Collaborate Disseminate
Stephen Pritchard reports: Authorities in India are set to clamp down on data breaches and tighten rules for holding sensitive data, according to local media reports. Organizations will be forced to disclose data breaches within 72 hours, bringing Indi… Continue reading Indian authorities set to tighten data breach laws in 2022
Lindsey O’Donnell-Welch reports: New cybersecurity requirements from the Transportation Security Administration (TSA) give freight railroads, passenger rail and rail transit operators a 24-hour deadline for reporting security incidents. Starting … Continue reading TSA issues security rules for rail operators
Jane Wakefield reports: The government has introduced new legislation to protect smart devices in people’s homes from being hacked. Recent research from consumer watchdog Which? suggested homes filled with smart devices could be exposed to more t… Continue reading Huge fines and a ban on default passwords in new UK law
The Cyber Security Agency of Singapore (CSA) had collaborated with the PDPC and Singapore Police Force (SPF) to develop a handbook covering an overview of the Cybersecurity Act, Computer Misuse Act and Personal Data Protection Act. The handbook explain… Continue reading Overview of Legislations on Cybersecurity, Personal Data Protection and Computer Misuse
Sergiu Gatlan reports: US federal bank regulatory agencies have approved a new rule ordering banks to notify their primary federal regulators of significant computer-security incidents within 36 hours. Banks are only required to report major cyberattac… Continue reading US regulators order banks to report cyberattacks within 36 hours
Christopher Brown reports: Makers of health apps are scrambling to understand the extent of their legal liability after a divided Federal Trade Commission announced they’re now required to inform users about data and privacy breaches—and if they have u… Continue reading Data Breach Rule for Health Apps Leaves Developers in the Dark
Lisa Vaas reports: A U.S. lawmaker has introduced a bill – the Ransomware and Financial Stability Act (H.R.5936) (PDF) – that would make it illegal for financial firms to pay ransoms over $100,000 without first getting the government’s permission. The … Continue reading Congress Mulls Ban on Big Ransom Payouts Unless Victims Get Official Say-So
Anthony Mirenda, Stephen Garvey, and Natalie Panariello of Foley Hoag write: As we anticipated last spring, the Department of Justice (DOJ) has signaled that it will utilize civil enforcement of the False Claims Act (FCA) to address new and emerging cy… Continue reading DOJ Announces New Cyber-Fraud Initiative Promoting False Claims Act Enforcement Against Contractors and Grantees Failing to Follow Cybersecurity Standards
Charles S. Morgan, Ellen Yifan Chen, and Philippe April of McCarthy Tétrault LLP write: The Act to Modernize Legislative Provisions respecting the Protection of Personal Information (“Bill 64” or the “Bill”)[1] received royal assent on September 22, 20… Continue reading Quebec’s Bill 64 Introduces Unique Cyber Incident Reporting Obligations
Bill Toulas reports: Australia’s Minister for Home Affairs has announced the “Australian Government’s Ransomware Action Plan,” which is a set of new measures the country will adopt in an attempt to tackle the rising threat. [… Continue reading Australia to tackle ransomware data breaches by deleting stolen files