Showing 1 - 10 of 244
Article 1 nov 2022
We are pleased to share the first edition of Kennedys Privacy & Breach Litigation Monitor. This bi-weekly mailing was created with our clients in mind - to bring you up to speed on the latest topics and trends in data privacy and breach litigation.
Article 27 out 2022
The ICO issues a firm warning to businesses as it fines UK construction firm, Interserve Group Limited, £4.4 million
The UK’s data protection regulator, the Information Commissioner’s Office (ICO), recently published details of its most recent monetary penalty notice. This latest notice imposes a penalty of £4.4 million on construction and outsourcing firm, Interserve Group Limited arising from a cyber-attack in 2020. Here, we look at what businesses can learn from the notice and what it reveals about the ICO’s enforcement strategy.
Article 6 out 2022
The global cyber team at Kennedys has seen a growing trend in data breaches arising from the bypassing of MFA by cybercriminals. In this article, we share what we have seen so far, detail the potential repercussions, and provide recommendations on how best to avoid falling victim to this latest trend.
Case review 13 set 2022
Federal Court of Australia weighs in on scope of cover for “direct financial loss” arising from a cyber incident
In this article we explore the recent Federal Court decision in Inchcape Australia Limited v Chubb Insurance Australia Limited, which highlights the importance of considering the precise wording of the policy when determining whether a cyber insurance policy will adequately cover an insured for potential losses.
Article 31 ago 2022
On 17 March 2022, the UK Government delivered to parliament a 'world-leading' Online Safety Bill aimed to make the UK the safest place to go online while defending free expression. Here, and in light of Ofcom’s Call for Evidence about its plans for implementation of online safety regulation, we focus on the scope of the Bill’s provisions and the likely impact on organisations.
Article 18 ago 2022
Good governance: the role of non-executive directors in addressing cyber security risks in a healthcare organisation
Digital technology and data remain an increasingly significant and ever-evolving part of the delivery of modern health and care services. To address the risks posed to cyber security, there are a number of important considerations for healthcare organisations.
Article 17 ago 2022
In its latest move to ensure that syndicates are appropriately addressing cyber exposures, Lloyd’s issued on August 16, 2022 Market Bulletin Y5381 -- “State backed cyber-attack exclusion” -- to require “legally reviewed” and “sufficiently robust” wordings in cyber policies to address both war and non-war state backed cyber-attacks. Lloyd’s noted that “exposure to cyber-attack losses has been an area of market focus in circumstances where the losses arise from attacks sponsored by sovereign states” and announced a requirement, effective March 31, 2023, for syndicates to include a state backed cyber-attack exclusion in stand-alone cyber policies at inception or upon renewal.
Article 2 ago 2022
After several years of delays the Personal Data Protection Act B.E. 2562 (2019) ("PDPA") came into force in Thailand on 1 June 2022. Since then, on 20 June 2022, subordinate legislation (the "Notifications") under the PDPA was issued by the Personal Data Protection Committee ("PDPC") and published in the Royal Thai Government Gazette.
These Notifications are intended to set out the various criteria and rules, as well as much needed guidance and clarification, of some key requirements under the PDPA.
Article 27 jul 2022
In a recent precedential decision involving electronic service to an unknown defendant, the High Court of England and Wales approved a special request to issue an interim injunction and permit service of a lawsuit via a non-fungible token (“NFT”). The case follows a similar decision in New York trial court. Both decisions raise issues as to how prevalent will NFT service become in the US and UK.
Case review 6 jul 2022
Federal Court of Australia paves the way to requiring AFS licensees to have adequate cybersecurity and cyber resilience measures
In the recent case of Australian Securities and Investments Commission v RI Advice Group Pty Ltd, the Federal Court of Australia considered for the first time the cybersecurity obligations of Australian Financial Services licensees and their authorised representatives.