Benjamin Wright is an attorney in private practice. He helps others navigate the law of data compliance, including privacy, outsourcing, IT security, online investigations and forensic investigations. He teaches e-discovery, BYOD, cryptocurrency and data protection law for SANS Institute.
Mr. Wright has published hundreds of blog posts on technology law. Search them.
Mr. Wright is spotlighted in the book The Devil Inside the Beltway for his uncommonly insightful advice to LabMD in its now famous information security law dispute.
To email Mr. Wright, please send to ben_wright at compuserve dot com; put "BLOG" in subject line.
Speaker and Author
Mr Wright is a frequent public speaker at professional groups like state CPA societies and local ISACA chapters. As author of technology law books such as Law of Electronic Commerce, he blogs on electronic data, records, security and social media law, and he spots trends, such as the rise of big data as a tool for legal investigations.
Mr. Wright is an editor for compliance topics at SANS Institute's Securing The Human program.
Texas Bar Association publishes an attorney profile on Mr. Wright.
Mr. Wright mentors students at UNT-Dallas College of Law. He is a member of the Pennsylvania College of Technology Advisory Committee for the Information Assurance and Cyber Security Degree.
IMPORTANT: No public comment by Mr. Wright (blog, book, tweet, video, update, speech, article, podcast or the like) is legal or other professional advice. If you need legal advice, you should hire and consult a lawyer.
Mr. Wright's public statements are offered as-is, with no warranty of accuracy or reliability. Mr. Wright sometimes revises his published ideas. If you use the ideas, you do so at your own risk.
Public Education and Discussion
Mr. Wright's blogs, tweets, videos, web comments, web courses and the like are intended to promote public education and discussion. They are not intended to advertise or solicit legal services. They constitute part of the online update service for the book Law of Electronic Commerce. Originally released 1991, and revised continually since then, the book is published by Wolters Kluwer.
Mr. Wright strives to comply with all applicable laws. He does not have and never has had intention to infringe the rights of anyone. If any person has any information, suspicion or belief that Mr. Wright has done anything illegal or unethical, he asks that person promptly to (a) notify him at 1.214.403.6642 (b) comment publicly on his blogs or pages that he is wrong. Promptness helps mitigate damage.
Any person accessing Mr. Wright's blogs, tweets, profiles, comments, web pages or other public activities or statements agrees not to use data from them in a way that is adverse to Mr. Wright's interests.
Forming an Attorney-Client Relationship
Mr. Wright does not have an attorney-client relationship with any person unless and until he and that person explicitly, formally agree that the relationship is being formed. Interaction with Mr. Wright through public media does not create an attorney-client relationship. Exchange of private messages with Mr. Wright does not, by itself, create an attorney-client relationship.
Some people provide Mr. Wright private information. Mr. Wright strives to treat such information reasonably according to the circumstances. People should have no more than reasonable expectations about information security. It is unreasonable to expect that the offices, computers, cell phones, brief cases, filing cabinets and online or other services used by Mr. Wright are very secure.
IMPORTANT Confidentiality Notice
Benjamin Wright is licensed as an attorney. Some of Mr. Wright's non-public records stored in the cloud are confidential and subject to protections associated with attorney work and communications. The laws of many countries recognize such protections. Mr. Wright insists that you recognize those protections with respect to his records and communication.
The only person responsible for Mr. Wright's words is Mr. Wright.
Mr. Wright has earned money from some organizations he mentions online, such as Messaging Architects/Netmail, SANS Institute and LabMD.
Some images, sounds and font output associated with Wright's work and comments are copyrighted by Corel Corporation or its licensors or partners like iStockphoto; they reserve all their rights. Some images are declared on wikimedia to be public domain. Mr. Wright strives to respect IP rights, but sometimes technology behaves in surprising ways. If you are an IP owner and you have a problem with something published by Mr. Wright, please telephone him promptly. Trademarks are property of their respective owners.
Dallas, Texas. Tel: +1.214.403.6642
- Georgetown University Law (J.D. 1984)Law, 1981 - 1984
- Trinity UniversityEnglish, 1978 - 1981
- Data Law Blog (current)
- Cyber Investigation Evidence (current)
- Electronic Records blog (current)
- Forensic Investigation blog (current)
- Security & Investigations Training (current)
- Crowdfunding Law Blog (current)
- SANS Technology Institute (current)
- SANS Institute (current)
- Preserving Cyber Evidence (current)
- Cyber Forensics (current)
- Telemedicine Law (current)
- Data Security Breach Investigation (current)
- 1990s Electronic Commerce Law (current)
- Electronic Signature Law 2000 (current)
- Online Privacy History (current)
- Digital Evidence Law (current)
- Digital Signature Law History (current)
- The Law of Electronic Commerce, book (current)
- Data Protection Law 2004 (current)
- Internet Safety (current)
- SANS Survey of Digital Forensics #DFIR (current)
- Electronic Signature Law 1990s (current)
- Lawyer -Private Practice | SANS Instructor: Law of Data Security & Investigations | Author: Law of E-Commerce | Blogs: BYOD, Bitcoin, Cyber-attacks, Digital ForensicsLawyer, presentContracts, policies, training and public communications in regards to risk and compliance in technology law around the world.
In legal disputes and negotiations, evidence is power. The party who has better access to and understanding of the evidence is in a stronger position.
Digital evidence can exist in a multitude of places, and the number of places is growing rapidly.
Sometimes, to get access to the evidence, you need a subpoena. But to obtain a subpoena can be troublesome. Sometimes you can persuade those who control evidence to give it to you even though you don't have a legal subpoena.
Forget the clumsy headsets. Virtual reality and augmented reality are vastly over-rated! Mixed reality delivers a much more compelling experience.
Mixed reality is flooding into our world by way of:
* Bluetooth tracking Tiles,
* automobile backup systems, and
* personal assistants like Alexa and Cortana.
Mixed reality blends digital interaction and information into the physical reality we perceive through our five senses. It gives us beeps, signals, vibrations, action and entertainment that feel natural.
Mixed reality is not something we have to think about or become accustomed to. It does not make us sick to our stomach the way a VR headset does. It is just a new box of tools that comfortably add to our analog world.
But the reality I am describing in the blog article above is not Hololens. I am not talking about a reality created by a headset. I am talking about a bigger reality, where connected things are spread all over the place and the interfaces to them are in many different places and formats (e.g. demoed in the video).
Maybe the term I am looking for is "blended reality".
In a murder case, Arkansas police are trying to force Amazon to release records from Alexa (virtual assistant - always-on device that stores voice and other records in the cloud). http://www.latimes.com/business/technology/la-fi-tn-amazon-echo-privacy-qa-20170105-story.html
Soon divorce lawyers will be issuing subpoenas for records captured through Amazon Echo and Google Home. Blog post below describes effort to use microphone hidden in teddy bear to gather evidence for a child custody dispute.
Augmented reality ... virtual reality ... mixed reality ... all of these technologies can give an official such as a health inspector access to evidence that has legal or accounting value. How should the inspector record this evidence so the record can be used in court? I offer suggestions in the blog post (with video) below. Comments invited!
An official investigation includes audit, government inspection, insurance adjustment and criminal investigation. Sometimes involvement of an attorney can cloak an official investigation with legal confidentiality.
Years ago the blog post below argued the FTC misunderstood cybersecurity. I argued FTC was misinterpreting cyberlaw, though the Commission had good intentions.
The FTC is now undergoing great change. As a new Republican administration assumes office, three of the five commissioner seats at FTC are vacant. President-elect Trump will have the opportunity to fill those seats. He will have much influence on the FTC.
I have a hunch that FTC will go back to square one and re-think cyberlaw and re-think the Commission's role in cybersecurity. It's just a hunch.
But the reality I am describing below is not Hololens. I am not limiting my observations to a reality created by a headset. I am talking about a bigger reality, where connected things are spread all over the place and the interfaces to them are in many different places and formats (e.g. +TheTileApp demoed in the video).
Maybe the term I am looking for is "blended reality".
Digital Evidence is swelling in quantity. Many lawyers, auditors, investigators and other professionals fail to realize how much digital evidence can be recovered in any particular case or project.
Unexpected digital evidence can transform a case from a loser to a winner.
The presentation below will enlighten.
Professional investigators like insurance adjusters need to keep records of what they see as they interact with the Internet of Things (IoT) in the physical world. This record is evidence that might help resolve an insurance claim or a negligence lawsuit.
The blog post below illustrates how to use a screencast video from a smart phone to make and authenticate a lasting record of what the investigator experienced as they encountered, examined, manipulated and listened for networked devices, such as a Bluetooth location Tile, the two cameras and microphone on the phone, and multiple apps on the phone.
What do you think?
State national guard units are best known for responding to natural disasters like hurricanes. They are now starting to respond to cyber attacks, such as recent online disruption and vandalism directed by "Anonymous" against the City of Flint, Michigan.
The laws governing National Guard are complex, and NG lawyers (known as "JAGs") have little experience interpreting those laws for digital emergencies. We at the SANS Institute, including have been helping to train NG, including JAGs about Cyber Defense.
IST student attends career fair using virtual self | Penn State University
Stephanie Warnock, a 27-year-old adult learner pursuing a bachelor’s degree online in information sciences and technology through Penn State
The curious case of LabMD new developments in the “other” FTC data-secur...
By now, businesses with an interest in data security are aware of FTC v. Wyndham Worldwide Corp., in which a US District Court of New Jersey
Here Are My Official Comments on the New York Department of Financial Se...
Dear Mr. Syracuse: I am an attorney and Certified Public Accountant with a Master's Degree in Accounting. For nearly twenty years I have als
Toni Ruttimann: The Bridge-Builder | Indonesia Expat
Meet Toni Ruttimann, the bridge-builder. He is, literally, bringing two worlds together; one community at a time. Toni has built over 600 br
FTC told to disclose the data security standards it uses for breach enfo...
As reported in Computerworld yesterday, there was a leg …
Is Zippo Getting Zapped? | Litigation News | ABA Section of LitigationA...
Florida court rejects Zippo’s “sliding scale” for jurisdiction over Internet activity.
Spy Privacy Subpoena Law: Definition of Data Security Breach
When Has Privacy of Credit Card or Social Security Numbers been Compromised? Security Incident Response and Information Protection Law. Many
FINRA and the SEC Move One Step Closer to JOBS Act Implementation
Washington, D.C. (PRWEB) January 31, 2013 – Earlier this week FINRA invited prospective Crowdfunding portals to voluntarily file an interim
Computer forensic delays a growing problem? | Cybercrime Review
It is hard not to notice the growing number of cases that revolve around or discuss the delays associated with processing computer forensic
Hide & seek profile research Discreet & Confidential
Hide & seek profile research. Discreet & Confidential. We all have felt the stings of betrayal from lies told by people very close t