Showing 1 - 10 of 74
As the world emerged from lockdown, it should come as no surprise that cybersecurity and data privacy remained dominant topics in the media and legal industry. Some of 2021 was much like 2020 – ransomware attacks continued to fill the headlines, and in the aggregate, constituted significant loss paid under cyber insurance policies. OFAC reminded victim companies and incident response firms (and cyber carriers) that it remains unlawful to pay ransom payments to designated organizations. Comprehensive federal legislation addressing cyber defenses and notification requirements never materialized.
This article provides an overview of the applicable discovery rules and recent case law addressing disputes arising from workflow platforms as well as guidance for avoiding potential pitfalls in discovery.
Problematic legislation and fundamental rights: new obstacles to transferring personal data from Europe
We have all experienced restrictions on international travel during the COVID-19 pandemic. But did you know that recent developments in European privacy law have also made it harder for personal data to cross international borders? As Special Counsel Nicholas Blackmore explains, new EU Standard Contractual Clauses and guidance from the European Data Protection Board pose significant challenges for Australian businesses attempting to transfer personal data from Europe.
Yesterday, on December 7, 2021, the New York State Department of Financial Services (“NYDFS”) issued Guidance on Multi-Factor Authentication (“Guidance”), reminding all regulated entities (or “Covered Entities”) that the use of multi-factor authentication (“MFA”) is required by the NYDFS Cyber Regulation.
The Federal Trade Commission (FTC) recently announced its long-awaited update to the Standards for Safeguarding Customer Information, the Safeguards Rule, to strengthen data security requirements for covered businesses.
We are delighted to have appointed one of the country’s leading data specialists as part of a bold new strategy which will revolutionise the way we does business.
Liability under California’s Invasion of Privacy Act (CIPA) expanded by California Supreme Court decision
Earlier this year, in Smith v. LoanMe, Inc., a case interpreting California Penal Code section 632.7, the California Supreme Court held that cellular or cordless phone conversations cannot be recorded by either nonparties or parties to the call without consent. LoanMe overturned a California Court of Appeal’s ruling that consent is required only if nonparties, and not the parties to the call, recorded the conversation.
On September 24, 2021, a federal court in North Carolina ruled that CGL insurers had no duty to defend the insured under North Carolina law for an Illinois Biometric Information Privacy Act (BIPA) class action claim.
The Securities and Exchange Commission (SEC) has ramped up its cybersecurity enforcement, filing several administrative orders and signaling increased scrutiny of both cyber-related disclosures and compliance with the Safeguards Rule.
It’s finally here. On 20 August 2021, the People’s Republic of China enacted the Personal Information Protection Law. The law is comprehensive, comprising 74 articles in eight separate chapters. Like the EU’s General Data Protection Regulation, it is now the fundamental regulatory regime for personal information in its jurisdiction. It becomes effective on 1 November 2021, a little under two months away.