CSU Law Library Blog

The ABA Rules of Professional Conduct, Model Rule 1.1 Comment 8 requires, “To maintain the requisite knowledge and skill, a lawyer shall keep abreast of changes in the law and its practice, including the benefits and risks associated with relevant technology.” To that end, we have developed this regular series to develop the competence and skills necessary to responsibly choose and use the best technologies for your educational and professional lives. If you have any questions, concerns, or topics you would like to see discussed, please reach out to e.koltonski@csuohio.edu.

As a solo practitioner, a partner in a small firm, or a student who hopes to work in such an environment it is important to realize that you are at risk of a cyber-attack. Many small and medium-sized businesses (SMBs) wrongly believe that their size helps protect them from malicious hackers. This is not the case. Cybercriminals will attempt to steal your data or encrypt your data as part of a ransomware scheme no matter your size. An article published by Cybersecurity Magazine highlights this danger, reporting that 43% of data breaches involve SMBs.

Your SMB’s computers and data are also exposed because of any number of bugs and vulnerabilities that exist in the software and services you use. A recent example of this type occurred during late 2021 and is known as the Log4j Event. For those who don’t know, let’s begin with a brief introduction that won’t require us all to get degrees in computer science.

Log4j is an open-source bit of code used by software developers that is so useful that it is even used in lots of commercial software. Soon after this vulnerability was discovered, cybercriminals were able to exploit it to attack computers. Though the outcome of Log4j ultimately proved less-catastrophic than security professionals originally thought thanks to quick responses from industry, governments, and cybersecurity teams, the problem is nowhere near resolved. A recent report by the Cyber Safety Review Board, which operates under the Cybersecurity and Infrastructure Security Agency (CISA), believes that it will takes years to fully fix the Log4j issue.

According to a recent study, the average cost of a breach for an SMB with less than 500 employees is over $2 million. This is why it is necessary for solo practitioners, small firms, and current students to fully understand the value of working proactively to protect your data and computers. Thankfully, CISA provides many great publications and advisories about tools to help you protect your SMB.

Remember: you aren’t just protecting yourself, you’re protecting your clients.

It’s no surprise that spending time outdoors is good for your mental health. The American Psychological Association notes that by spending time in nature you can reap cognitive benefits, as well as increase your happiness and general well-being.

The Rec Center at CSU has a great Adventure Rec program that can help you get out an enjoy the great outdoors. If you’re interested in camping, but don’t have all the equipment, you can rent gear from the Rec (things like tents, sleeping bags, backpacks and cooking equipment). There’s also adventure trips and workshops scheduled throughout the summer, including birding, paddling, and hanging at Edgewater park.

Have fun and spend some time outside while the summer lasts!

Part of the 7/8/2022 Executive Order 14076 – Protecting Access to Reproductive Healthcare Services – required the U.S. Federal Trade Commission (FTC) to consider actions “to protect consumers’ privacy when seeking information about the provision of reproductive healthcare services.”  On 7/11/2022, Kristin Cohen, Acting Associate Director of the FTC Division of Privacy & Identity Protection, posted “Location, Health, and other Sensitive Information: FTC Committed to Fully Enforcing the Law Against Illegal Use and Sharing of Highly Sensitive Data” on the FTC Business Blog.  Cohen discussed the capability of connected devices “directly observing or deriving sensitive information about users,” particularly “a person’s precise location and information about their health.”  She also highlighted “information related to personal reproductive matters” and noted several FTC actions against companies that misuse consumers’ data, such as the 1/13/2021 FTC settlement with Flo Health (which had shared with third parties sensitive health information about women).  Perhaps most revealing, Cohen stated “We will vigorously enforce the law if we uncover illegal conduct that exploits Americans’ location, health, or other sensitive data.  The FTC’s past enforcement actions provide a roadmap for firms seeking to comply with the law.”  Cohen’s post ends with a link to the FTC Business Guidance – Privacy and Security page, which includes information on Health Privacy.

The law library will close on Tuesday July 26 for a law school event.  Normal hours resume Wednesday.

The C|M|Law Library wishes all of our students the best of luck on this week’s Ohio Bar Exam.

We will still be here for your legal research needs as you begin your career.

Breathe… you can do it!  You are almost at the finish line.

Good luck!