Cybersecurity is a growing concern for all organizations, especially those that store, process, and transmit sensitive data. As commercial mailing and publishing continue to digitize, business operations rely on sharing growing volumes of data. This includes, for example, sharing subscriber and mailing information with the U.S. Postal Service (USPS), data aggregators, and other partners.

Increasingly, federal and state laws require that such information be protected with cybersecurity safeguards and require notification to consumers in the event of unauthorized access or breach. Liability and loss of consumer confidence are important risks that organizations often manage by updating their legal and technical processes to better reflect the modern cyber threat environment.

Organizations’ ability to keep these data confidential from competitors, and to protect these data from unauthorized access or breach, often depends not only on the resilience of the organizations’ cybersecurity programs, but also on that of the partners with which they share data.

Compounding this challenge, a growing number of regulations require organizations to maintain internal safeguards for sensitive information, and to ensure that partners and service providers protect such information. However, it is not always clear how partner organizations adequately safeguard shared data from unauthorized access, breach, and misuse.

For example, the inspector general (IG) for the USPS recently released an audit report that raised serious concerns regarding USPS security. The report noted that USPS cybersecurity “lacks maturity, which limits its ability to fully understand its risk exposure and protect the agency from cyberattack.” According to the IG, these and other issues expose USPS to potential exploitation by threat actors, which could result in data breaches and major disruptions.

Although the extent to which such alleged gaps in USPS security put subscriber/mailer and other personal information at risk is unclear, organizations should evaluate their legal liability, security posture, and processes to ensure they minimize risk and respond to security incidents. The integration of digital communications and hard-copy mailing operations has only just begun, and now is the time to take steps to protect your data.

If you’d like to discuss your company’s postal cybersecurity concerns, reach out to Harley Geiger, Matt Field, or Eric Berman. For more insights into advertising law, bookmark our All About Advertising blog and subscribe to our monthly newsletter.

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Matthew Field

Matthew Field is a knowledgeable regulatory counselor and skilled litigator who represents clients in highly regulated industries through all stages of the regulatory process, including providing compliance advice, defending against agency enforcement actions, and handling appellate litigation. Matt is particularly well versed in…

Matthew Field is a knowledgeable regulatory counselor and skilled litigator who represents clients in highly regulated industries through all stages of the regulatory process, including providing compliance advice, defending against agency enforcement actions, and handling appellate litigation. Matt is particularly well versed in postal and energy regulation, and has developed an extensive record of achieving positive results in representing clients before U.S. federal courts, the Federal Energy Regulatory Commission (FERC), the U.S. Postal Service (USPS), and the Postal Regulatory Commission (PRC).

Photo of Leonard L. Gordon Leonard L. Gordon

Len Gordon, chair of Venable’s Advertising and Marketing Group, is a skilled litigator who leverages his significant experience working for the Federal Trade Commission (FTC) to help protect his clients’ interests and guide their business activity. Len regularly represents companies and individuals in…

Len Gordon, chair of Venable’s Advertising and Marketing Group, is a skilled litigator who leverages his significant experience working for the Federal Trade Commission (FTC) to help protect his clients’ interests and guide their business activity. Len regularly represents companies and individuals in investigations and litigation with the FTC, state attorneys general, the Department of Justice (DOJ), and the Consumer Financial Protection Bureau (CFPB). Len also represents clients in business-to-business and class action litigation involving both consumer protection and antitrust issues. He also counsels clients on antitrust, advertising, and marketing compliance issues.