Ransomware: To Pay or Not To Pay

In his New York Law Journal article, “Ransomware: To Pay or Not To Pay,” partner and chair of HSE’s Privacy and Data Security practice, F. Paul Greene, CIPP/US, CIPP/E, CIPM, FIP, explores the complex legal landscape surrounding ransomware payments in the United States. Greene highlights the dilemma faced by organizations when dealing with ransomware attacks, where paying a ransom may seem like the only option to regain control of encrypted data. He emphasizes the legal considerations businesses must evaluate, including the stance of government agencies and the potential violation of sanctions-list restrictions by making ransom payments.


To download the full article, click here.

Attorney Advertising. Prior results do not guarantee a similar outcome. This publication is provided as a service to clients and friends of Harter Secrest & Emery LLP. It is intended for general information purposes only and should not be considered as legal advice. The contents are neither an exhaustive discussion nor do they purport to cover all developments in the area. The reader should consult with legal counsel to determine how applicable laws relate to specific situations. ©2024 Harter Secrest & Emery LLP