cyber insurance protection.

In a recent column, I fault the Trump Administration for being AWOL on cyber security. While Trump did
issue an executive order on cyber security, it has been widely criticized as a plan to make a plan
without any funding commitments.

Finally, Kaspersky Antivirus software, which was ranked among the "Best Antivirus Protection of 2017"
by PC Magazine, has come under fire for alleged connections to Russian intelligence. It has been
removed as an approved vendor by the Federal government.

Key Takeaways
Make sure your operating system is up-to-date and download and install system patches.
Backup your computer files so they can be restored if you are attacked.
Install malware protection programs.
Be smart and do not click on unknown links.
Be careful using public Wi-Fi, make sure to check your security settings on public networks to
ensure you are not viewable.
Small businesses are not exempt.
Talk to your insurance broker about cyber protection (if you need a referral let me know).

In related news, Anthem Inc., the nations largest U.S. health insurance company, has reached a
settlement in its data breach class action suit, in which it would pay $115 million to pay for two years of
credit monitoring or up to $50 cash for victims. It is believed to be the largest single data breach
settlement in history.

More Info: Petya Ransomware 101; Radio Interviews re Petya Cyber Attack; Anthem to Pay $115M to Settle Data Breach
Claims; Trump Issues Cybersecurity Executive Order; Feds Stop Using Kaspersky Antivirus Over Reported Russian
Connection; States May Stick With It; and Q&A Even homeowner associations are targets of hackers looking to profit off
cybercrime.

From CLBR: CLBR #255: Eva Velasquez on Identity Theft; and CLBR #249: CSIS James Lewis on Cybersecurity for the
45th President.

NOMINATE US PLEASE

Every year, the ABA Journal
publishes its Blawg 100
Internet Day of Action Spurs Record comprising its top legal blogs (aka
Comments in Support of Net Neutrality blawgs). They are taking
nominations in three categories: (1)
In 2014, spurred by John Oliver's This Week Tonight and blawg; (2) podcast and (3) twitter
internet activists, a record 3.7 million comments were feed.
submitted to the Federal Communications Commission
(FCC) overwhelmingly in support of net neutrality. The Many of you are familiar with my
FCC responded by adopting the current Open Internet work in this area:
Rules on a party-line vote.
My blawg Internet Law
President Trump's FCC Chair Ajit Pai has solicited Centers Cyber
comments in support of his proposal to repeal the net Report (whose newsletter
neutrality rules, which triggered the Internet-Wide Day of has won an LA Press Club
Action to Save Net Neutrality on July 12th, in which more Award);
than 50,000 people, sites, and organizations, including

https://outlook.live.com/owa/?path=/mail/inbox/rp 2/8
7/25/2017 Mail - bennetkelley@outlook.com
Amazon, Etsy Facebook, Google, Kickstarter, Mozilla, My radio show/podcast
Netflix, OK Cupid, Reddit, Twitter, Vimeo and this firm Cyber Law & Business
participated. The result, 12.29 million comments Report on Cranberry.fm
submitted to the FCC by last week's deadline. (which was nominated for
an LA Press Club award);
FCC Chair Pai has indicated that the number of and
comments is irrelevant to him, but it is not lost on Capitol Internet Law Center's
Hill (nor our polls showing bi-partisan support for net Twitter feed
neutrality) which may intervene with a legislative InternetLawCent.
compromise.
Please consider using this link to
More Info: Net Neutrality Timeline: How We Got Here; The Death of nominate us in one or all three
Net Neutrality Part 1; The Death of Net Neutrality Part 2; and Its categories. The deadline is July
Time to Speak Up to Save Your Internet. 30th.

CLBR: Special CLBR Internet Day of Action to Save Net Neutrality
with FreePress.



Canada Drops Private
Right of Action in
Email Law
Canadas Anti-Spam
Legislation (CASL), which
was passed in December
2010 but did not go into
effect until 2014, delayed
until July 1, 2017 a private
right of action which would
allow a party to recover actual damages and statutory
damages up to C$200 per email for violations up to C$1
million per day.

After a survey found many still "lack of understanding Cyber Report Honored
about key elements of the law", Navdeep Bains, Canadas By LA Press Club
Minister of Innovation, Science and Economic
Development announced that the private right of action For the 8th time, the Los Angeles Press Club
was being suspended indefinitely in order to promote named the Cyber Report newsletter as a
legal certainty for numerous stakeholders claiming to finalist for the Southern California Journalism
experience difficulties in interpreting several provisions of Award in the category of in-house
the Act while being exposed to litigation risk. publication. Cyber Report won First Prize in
2011, Second Prize in 2012 and 2009; and
What did go ahead on July 1st was Canada Day and the 3rd Prize in 2015.
150th anniversary of Canadian confederation. Happy
belated Canada Day!

More Info: Canada Drops Private Right of Action for Spam Law.

Kelley Heads Bar Delegation to DC

Cyber Harassment Viewed as a Major
Problem; Kardashian Post Highlights RP
Problem
Trade Commission, the U.S. Patent and
A Pew Research Center poll found that 41 percent of U.S.
adults have experienced online harassment; 62 percent
Internet Law Center Founder Bennet Kelley
led a six-person delegation from the
California Bar Intellectual Property Law
Section on a three-day visit to Washington
that included meetings with the White House
IP Enforcement Coordinator; the Justice
Department Computer Crimes and
Intellectual Property Division, the Federal
Trademark Office, the Copyright Office and

https://outlook.live.com/owa/?path=/mail/inbox/rp 3/8
7/25/2017 Mail - bennetkelley@outlook.com
believe it is a major 79 percent believe online platforms the offices of Senators Feinstein and Harris
should do more to fight harassment. and Congressman Ted Lieu.

One form of online harassment is cyber exploitation (i.e.,
posting intimate photos) and I commented on Rob
Kardashian's posting of photographs of his
former fiance Blac Chyna as a "textbook" example of Next on Cyber Law & Business
conduct violating California's law. Report

I will be presenting on cyber harassment issues on at
Legal Hacker forum on August 14th from 6:30-8:30 at
Tumblr's office (10331 Jefferson Blvd, Culver City, CA
90232).

I also will be doing a webinar with Without My Consent's
Erica Johnstone on Representing Victims of Cyber
Exploitation on Tuesday, August 29th from 12:00 - 1:00.

More Info: Pew Research on Online Harassment Shows Concerned
Public; On ABC7 Discussing Rob Kardashian/ Blac Chyna Revenge
Porn Case.

FTC Update: Amazon

Pricing, Influencers,
COPPA and Vacancies
Federal Trade Commission's
(FTC) Guides Against
Deceptive Pricing provides
that in making comparison's
to former prices it must be
"one at which the product
was openly and actively offered for sale, for a reasonably CLBR #267: Mick Minas and the
substantial period of time, in the recent, regular course of Clipper Curse
his business." The FTC is now investigating online giant
Amazon after a Consumer Watch report found that a This week we take a little summer break
majority of these reference prices exceededsometimes from our usual tech focus to talk with Mick
by large marginsany plausible definition of the Minas, author of "The Curse: The Colorful &
prevailing market price." Amazon recently paid $1 million Chaotic History of the LA Clippers". The
CAD to Canadian regulators for failing to verify the show will air Wednesday at 10 AM Pacific
accuracy of its list prices. but is available now using the link above.

The FTC is also is continuing to focus on influencer Recent shows have included:
marketing. In April, after reviewing numerous Instagram
posts by celebrities, athletes, and other influencers, FTC CLBR #266: RSFs Margaux Ewen on Cyber
staff sent out more than 90 letters reminding Censorship and Press Freedom; and
influencers and marketers that influencers should clearly
and conspicuously disclose their relationships to brands Special CLBR Internet Day of Action to
when promoting or endorsing products through social Save Net Neutrality;
media. The FTC has stepped up enforcement in this area
and forced Lord & Taylor to enter a consent decree in CLBR currently is aired live Wednesdays at
2016 for its social media campaign that failed to disclose 10AM Pacific on Cranberry.fm. We will have
their relationship. an announcement shortly on its future
network.
The FTC, however, is in operational limbo as it only has
two commissioners, as the Trump administration has not
filled any of the three vacant seats.

It has, however, managed to update its Childrens Online
Privacy Protection Act compliance guide. See link for
details.

More Info: FTC Guides to Deceptive Pricing; FTC Reportedly
Looking Into Potentially Deceptive Amazon Discount Pricing; FTC
Staff Reminds Influencers and Brands to Clearly Disclose
Relationship; FTC Updates COPPA Compliance Plan for Business.

https://outlook.live.com/owa/?path=/mail/inbox/rp 4/8
7/25/2017 Mail - bennetkelley@outlook.com

Internet Privacy is Back on the Agenda

After President Trump signed legislation repealing the Federal Communications Commission privacy rules,
Republican members of Congress received an earful from angry consumers. One month later, Rep. Marsha
Blackburn (R-TN), who introduced the repeal resolution in the House, introduced H.R. 2520 the Balancing the
Rights of Web Surfers Equally and Responsibly Act of 2017 or the BROWSER Act of 2017. The bill requires
broadband providers to disclose their privacy practices and establishes opt-in approval for the use of sensitive
information.

The repeal effort has led a number of states to step into the fray. Most notable is the California Broadband
Internet Privacy Act (AB-375) introduced by Assemblyman Ed Chau which establishes an opt-in protocol for
ISPs and requires ISPs to implement reasonable security practices.

More Info: Internet Privacy Back on the Agenda

Supreme Court Review:

Patent Trolls,Slants and Social Media
In 1990, only 1 patent lawsuit was filed in the Federal court for the Eastern District of Texas. In the first quarter of
2017, it was 311 or 1/3rd of all patent infringement suits. It was especially popular with Non-Practicing Entities,
i.e., entities that hold patent assets but do not exploit them, where their success rate was 48 percent (almost
twice the national average).

In TC Heartland LLC v. Kraft Foods Group Brands LLC, the court may have cut into East Texas semi-monopoly
in patent cases when it decided that venue is proper only where the defendant: (1) is incorporated and (2) where
the defendant has committed acts of infringement and has an established place of business.

In Matal v. Tam, the court addressed the trademark application for a dance-rock band called the Slants. The
trademark application was denied since Federal law prohibits registrations that disparage . . . or bring . . . into
contemp[t] or disrepute any persons, living or dead. The same statute was used to invalidate the Washington
Redskins trademark.

The Supreme Court found the disparagement clause violated the First Amendment.

We have said time and again that the public expression of ideas may not be prohibited merely
because the ideas are themselves offensive to some of their hearers. Street v. New York, 394 U.
S. 576, 592 (1969).

The decision is a win for the Redskins as well, but it is unlikely to quell the controversy over its name.

In Packingham v North Carolina, the Supreme Court addressed a North Carolina law that barred sex offenders
from using social media. Packingham was a convicted sex offender, who was indicted for making a Facebook
post thanking God for success in traffic court. The court stated that the law went too far.

https://outlook.live.com/owa/?path=/mail/inbox/rp 5/8
7/25/2017 Mail - bennetkelley@outlook.com
While a state can prohibit a sex offender from engaging in conduct that often presages a sexual
crime, like contacting a minor or using a website to gather information about a minor, it cannot
bar social media access altogether. [T]o foreclose access to social media altogether is to
prevent the user from engaging in the legitimate exercise of First Amendment rights.

More Info: Supreme Court Wins for Free Speech.

From CLBR: CLBR #263: Joel Voelzke on Supreme Court IP Cases.

Today is National Hire a Veteran Day

As the son, brother and, at times, the employer of veterans, I am happy to remind our readers that today
is National Hire a Veteran Day.

Go to HireOurHeroes.org to learn more about how you can help as an employer or as an individual volunteer or
mentor. Hire Our Heroes will be hosting a virtual job fair on November 8th.

UK WiFi Provider's Prank Proves

Consumers Don't Read Terms and Conditions

Public Wi-Fi provider Purple added a spoof term to its standard terms and conditions on its network of branded
hotspots for a two week period to illustrate the "lack of consumer awareness" of what people are signing up to
when accessing free Wi-Fi portals. The added language provided as follows:

The user may be required, at Purples discretion, to carry out 1,000 hours of community service.
This may include the following. Cleansing local parks of animal waste. Providing hugs to stray
cats and dogs. Manually relieving sewer blockages. Cleaning portable lavatories at local festivals
and events. Painting snail shells to brighten up their existence. Scraping chewing gum off the
streets.

Only one person spotted the error.

In 2010, consumers overwhelmingly granted a perpetual license to their souls to another UK company,
GameStation.

More Info: This Wi-Fi prank would make anyone read the terms and conditions.

https://outlook.live.com/owa/?path=/mail/inbox/rp 6/8
7/25/2017 Mail - bennetkelley@outlook.com

Distracted Driving Kills 9 People Daily

Over the weekend, a 14-year-old California girl was killed when her sister crashed her car while live-streaming
on social media. The Center for Disease Control reports that each day nine people are killed in vehicles crashes
that involve a distracted driver. According to the National Highway Transportation Safety Administration, "texting
is the most alarming distraction. Sending or reading a text takes your eyes off the road for 5 seconds. At 55
mph, thats like driving the length of an entire football field with your eyes closed. Be careful out there.

More Info: Dont Use Social Media Behind The Wheel: 9 People Per Day Are Killed In Crashes Involving Distracted Drivers

ABOUT THE INTERNET LAW CENTER

& CYBER REPORT

The Internet Law Center is a law firm dedicated to helping businesses navigate the
evolving legal standards for today's digital economy. Today the firm serves a diverse
client base that includes startups and public companies both online and offline across
four continents on issues ranging from online marketing, e-commerce, privacy, domain
names to cyber harassment, as well as entertainment, general transactional and
litigation matters.

The Internet Law Center was founded by Bennet Kelley, who has been named as among
the nation's top internet lawyers by several publications including the Los Angeles
Business Journal which named him one of the Most Influential Lawyers in Digital Media
and E-Commerce. We are actively licensed in California and Washington, D.C.

Cyber Report is the award-winning newsletter of the Internet Law Center. It is for
information purposes only and is not meant to express any legal opinion or advice (not
even if read backward). No attorney-client or preacher-penitent relationship has been or
will be formed by any communication in connection with this newsletter. The
occasionally snarky views expressed herein do not necessarily reflect the views of the
firm nor any ILC client.

100 Wilshire Blvd, Suite 700, Santa Monica, CA 90401

This message was sent to bennetkelley@outlook.com from bennet@bennetkelley.com

Bennet
Bennet Kelley
100 Wilshire Blvd, Suite 700
Santa Monica, CA 90401

https://outlook.live.com/owa/?path=/mail/inbox/rp 7/8
7/25/2017 Mail - bennetkelley@outlook.com

Unsubscribe

https://outlook.live.com/owa/?path=/mail/inbox/rp 8/8