Profile

Cover photo
Verified name
Benjamin Wright
Works at Lawyer -Private Practice | SANS Instructor: Law of Data Security & Investigations | Author: Law of E-Commerce | Blogs: BYOD, Bitcoin, Cyber-attacks, Digital Forensics
Attended Georgetown University Law (J.D. 1984)
Lives in Dallas, Texas
1,185 followers|396,192 views
AboutPostsPhotosYouTube+1'sReviews

Stream

Pinned

Benjamin Wright

Shared publicly  - 
 
Home Depot Data Breach | What to Say?

Public relations is more important to legal controversies than many lawyers and non-lawyers appreciate. 

Home Depot is today in legal jeopardy because it has announced what appears to be a large breach of payment card data.

The Home Depot predicament fits into a historical context. Many major data breaches have happened before today, including TJX, Target and Sony Playstation Network.

Home Depot faces many difficult choices in the coming weeks. HD’s statements to the public about this breach will affect the company’s

* legal liability
* relationship with customers
* support or hostility from payment card issuers
* punishment from regulators

As explained in the blog post below, the SANS Institute offers unique professional training on this topic. The SANS course emphasizes the role of public communications in coping with infosec legal and reputation risk.

#homedepotbreach   #dfir   #databreach  
5
Add a comment...

Benjamin Wright

Shared publicly  - 
 
Active Defense: Law and Ethics

Below you can access archive of Twitter Chat on Active Defense.

#CyberDefense
1
Add a comment...

Benjamin Wright

Shared publicly  - 
 
Digital Forensic Investigator News interviewed me in-depth, in a 3-part series.
1
Add a comment...

Benjamin Wright

Shared publicly  - 
 
The strangest case in the history of infosec law is like the Energizer Bunny, it just keeps going and going.

Below is episode 1 in an 8 part video series. The 8 parts summarize the book The Devil Inside the Beltway. The book chronicles the strangest and possibly longest legal case in the history of cyber security.
 
We're about 20 employees. We diagnose cancer for Urologists all around the country. One day the phone rings - and things are never the same again.
View original post
1
Benjamin Wright's profile photoAvatar X's profile photo
6 comments
 
+Benjamin Wright  What a strange case indeed. Makes no sense whatsoever.
Add a comment...

Benjamin Wright

Shared publicly  - 
 
Augmented Reality Law

As augmented reality becomes more common, the owners of physical and intellectual property will devise myriad strategies to turn AR to their advantage. Watch for strategies like:

1. More assertion that physical things like buildings constitute trademarks; 
2. More end user license agreements (EULA) on physical things like buildings or products;
3. Property zoning laws that regulate the use of AR in designated places.

Legally speaking, a strange new world is coming.
1
Add a comment...

Benjamin Wright

Shared publicly  - 
 
Of all the SANS instructors, +Lenny Zeltser is the most "professorial." And I mean that as a high compliment. He is a uniquely effective teacher.
 
Watch this 2-minute video to discover what you can learn by taking the FOR610 malware analysis course at SANS Institute.
View original post
2
Add a comment...

Benjamin Wright

Shared publicly  - 
 
This video demonstrates what a powerful tool a cheap drone can be for public safety. In a big city, full-size helicopters can track a tornado and report live on TV. But helicopters are often not available outside cities. 

For about $1000 a rural community can have a drone that spots the exact location of a tornado or other threat. Then the community can deliver live footage to local residents over the web or mobile app.
4
Add a comment...
Have him in circles
1,185 people
Apt Search's profile photo
geschenke-online.de's profile photo
Larry Thompson's profile photo
SANS Digital Forensics's profile photo
stevenson lawfirm's profile photo
Robert Gottesman's profile photo
Tina Robinette's profile photo
Anthony Wright's profile photo
Mays & Kerr LLC's profile photo

Benjamin Wright

Shared publicly  - 
 
Active Defense: Law and Ethics

Below I published an FAQ on the law and ethics of Active Defense.

In connection with that, SANS hosted a popular Twitter Chat on Active Defense, featuring the incomparable John Strand and Bryce Galbraith, plus me. 

I am keen to learn more about the cybersecurity topic known as "Active Defense." I invite your comments.

#activedefense   #infosec   #ethicalhacking  
Cyber Defense blog pertaining to FAQ on Law of Active Defense by Attorney Benjamin Wright
1
Add a comment...

Benjamin Wright

Shared publicly  - 
 
This video is a teaser for an 8-part video series. The 8 parts summarize the book The Devil Inside the Beltway, an infosec law story like none other. There is no end in sight for this story; it continues in litigation.
1
Add a comment...

Benjamin Wright

Shared publicly  - 
 
Is Open Source Always Best?

In video below Cory Doctorow makes a compelling case for open source stuff. But he fails to acknowledge that sometimes closed, proprietary systems are more desirable.

The iOS ecosystem is fabulously successful. Is it because iOS is open source? No. iOS is basically a closed proprietary, tightly-controlled ecosystem.

So why do people buy iOS systems rather than Android or Linux? A key reason is that, in the eyes of many consumers, iOS consistently delivers a better package of innovation and reliability.

Consumers are not forced to buy the closed iOS ecosystem. Consumers have alternatives, including open source alternatives. But many consumers (not all) have decided that they prefer the closed, proprietary ecosystem of iOS.

Doctorow says people don't like it when vendors use law to make closed ecosystems. He says consumer don't wake up and hope that a vendor has given them an IoT ecosystem that limits what can connect to it. The success of iOS proves he is (in some cases) wrong.
2
Wayne Meador's profile photoBenjamin Wright's profile photo
2 comments
 
+Wayne Meador the tech world is fortunate because it has choice. It can choose between proprietary systems and open source systems. Customers can choose between proprietary ecosystems (iOS) and open source ecosystems (Linux). Each type of ecosystem has strengths and weaknesses.

In some cases, the trick to making an ecosystem work is "discipline". Discipline makes sure that only good stuff gets into the ecosystem, and the bad stuff (spam, viruses) is kept out.

In iOS the discipline is enforced by Apple, using all the powers of law (many of which Mr. Doctorow says, in video above, are bad).

An example of an open source ecosystem that has achieved the needed discipline is Bitcoin. Bitcoin decides what is good and what is bad by motivating miners to vote. If the miners vote not to make a change to Bitcoin (maybe because the proposed change will inject fraud or unreliability), then the change is rejected.

To me, it is not clear that open source is always more efficient. Bitrcoin, for example, suffers great inefficiency. It costs a tremendous amount of electricity to keep Bitcoin running. Some people argue that Bitcoin is therefore ecologically unsustainable. ... But then the advocates of Bitcoin say that future bitcoin-type projects will learn from the mistakes of the past and will be more efficient.
Add a comment...

Benjamin Wright

Shared publicly  - 
 
Humble interview of yours truly.
1
Add a comment...

Benjamin Wright

Shared publicly  - 
 
Sharing Cyber Threat Data with DHS

For years we've been debating whether private enterprises should voluntarily share InfoSec data with government.

Unintended Uses for the Data

For a firm that contemplates sharing data, a big issue is whether the data might be used for unintended purposes, such as tax collection or a class action lawsuit trying to prove the firm did something wrong (e.g., failed to do enough to protect privacy).

Once data about anything gets out, it is hard to limit its use. Legal adversaries want the data; hackers want the data; vigilante leakers want to "liberate" the data.

Maintaining Legal Confidentiality

Increasingly, firms try to assure the legal secrecy of incident-response data by collecting it under the guidance of legal counsel. But that legal secrecy may be compromised if the data is then shared with government. Therefore a firm may be wise to refrain from giving the data to the government (DHS).

See discussion of secrecy under legal doctrine called "attorney work product:" http://hack-igations.blogspot.com/2013/04/secrecy.html
 
Do you think organizations would participate in voluntary information sharing of non-breach incidents?
US Homeland Security Secretary Jeh Johnson recently spoke at a conference at the Center for Strategic and International Studies (CSIS) about the challenges of cybersecurity as they affect the federal civilian .gov world. In his speech, secretary Johnson stressed the importance of passing new ...
1 comment on original post
1
Add a comment...
People
Have him in circles
1,185 people
Apt Search's profile photo
geschenke-online.de's profile photo
Larry Thompson's profile photo
SANS Digital Forensics's profile photo
stevenson lawfirm's profile photo
Robert Gottesman's profile photo
Tina Robinette's profile photo
Anthony Wright's profile photo
Mays & Kerr LLC's profile photo
Education
  • Georgetown University Law (J.D. 1984)
    Law, 1981 - 1984
  • Trinity University
    English, 1978 - 1981
Basic Information
Gender
Male
Other names
Ben Wright
Links
Story
Tagline
Data Law
Introduction

Benjamin Wright is an attorney in private practice. He helps others navigate the law of data compliance, including privacy, outsourcing, IT security, online investigations and forensic investigations. He teaches e-discovery, BYOD, cryptocurrency and data protection law for SANS Institute.

Mr. Wright has published hundreds of blog posts on technology law.  Search them.

Wright is known for promoting screencast video to document legal investigations in social media and audit evidence in online trading platforms.

To email Mr. Wright, please send to ben_wright at compuserve dot com; put "BLOG" in subject line.

Speaker and Author  

Mr Wright is a frequent public speaker at professional groups like state CPA societies and local ISACA chapters.  As author of technology law books such as Law of Electronic Commerce, he blogs on electronic data, records, security and social media law, and he spots trends, such as the rise of big data as a tool for legal investigations

Mr. Wright is an editor for compliance topics at SANS Institute's Securing The Human program.

Associations

Texas Bar Association publishes an attorney profile on Mr. Wright.

Mr. Wright mentors students at SMU's Lyle School of Engineering. He is a member of the Pennsylvania College of Technology Advisory Committee for the Information Assurance and Cyber Security Degree.

Mr. Wright is known for bringing attention to the power of terms, conditions, contracts, disclaimers, warnings and other notices -- like those below -- published through online media.

IMPORTANT: No public comment by Mr. Wright (blog, book, tweet, video, update, speech, article, podcast or the like) is legal or other professional advice.  If you need legal advice, you should hire and consult a lawyer.

Mr. Wright's public statements are offered as-is, with no warranty of accuracy or reliability. Mr. Wright sometimes revises his published ideas. If you use the ideas, you do so at your own risk. 

Public Education and Discussion

Mr. Wright's blogs, tweets, videos, web comments, web courses and the like are intended to promote public education and discussion. They are not intended to advertise or solicit legal services. They constitute an online update service for the book Law of Electronic Commerce. Originally released 1991, and revised continually since then, the book is published by Wolters Kluwer.

Compliance

Mr. Wright strives to comply with all applicable laws. He does not have and never has had intention to infringe the rights of anyone. If any person has any information, suspicion or belief that Mr. Wright has done anything illegal or unethical, he asks that person promptly to (a) notify him at 1.214.403.6642 (b) comment publicly on his blogs or pages that he is wrong. Promptness helps mitigate damage. 

Any person accessing Mr. Wright's blogs, tweets, profiles, comments, web pages or other public activities or statements agrees not to use data from them in a way that is adverse to Mr. Wright's interests.

Forming an Attorney-Client Relationship

Mr. Wright does not have an attorney-client relationship with any person unless and until he and that person explicitly, formally agree that the relationship is being formed. Interaction with Mr. Wright through public media does not create an attorney-client relationship. Exchange of private messages with Mr. Wright does not, by itself, create an attorney-client relationship.

Privacy/Security Vision 

Some people provide Mr. Wright private information. Mr. Wright strives to treat such information reasonably according to the circumstances. People should have no more than reasonable expectations about information security. It is unreasonable to expect that the offices, computers, cell phones, brief cases, filing cabinets and online or other services used by Mr. Wright are very secure.

IMPORTANT Confidentiality Notice

Benjamin Wright is licensed as an attorney. Some of Mr. Wright's non-public records stored in the cloud are confidential and subject to protections associated with attorney work and communications. The laws of many countries recognize such protections. Mr. Wright insists that you recognize those protections with respect to his records and communication. 

Relationships

The only person responsible for Mr. Wright's words is Mr. Wright.

Mr. Wright often earns financial or other reward from those he mentions or links on blogs and social media, such as Yellow Brick, Messaging Architects/Netmail, SANS Institute, Credant Technologies, state CPA societies, Park Avenue Presentations, LabMD and others.

Attribution

Some images, sounds and font output associated with Wright's work and comments are copyrighted by Corel Corporation or its licensors or partners like iStockphoto; they reserve all their rights. Some images are declared on wikimedia to be public domain.  Mr. Wright strives to respect IP rights, but sometimes technology behaves in surprising ways. If you are an IP owner and you have a problem with something published by Mr. Wright, please telephone him promptly. Trademarks are property of their respective owners.

Dallas, Texas.   Tel: +1.214.403.6642

Bragging rights
Technology law humbles me.
Work
Occupation
Lawyer
Skills
Public speaker on digital law and cyber investigations
Employment
  • Lawyer -Private Practice | SANS Instructor: Law of Data Security & Investigations | Author: Law of E-Commerce | Blogs: BYOD, Bitcoin, Cyber-attacks, Digital Forensics
    Lawyer, present
    Contracts, policies, training and public communications in regards to risk and compliance in technology law around the world.
Places
Map of the places this user has livedMap of the places this user has livedMap of the places this user has lived
Currently
Dallas, Texas
Contact Information
Work
Phone
1.214.403.6642
Address
Dallas, Texas
Benjamin Wright's +1's are the things they like, agree with, or want to recommend.
Singularity Hub
singularityhub.com

The Future Is Here Today... Robotics, Genetics, AI, Longevity, The Brain...

The curious case of LabMD new developments in the “other” FTC data-secur...
www.lexology.com

By now, businesses with an interest in data security are aware of FTC v. Wyndham Worldwide Corp., in which a US District Court of New Jersey

Here Are My Official Comments on the New York Department of Financial Se...
wefivekingsblog.blogspot.com

Dear Mr. Syracuse: I am an attorney and Certified Public Accountant with a Master's Degree in Accounting. For nearly twenty years I have als

Toni Ruttimann: The Bridge-Builder | Indonesia Expat
indonesiaexpat.biz

Meet Toni Ruttimann, the bridge-builder. He is, literally, bringing two worlds together; one community at a time. Toni has built over 600 br

Code of Conduct | The Honeynet Project
honeynet.org

Below, you will find the Honeynet Project's proposed code of conduct. We invite you to submit comments until 5/1/2012 to project@honeyne

Report: Mysterious Happenings at JPMorgan?
www.cnbc.com

I've tried a number of times to understand The Wall Street Journal's story headlined "J.P. Morgan Rankled by Risk," but I still don't get it

Blog - Michael Daugherty
michaeljdaugherty.com

Trying to write a book while running a company and having the government knocking on your door calls for drastic measures. I needed to get t

Answers to Google Social Network - Google+
googleplusanswers.com

A continually improving collection of questions and answers created, edited, and organized by thousands who use the Google+ social network.

Is Zippo Getting Zapped? | Litigation News | ABA Section of LitigationA...
apps.americanbar.org

Florida court rejects Zippo’s “sliding scale” for jurisdiction over Internet activity.

Web Preservation by Screencast — Slaw
www.slaw.ca

Slaw is Canada's online legal magazine ISSN 1925-6175. home about. • about Slaw. • our contributors. • our columnists. archives. • by da

Spy Privacy Subpoena Law: Definition of Data Security Breach
hack-igations.blogspot.com

When Has Privacy of Credit Card or Social Security Numbers been Compromised? Security Incident Response and Information Protection Law. Many

Introduction to MobiSec video
blog.secureideas.com

We just wanted to post a quick update to let you know about a new video. Kevin (working with James) recorded a "quick" introduction to OWASP

FINRA and the SEC Move One Step Closer to JOBS Act Implementation
www.cfira.org

Washington, D.C. (PRWEB) January 31, 2013 – Earlier this week FINRA invited prospective Crowdfunding portals to voluntarily file an interim

Computer forensic delays a growing problem? | Cybercrime Review
www.cybercrimereview.com

It is hard not to notice the growing number of cases that revolve around or discuss the delays associated with processing computer forensic

Hide & seek profile research Discreet & Confidential
www.hideandseekpr.com

Hide & seek profile research. Discreet & Confidential. We all have felt the stings of betrayal from lies told by people very close t

Microsoft DMCA Notice ‘Mistakenly’ Targets BBC, Techcrunch, Wikipedia an...
torrentfreak.com

Over the last year Microsoft asked Google to censor nearly 5 million webpages because they allegedly link to copyright infringing content. W

Excellent place to hold a business conference.
Public - 4 months ago
reviewed 4 months ago
The rooms are very spacious, clean and up-to-date. The place is quiet and peaceful . . . making for a good night of sleep.
Public - 4 months ago
reviewed 4 months ago
4 reviews
Map
Map
Map
I have visited the Gallery numerous times over the years, most recently last week. The Gallery is a rare treasure, one of the best-kept secrets in New York. Serious antique collectors must check it out. Call ahead for an appointment.
Quality: ExcellentAppeal: ExcellentService: Excellent
Public - 2 years ago
reviewed 2 years ago