Cover photo
Verified name
Benjamin Wright
Works at Lawyer -Private Practice | SANS Instructor: Law of Data Security & Investigations | Author: Law of E-Commerce | Blogs: BYOD, Bitcoin, Cyber-attacks, Digital Forensics
Attended Georgetown University Law (J.D. 1984)
Lives in Dallas, Texas
1,143 followers|370,142 views



Benjamin Wright

Shared publicly  - 
Home Depot Data Breach | What to Say?

Public relations is more important to legal controversies than many lawyers and non-lawyers appreciate. 

Home Depot is today in legal jeopardy because it has announced what appears to be a large breach of payment card data.

The Home Depot predicament fits into a historical context. Many major data breaches have happened before today, including TJX, Target and Sony Playstation Network.

Home Depot faces many difficult choices in the coming weeks. HD’s statements to the public about this breach will affect the company’s

* legal liability
* relationship with customers
* support or hostility from payment card issuers
* punishment from regulators

As explained in the blog post below, the SANS Institute offers unique professional training on this topic. The SANS course emphasizes the role of public communications in coping with infosec legal and reputation risk.

#homedepotbreach   #dfir   #databreach  
Add a comment...

Benjamin Wright

Shared publicly  - 
Retain Text Messages as Business Records 
Lessons from Deflategate

Text messages can be legally significant communications that should be retained like emails or paper letters. Like an email, a text message can form a binding contract. A text message from a corporate executive could for example say to a vendor, “Yes, we agree to pay $50,000 for 100 widgets.” That message could be used in court to enforce a contract to pay $50K.

Or an executive could text to an employee, “You are fired.” That message likely needs to be retained as an employment record. It could be relevant to any number of tax or legal inquiries related to the employee’s employment.

Deflategate demonstrates how important text messages have become.
“Deflategate” is a controversy in the National Football League. Based on an investigation, the League determined that the New England Patriots team reduced the air pressure in footballs in violation of rules. The NFL punished Patriots Quarterback Tom Brady by suspending him for four games. (The team is appealing the NFL’s decision.)

Cell phone text messages played a crucial role in the Deflategate investigation and the decision to punish Brady. The investigation focused on certain Patriots team employees, who were texting on cell phones owned by the team. In cooperation with the investigation their phones were given to a forensic expert, who recovered relevant text messages. The expert even recovered messages that had been “deleted” from the phones! 

Text messages are written, legal evidence.
In one message an employee refers to himself as the “deflater.” In another message the employee sent a “deflate” message at a suspicious time. Other employee messages referred to the air pressure in balls. This written evidence, when combined with other evidence, contributed to the investigation’s conclusion that the team was probably violating league rules and that Brady was implicated. 

Logically the League requested access to the text messages on Mr. Brady’s cell phone, which was owned by him rather than by the team. But Brady refused to provide access to his messages, even though the League had promised to let Brady’s legal team screen out irrelevant messages, including personal stuff.

When the League announced punishment for Brady, it specifically cited Brady’s refusal to turn over text messages. The League implied that if Brady had exculpatory text evidence, he could have brought it forward. But his decision to withhold texts hints – when compared with other evidence – that his texts would incriminate him.

That’s Deflategate. Now let’s consider what Deflategate teaches us in general about text messages in the workplace. 

When an authorized employee makes an important written statement, the employer needs a record.
In today’s working world people use text messages all the time. As in Deflategate, the messages can be evidence that could resolve a dispute or an audit.

Many employers have means for archiving official employee email. But email is not the same as text messages. Texts often use systems, such as the personal phones owned by employees, that are outside the employer’s direct control. It can be hard for employers to archive texts (even when they are sent through employer-owned phones.)

An employer faces policy dilemmas. Here are options for the employer:
First Option: The employer could ban text messages for important communications. It could require that all significant messages be sent through official email. In some corporate cultures, this option might work. But in other cultures it might not work. Executives and professionals might ignore the ban and use text messages anyway because text is so easy and popular.

Second Option: The employer might enter this agreement with each executive, manager or professional employee: If you send a text message – by any means – within the scope of employment, then the employer owns the message and all records of it. The agreement might go on to say that the employee will upon request turn over control to devices (like phones or smart watches) and services so that the employer can get the records that it owns.

But this second option could make the employee uncomfortable. To account for all of the messages could be a hassle for the employee. The employee might be reluctant to turn over his or her personal phone so that the employer could search for texts that belong to the employer.

Here is a solution for the employee.
The employee’s discomfort under the Second Option might be addressed many different ways. Here is one way: The employee could adopt technology and a practice for sending copies of all business-related text messages to the employee’s official email account. There the texts could be archived like email and searched like email.

Thus, the employee could say to the employer: “I systematically and faithfully copy all business texts to my official email account. You can look in my email account, which you own and control. You’ll see that all business texts are there . . . every one of them. You can even conduct an audit by consulting people that I might exchange texts with (such as other employees), and you’ll find that all of my business texts have been copied to my official email account. Therefore, you can feel satisfied that you don’t need access to my phone.”

In many cases, such a statement from the employee will be good enough for the employer. For the employer, to confine its search for records to its official email archive is much easier than searching through the employee’s personal phone or through an app that runs on that phone. 

What technology copies texts to email?
What technology enables an employee to copy his or her business texts to an official email account? The answer varies. Some text message systems themselves allow the user to send each text (copy the text) to an email address. But many systems do not allow that. 
Fortunately, there are many mobile apps that will forward text or text threads to email.

The link below shows one Android app that allows the user to forward text to email. There are other apps.

What do you the reader think?

#deflategate #textmessage #smartwatch #WellsReport
Money Back Guarantee! - We are very confident in our product. ► EMAIL and P...
Celeste Sibbach's profile photo
Add a comment...

Benjamin Wright

Shared publicly  - 
Recovery of Deleted Text Messages | Forensic Evidence

The "Wells Report" (linked below) is the official investigative report on "deflategate," the scandal around deflation of footballs by the New England Patriots.

The Report makes much use of text message evidence. The text messages were recovered from "company" phones owned by the Patriots team and used by team employees.  

See in particular footnote 48 of the Report. It shows that forensics on a phone was able to recover deleted text messages.

You can delete an electronic record, but you never know whether the record can still be recovered.

This story is the latest to show how digital forensics is revolutioning modern investigations Today, the target of any investigation must be prepared for unexpected records of the truth to come to the surface.
Brad Garnett's profile photoBenjamin Wright's profile photo
+Brad Garnett Those are all valid and interesting observations. I suspect the NFL did not see a need to get into the details of the forensic investigation.

If Tom Brady is unhappy with the phone forensics, he could produce his own phone or at least some of the records on it.

I hear the Patriots have created a web page with a long response. I've not looked at that.

More of my thoughts:
Add a comment...

Benjamin Wright

Shared publicly  - 
Active Defense and Offensive Countermeasures

The SANS Institute's NetWars CyberCity is a world-class project for training cyber defenders. Students learn how to foil gambits to shut down a power station or damage a municipal water supply system. See the engrossing video in link below.

In the project, as student defenders track and thwart evil hackers, a provocative topic would be whether the defenders themselves ever (arguably) cross legal boundaries. In theory, the relevant boundaries could include computer crime laws and anti-eavesdropping laws.

In other words: As you fight hackers, at what point do you yourself violate the law?

I am not aware that topic is ever addressed in Netwars CyberCity.

#SANSInstitute   #NetWars   #CyberCity  
In a secret location in New Jersey a model town is on the front lines in the war against cyber terrorism. This virtual city shows the real-world effects of hacking on critical infrastructure such as power and water utilities.
Add a comment...

Benjamin Wright

Shared publicly  - 
Benjamin Wright's profile photo
This is a free webinar on the law of digital investigations. It will be of interest to forensic professionals and anyone who gathers and evaluates digital evidence, including auditors and lawyers.
Add a comment...

Benjamin Wright

Shared publicly  - 
In the US, federal and state law prohibit deceptive and unfair trade practices. 
I called a tech support scammer (so you don't have to). Here's the analysis of his tactics, along with interesting snippets of our conversation.
When investigating an incident that involved domain redirection and a suspected tech support scam, I recorded my interactions with the individual posing as a help desk technician. It was an educational exchange, to say the least. Here's what I learned about his techniques and objectives.
3 comments on original post
Marie Langhorn's profile photo
Add a comment...

Benjamin Wright

Shared publicly  - 
Lois Lerner’s Email Story Teaches Policy Lesson

Many organizations wonder whether they should retain email records, how long they should retain them and what technology they should use to retain them. The answers to those questions are becoming more clear owing to the forensic investigation into the emails of a former manager at the Internal Revenue Service.

The top IRS executive testified to Congress that when the hard drive on Lois Lerner's laptop crashed, all of her email records were destroyed. But a competent forensic investigation has proved that testimony to be incorrect.

As explained in the blog post linked below, this experience teaches lessons that apply to all enterprises, not just federal government agencies like IRS.

#loislerner #irsscandal #missingemails  
Add a comment...
Have him in circles
1,143 people
Andrew Pitts's profile photo
Lee Olive's profile photo
Asavei Teo's profile photo
Larry Thompson's profile photo
Larry Falls's profile photo
abdallah abdelaziz's profile photo
tanya boshnakova's profile photo
Always Best Care Senior Services's profile photo
Crazy Cafe's profile photo

Benjamin Wright

Shared publicly  - 
Tapscott Embraces Blockchain

The lead author of the article below is Don Tapscott. I have been a fan of his for years. He is an astute observer of the impact of digital technology on society and the economy.

The article below does not say much that is new. The ideas in the article are popular within the Bitcoin/blockchain community.

However, for me, what's new and telling is that Tapscott himselt has embraced those ideas.
At the core of the next generation of the Internet is the technology underlying the digital currency Bitcoin: the blockchain. At its most basic, the blockchain is a global spreadsheet, an incorruptible digital ledger of financial transactions that can be programmed to record virtually everything of value and importance to humankind.
View original post
Add a comment...

Benjamin Wright

Shared publicly  - 
LAPD Video Policy | What Is the Public Interest?

The American Civil Liberties Union opposes police body cameras in Los Angeles (!).

To its credit ACLU of Southern California is weighing the issues carefully here. It acknowledges body cameras can promote fairness in encounters between the police and the public.

ACLU Opposes Policy Cameras for Two Reasons.

But ACLU concludes that on balance body cameras would do more harm than good under proposed LAPD policy. ACLU cites two reasons. 

One, LAPD will not release videos to the public. 

Two, a police officer will be permitted to review videos before he or she makes a statement (in a report or in an internal affairs investigation) following an incident such as a shooting. ACLU says this review will taint the officer’s memory. 

Would Body Cameras Really Do More Harm than Good?

ACLU’s position is all or nothing. Either Los Angeles gets all of what ACLU thinks is best, or it gets nothing. To me the position feels more like a stance in a political negotiation than a balanced assessment of the public interest.

Impact of Video Is More than What Is Displayed to the Public. 

ACLU argues that policy must “alter Chief Charlie Beck’s stated position that the department will not release body camera footage to the public, even in critical incidents like shootings.” In ACLU’s judgment, the Chief’s position will “[fuel] suspicion that cameras are being used solely to benefit officers.”

And I agree, we can logically anticipate that the department will in practice use videos to tell the stories the department wants to tell. Yes, police departments do engage in PR spinmanship.

However, the value of video involves far more than what is released or told to the public. The sheer creation and preservation of video are themselves transformational. 

LAPD policy to withhold video does not mean video will be destroyed. It does not mean video will be unavailable for legal proceedings such as a civil lawsuit, a criminal trial, an internal investigation or a civilian oversight proceeding. The video will still exist as objective evidence of what happened.

Is Officer Memory Really That Precious?

ACLU’s position assigns very high value to the pristine memory of a police officer.  

I agree that memory can be influenced by video. If an officer reviews video he or she might formulate a narrative (a “memory”) after the fact to explain an event consistent with the video. In ACLU’s view this potential injustice is so great that it outweighs the value of the video itself.

But wait. Will the injustice really outweigh the value of the video? Human memory is notoriously bad. How can it be that the preservation of an officer’s (fallible) memory is so important that it must preclude the very creation of video?

Under proposed LAPD policy an officer would not be able to fabricate, destroy or tamper with video. Even if an officer cooked-up a story to fit the video, the video still stands as an independent record of events.  No amount of lying by an officer can change the innumerable hard facts recorded by the video … the sounds, the words, the sequence of events, the relative positions of people and so on.

But ACLU’s position is this: If given a choice between un-tainted police memory on the one hand and video on the other hand, then we must have the memory and we must not have the video.

Implementation Would Do More Good than Harm.

I respectfully disagree with the ACLU’s judgment on this position. 

Implementation of body cameras under LAPD’s proposed policy would do more good than harm.

With that said, I do agree with ACLU that police departments can and should find responsible ways to release video to the public.

Please attribute the following statement to Hector Villagra, executive director of the ACLU of Southern California: The Los Angeles Police Department’s policy released today for body worn video cameras gets some things right, by clearly requiring officers record most interactions … Continue reading →
Wayne Meador's profile photo
It's a step in the right direction for sure, but concur with the ACLU in this case. :)
Add a comment...

Benjamin Wright

Shared publicly  - 
eDiscovery as an Exercise in Creative Thinking

In commercial litigation, eDiscovery can be a subtle process, more art than science. As the technology used in enterprises grows more varied and changes more rapidly, lawyers handling eDiscovery become more dependent on the creativity of technical experts. Savvy experts can surmise and then articulate what kinds of unexpected records are discoverable from an adversary.

#litigation   #internetofthings  
Add a comment...

Benjamin Wright

Shared publicly  - 
Social Media Service of Process

US courts have for decades been allowing some litigants to deliver legal papers via electronic means.

One of the older cases allowed "service of process" to go via Telex, which was a kind of telegraph popular in the 1970s and 1980s. 

#Telex   #Socialmedialaw  
A judge in New York City has given a woman permission to serve divorce papers to her husband through private messages on Facebook.
A judge has given a New York City woman permission to file for divorce from her elusive husband via a Facebook message. The woman’s lawyer says the ruling was made by Manhattan Supreme Court Justice Matthew Cooper.
View original post
Add a comment...

Benjamin Wright

Shared publicly  - 
Executive Email Retention Policy

Hillary Clinton set up her own, personal server, located in her home, to manage and store her official email while she was employed as an executive by the US Department of State.

If every executive and every employee of every enterprise did that, then enterprises would lose control of their official records.

It would be very difficult for them to conduct internal investigations and oversee the workings of internal control. It would be very difficult for them to respond to e-discovery demands in lawsuits and government investigations. It would be very difficult for them to document their contractual relations with vendors and customers.

What do you think about Ms. Clinton's practice?
#hillaryclinton   #emailpolicy   #emailserver   #homebrew  
Marie Langhorn's profile photo
Add a comment...
Have him in circles
1,143 people
Andrew Pitts's profile photo
Lee Olive's profile photo
Asavei Teo's profile photo
Larry Thompson's profile photo
Larry Falls's profile photo
abdallah abdelaziz's profile photo
tanya boshnakova's profile photo
Always Best Care Senior Services's profile photo
Crazy Cafe's profile photo
  • Georgetown University Law (J.D. 1984)
    Law, 1981 - 1984
  • Trinity University
    English, 1978 - 1981
Basic Information
Other names
Ben Wright
Data Law

Benjamin Wright is an attorney in private practice. He helps others navigate the law of data compliance, including privacy, outsourcing, IT security, online investigations and forensic investigations. He teaches e-discovery, BYOD, cryptocurrency and data protection law for SANS Institute.

Mr. Wright has published hundreds of blog posts on technology law.  Search them.

Wright is known for promoting screencast video to document legal investigations in social media and audit evidence in online trading platforms.

To email Mr. Wright, please send to ben_wright at compuserve dot com; put "BLOG" in subject line.

Speaker and Author  

Mr Wright is a frequent public speaker at professional groups like state CPA societies and Institute of Internal Auditors.  As author of technology law books such as Law of Electronic Commerce, he blogs on electronic data, records, security and social media law, and he spots trends, such as the rise of activists and whistleblowers wielding small video cameras. 2010: Russian financial authorities tapped Mr. Wright for advice on regulation and investigations in the micro-finance industry.

Mr. Wright is (sometimes) editor for compliance topics at SANS Institute's Securing The Human program.


Texas Bar Association publishes an attorney profile on Mr. Wright.

Mr. Wright mentors students at SMU's Lyle School of Engineering. He is a member of the Pennsylvania College of Technology Advisory Committee for the Information Assurance and Cyber Security Degree.

Mr. Wright is known for bringing attention to the power of terms, conditions, contracts, disclaimers, warnings and other notices -- like those below -- published through online media.

IMPORTANT: No public comment by Mr. Wright (blog, book, tweet, video, update, speech, article, podcast or the like) is legal or other professional advice.  If you need legal advice, you should hire and consult a lawyer.

Mr. Wright's public statements are offered as-is, with no warranty of accuracy or reliability. Mr. Wright sometimes revises his published ideas. If you use the ideas, you do so at your own risk. 

Public Education and Discussion

Mr. Wright's blogs, tweets, videos, web comments, web courses and the like are intended to promote public education and discussion. They are not intended to advertise or solicit legal services. They constitute an online update service for the book Law of Electronic Commerce. Originally released 1991, and revised continually since then, the book is published by Wolters Kluwer.


Mr. Wright strives to comply with all applicable laws. He does not have and never has had intention to infringe the rights of anyone. If any person has any information, suspicion or belief that Mr. Wright has done anything illegal or unethical, he asks that person promptly to (a) notify him at 1.214.403.6642 (b) comment publicly on his blogs or pages that he is wrong. Promptness helps mitigate damage. 

Any person accessing Mr. Wright's blogs, tweets, profiles, comments, web pages or other public activities or statements agrees not to use data from them in a way that is adverse to Mr. Wright's interests.

Forming an Attorney-Client Relationship

Mr. Wright does not have an attorney-client relationship with any person unless and until he and that person explicitly, formally agree that the relationship is being formed. Interaction with Mr. Wright through public media does not create an attorney-client relationship. Exchange of private messages with Mr. Wright does not, by itself, create an attorney-client relationship.

Privacy/Security Vision 

Some people provide Mr. Wright private information. Mr. Wright strives to treat such information reasonably according to the circumstances. People should have no more than reasonable expectations about information security. It is unreasonable to expect that the offices, computers, cell phones, brief cases, filing cabinets and online or other services used by Mr. Wright are very secure.

IMPORTANT Confidentiality Notice

Benjamin Wright is licensed as an attorney. Some of Mr. Wright's non-public records stored in the cloud are confidential and subject to protections associated with attorney work and communications. The laws of many countries recognize such protections. Mr. Wright insists that you recognize those protections with respect to his records and communication. 


The only person responsible for Mr. Wright's words is Mr. Wright.

Mr. Wright often earns financial or other reward from those he mentions or links on blogs and social media, such as Yellow Brick, Messaging Architects/Netmail, SANS Institute, Credant Technologies, state CPA societies, Park Avenue Presentations, LabMD and others.


Some images, sounds and font output associated with Wright's work and comments are copyrighted by Corel Corporation or its licensors or partners like iStockphoto; they reserve all their rights. Some images are declared on wikimedia to be public domain.  Mr. Wright strives to respect IP rights, but sometimes technology behaves in surprising ways. If you are an IP owner and you have a problem with something published by Mr. Wright, please telephone him promptly. Trademarks are property of their respective owners.

Dallas, Texas.   Tel: +1.214.403.6642

Bragging rights
Technology law humbles me.
Public speaker on digital law and cyber investigations
  • Lawyer -Private Practice | SANS Instructor: Law of Data Security & Investigations | Author: Law of E-Commerce | Blogs: BYOD, Bitcoin, Cyber-attacks, Digital Forensics
    Lawyer, present
    Contracts, policies, training and public communications in regards to risk and compliance in technology law around the world.
Map of the places this user has livedMap of the places this user has livedMap of the places this user has lived
Dallas, Texas
Contact Information
Dallas, Texas
Benjamin Wright's +1's are the things they like, agree with, or want to recommend.
Singularity Hub

The Future Is Here Today... Robotics, Genetics, AI, Longevity, The Brain...

The curious case of LabMD new developments in the “other” FTC data-secur...

By now, businesses with an interest in data security are aware of FTC v. Wyndham Worldwide Corp., in which a US District Court of New Jersey

Here Are My Official Comments on the New York Department of Financial Se...

Dear Mr. Syracuse: I am an attorney and Certified Public Accountant with a Master's Degree in Accounting. For nearly twenty years I have als

Toni Ruttimann: The Bridge-Builder | Indonesia Expat

Meet Toni Ruttimann, the bridge-builder. He is, literally, bringing two worlds together; one community at a time. Toni has built over 600 br

Code of Conduct | The Honeynet Project

Below, you will find the Honeynet Project's proposed code of conduct. We invite you to submit comments until 5/1/2012 to project@honeyne

Report: Mysterious Happenings at JPMorgan?

I've tried a number of times to understand The Wall Street Journal's story headlined "J.P. Morgan Rankled by Risk," but I still don't get it

Blog - Michael Daugherty

Trying to write a book while running a company and having the government knocking on your door calls for drastic measures. I needed to get t

Answers to Google Social Network - Google+

A continually improving collection of questions and answers created, edited, and organized by thousands who use the Google+ social network.

Is Zippo Getting Zapped? | Litigation News | ABA Section of LitigationA...

Florida court rejects Zippo’s “sliding scale” for jurisdiction over Internet activity.

Web Preservation by Screencast — Slaw

Slaw is Canada's online legal magazine ISSN 1925-6175. home about. • about Slaw. • our contributors. • our columnists. archives. • by da

Spy Privacy Subpoena Law: Definition of Data Security Breach

When Has Privacy of Credit Card or Social Security Numbers been Compromised? Security Incident Response and Information Protection Law. Many

Introduction to MobiSec video

We just wanted to post a quick update to let you know about a new video. Kevin (working with James) recorded a "quick" introduction to OWASP

FINRA and the SEC Move One Step Closer to JOBS Act Implementation

Washington, D.C. (PRWEB) January 31, 2013 – Earlier this week FINRA invited prospective Crowdfunding portals to voluntarily file an interim

Computer forensic delays a growing problem? | Cybercrime Review

It is hard not to notice the growing number of cases that revolve around or discuss the delays associated with processing computer forensic

Hide & seek profile research Discreet & Confidential

Hide & seek profile research. Discreet & Confidential. We all have felt the stings of betrayal from lies told by people very close t

Microsoft DMCA Notice ‘Mistakenly’ Targets BBC, Techcrunch, Wikipedia an...

Over the last year Microsoft asked Google to censor nearly 5 million webpages because they allegedly link to copyright infringing content. W

Excellent place to hold a business conference.
Public - a month ago
reviewed a month ago
The rooms are very spacious, clean and up-to-date. The place is quiet and peaceful . . . making for a good night of sleep.
Public - a month ago
reviewed a month ago
4 reviews
I have visited the Gallery numerous times over the years, most recently last week. The Gallery is a rare treasure, one of the best-kept secrets in New York. Serious antique collectors must check it out. Call ahead for an appointment.
Quality: ExcellentAppeal: ExcellentService: Excellent
Public - 2 years ago
reviewed 2 years ago