investigation cyber security law 1

Investigation Guidelines

  • Investigation of Hypothetical Situation

    • Begin the process of an Investigation by selecting a hypothetical situation that I have posted.
    • Research caselaw by searching for relevant cases or law review articles.
    • Your analysis may rely on the opinion in a particular case or a law review article; however, you may also rely on additional cases or law review articles.
    • You must properly cite the cases and law review articles that you rely upon.
    • Your report must begin with the name of the hypothetical situation you selected!
    • If you are basing your analysis on a case primarily, write your report in the following sequence:
      1. Name of the selected hypothetical situation.
      2. Summarize the facts of case you are relying on primarily.
      3. Summarize the holding of the case.
      4. Summarize secondary sources:
        • If you are relying on additional cases, explain their holdings; you may also, but are not required to, recapitulate their relevant facts.
        • If you are relying on additional law review articles, recapitulate their relevant concepts.
      5. Explain how the holding in the primary case applies to the hypothetical situation.
      6. Explain how the secondary sources apply to the hypothetical situation.
      7. Conclude what the outcome should be for the hypothetical situation.
    • If you are basing your analysis on concepts elucidated in a law review article, write your report in the following sequence:
      1. Name of the selected hypothetical situation.
      2. Summarize the concepts presented in the article.
      3. Summarize secondary sources:
        • If you are relying on additional cases, explain their holdings; you may also, but are not required to, recapitulate their relevant facts.
        • If you are relying on additional law review articles, recapitulate their relevant concepts.
      4. Explain how the concepts in the primary article apply to the hypothetical situation.
      5. Explain how the secondary sources apply to the hypothetical situation.
      6. Conclude what the outcome should be for the hypothetical situation.
  • Assessment of Investigation Report

    • Once the time for submission for reports ends, you must write an Assessment of the Investigation Report that was submitted immediately before your posting.
    • Please make sure that you are viewing the postings in order of time submitted! By default, D2L Discussion forums display postings in the order, “Most Recent Activity,” which is displayed on the right side of the page under the text, “Sort by:”. If you have a different sort selected, please change it to “Most Recent Activity.” Once you have the postings sorted correctly, the posting immediately before yours will be located immediately below your posting. NOTE: If you are the first person to post a Report, you must assess the last report submitted, which will appear at the top of the Discussion forum.
    • For each Assessment, you must identify all strengths and weaknesses in the Report.
    • For each strength or weakness that you identify, you must provide a supporting argument as to why you consider it a strength or weakness.
  • Length Requirements

    • Each Report must not be less than 500 words nor exceed 650 words. NOTE: The name of the hypothetical situation does not count towards the word limits.
    • Each Assessment must not be less than 200 words nor exceed 300 words.
  • Citation Format

    • Citations must be embedded within the text; you may not use footnotes or a list of references at the end.
    • The formats are as follows:
      Case
      Format: [style of case, i.e., Party 1 v. Party2, in italics], [reporter volume] [reporter name] [page where case starts] ([name of court] [year])
      Example:
      Devbrow v. Gallegos, 735 F.3d 584 (7th Cir. 2013)
      Law Review Article
      Format: [authors], [title of article], [journal volume] [journal name] [page where article starts] ([year published])
      Example: Scott J. Shackelford , Andrew A. Proia, Brenton Martell & Amanda N. Craig, Toward a Global Cybersecurity Standard of Care: Exploring the Implications of the 2014 NIST Cybersecurity Framework on Shaping Reasonable National and International Cybersecurity Practices, 50 Tex. Int’l L. J. 305 (2015)
    • If you are having trouble, please use MLA citations for court cases to generate the citation to a case or MLA citations for Magazine Articles (click on Magazine tab, then scroll down) to generate the citation to a law review article.
  • Grading Criteria

    • Each Report will be graded on the following criteria:
      • summaries of facts/concepts
      • application of holding/concepts to hypothetical situation
      • conclusion of outcome
    • Each Assessment will be graded on how well it identifies the strengths and weaknesses of the Report and provides supporting arguments.
  • Submission

    Post just the text of your Report to the Discussion forum, thereby making it easier for another student to assess; please do not upload documents. Similarly, post just the text of your Assessment as a reply to the thread.

Chose one of the Topics:

  • Discovery and evidence: Forensic investigations

    • A company learns that its computer system has been breached and immediately hires an external attorney to defend it in any ensuing lawsuits. The attorney hires a forensic investigation company to analyze the attack and its consequences in preparation for litigation. The forensic investigator produces a report that identifies how the attack occurred and what data was likely exfiltrated; it also notes some additional vulnerabilities that were discovered during the investigation and recommends deploying certain countermeasures in order to prevent future breaches. The attorney recommends that the company implement the countermeasures simply because “there’s no sense in making a bad situation worse.” The company obtains bids for the additional security work but elects to wait on the work due to budgetary reasons. Shortly thereafter though, another attack occurs that exfiltrates a far greater amount of sensitive personal data. The company orders a second forensic investigation in preparation of litigation. This second report concludes that the countermeasures recommended in the first report would almost certainly would have prevented the second attack. Within weeks, Plaintiffs sue the company based on the second breach and request documents relating to the breach investigation. Can the Plaintiffs compel the production of the first forensic investigation report?
  • Incident response: Standards of care

    • A company called Righteous Music creates a website to deliver streaming music for a fee. Millions of people sign up and provide credit and debit card numbers, as well as other sensitive personal data, to Righteous Music through its website. The website suffers a breach due to an XSS attack that exposes the sensitive personal data of millions of customers. Without any further information about the security practices of Righteous, can its customers bring an action asserting that Righteous was negligent in its cybersecurity practices? Would the result be the same if the type of attack had been an SQL Injection attack?