Privacy and Cyber Security for Payroll Pros: A Global Perspective

Often overlooked, payroll professionals play a key role in the processing and protection of key personnel information.  Here is the deck of a presentation to the NYS Payroll Association, offering them a global perspective on privacy and cybersecurity.

HR Privacy





Expert HR Systems: A Guide for Counsel

I am pleased to announce that my paper, tentatively titled “Countering Bias in Expert HR Systems: A Guide for In-House Counsel,” has been accepted for publication in the International In-house Counsel Journal.   

The paper will present a very user-friendly guide to understanding and managing the risk from expert HR systems.  As I’ve argued in this blog, management-side employment counsel must get deep under the hood of expert systems designed to perform evaluative functions on candidates and employees.  From procurement to deployment, counsel must be equipped to understand the bias that will likely (unintentionally) creep into algorithmic decision-making and to manage the risk of such bias.

Still More on Algorithmic Bias

I’ve written extensively on Algorithmic Bias and the role that employment lawyers will have to play in countering it.  A recent paper published in Science shows that bias empirically.

Continue reading “Still More on Algorithmic Bias”

Procuring IoT: Data Integrity and Security

Update  (10/29/16): The Librarian of Congress has exercised his statutory authority to exempt bona fide security researchers from certain copyright requirements, including on consumer-oriented IOT products .

Update (10/26/16):  Important articles by the NY Times, Krebs on Security, Cloud Security Alliance, Wall Street Journal and Wired.

Repost of my original post below.


The Internet of Things (IoT) is undoubtedly going to play a major role in the workplace.  Because an employer has a number of critical employee-related interests in securing IoT data, including protecting securing otherwise private employee and business information as well as protecting trade secrets, employment lawyers should be in the conversation with the technology acquisition and development teams as they develop an IoT acquisition policy.  Here is how to create such a policy.

View original post 550 more words

Attacks Against Verification-Code-to-Cell Two-Factor Authentication

This blog has advocated for the use of two-factor authentication.  Recently, however, it was revealed that several high profile social media accounts were hacked, despite using two factor authentication.

What happened?

Update: See Wired’s new piece on the subject: So Hey You Should Stop Using Texts for     Two-Factor Authentication

Update:  See Joint investigation of Ashley Madison by the Privacy Commissioner of Canada and the Australian Privacy Commissioner at Paragraph 72, arguing that multiple iterations of the same factor is not multi-factor.

Continue reading “Attacks Against Verification-Code-to-Cell Two-Factor Authentication”

The New Defend Trade Secrets Act (DTSA): An Employer’s Guide

The new Defend Trade Secrets Act (DTSA)  is designed to create a federal standard for trade secret protection – and includes remedies that permit federal judicial seizure of stolen trade secrets.  DTSA fills an important gap in the statutory framework that employers have available to them to retrieve trade secrets stolen by departing employees, such as the  CFAA (.pdf), the Economic Espionage Act and the patchwork of state trade secret laws (.pdf).

Here is what employment lawyers need to know and do now:

Continue reading “The New Defend Trade Secrets Act (DTSA): An Employer’s Guide”

FTC Report on Big Data / Chief Employment Law and Technology Officer?

The FTC’s new report Big Data: A Tool for Inclusion or Exclusion? [pdf.] is an important read from an increasingly powerful regulator in this area.  Its important to employers is in two areas: use of big data in EEO contexts and use of big data and, I would argue, as the basis of workplace policies concerning the use of big data.  Both bear more discussion in detail.

I am only being partly facetious by saying employers need a Chief Employment Law and Technology Officer.   The fact is, though,  employment lawyers must become tech-savvy and stats-savvy enough to play a meaningful role in the internal regulation of these technologies and methodologies as they are being developed.

Continue reading “FTC Report on Big Data / Chief Employment Law and Technology Officer?”