Collaborate Disseminate
Hunton Andrews Kurth writes: On April 29, 2021, China issued a second version of the draft Personal Information Protection Law (“Draft PIPL”). The Draft PIPL will be open for public comments until May 28, 2021. While the framework of this version of th… Continue reading China Issues Second Version of the Draft Personal Information Protection Law for Public Comments
Andrea Vittorio reports: Recent data scraping incidents at Facebook Inc. and LinkedIn Corp. highlight an ongoing debate over whether companies can invoke an anti-hacking law to restrict rivals or other actors from harvesting information from people’s o… Continue reading Scraping Episodes Highlight Debate Over Anti-Hacking Law’s Scope
Kenny Chee reports: The number of data breach alerts Singapore’s data protection watchdog received tripled in the February-March period compared with the previous two months. This comes amid a string of potential personal data leaks reported in r… Continue reading Sg: Data breach alerts in Singapore up on new reporting rules, more cyber threats: Experts
Implementing the HIPAA Security Rule: Call for Comments on NIST SP 800-66, Revision 1 The National Institute for Standards and Technology (NIST) is planning to update the NIST Special Publication (SP) 800—66, Revision 1, An Introductory Resource Guide … Continue reading Implementing the HIPAA Security Rule: Call for Comments on NIST SP 800-66, Revision 1
Kartikay Mehrota reports: Cybersecurity experts, law enforcement agencies and governments urged the White House to root out safe havens for criminals engaging in ransomware and step up regulation of cryptocurrencies, the lifeblood of hackers, in the ho… Continue reading White House Urged to Address Surge in Ransomware Attacks
Brian Wolfman notes: The first paragraph of the Court’s unanimous opinion in AMG Capital Management v. FTC sums it up: Section 13(b) of the Federal Trade Commission Act authorizes the Commission to obtain, “in proper cases,” a “permanent injuncti… Continue reading Supreme Court holds that monetary relief is unavailable under Section 13(b) of the Federal Trade Commission Act
Doug Olenick reports: The American Bankers Association and three other groups have voiced objections to provisions in a cyber incident notification regulation for banks proposed by three federal agencies. For example, they say that the definition of a … Continue reading Bank Groups Object to Proposed Breach Notification Regulation
Joseph J. Lazzarotti of JacksonLewis writes: Today, the U.S. Department of Labor’s Employee Benefits Security Administration (EBSA) issued much anticipated cybersecurity guidance for employee retirement plans. This comes more than four and a half years… Continue reading DOL Issues Cybersecurity Best Practices for ERISA Covered Retirement Plans
Digital attackers are increasingly launching sophisticated campaigns in an effort to target U.S. federal agencies and other organizations. Two recent examples demonstrate this reality. These are the SolarWinds supply chain attack and the HAFNIUM Exchan… Continue reading How Tripwire Can Help U.S. Federal Agencies Implement the CIS Controls
Jane Edwards reports: A draft of an executive order would direct software companies to inform federal agency clients in the event of a cyber attack within their organizations, keep more digital records and work with the Cybersecurity and Infrastructure… Continue reading Report: Draft Executive Order to Require Software Vendors to Notify Federal Customers of Cyber Breaches