Federal – Page 35 – WindowsTechs.com

EBA’s Proposed Guidelines Call for 2-Hour Notice of Data Breach

Posted on December 14, 2016 by Dissent

From PayBefore: The European Banking Authority (EBA) working with the European Central Bank (ECB) recently released a consultation paper on guidelines for payment service providers (PSPs) to follow in the event of security breaches. Among the suggested mandates is notifying authorities of an incident within two hours from the moment the breach is detected—that’s significantly faster than […] Continue reading EBA’s Proposed Guidelines Call for 2-Hour Notice of Data Breach→

New cyber incident notification guidelines take effect April 1, 2017

Posted on November 25, 2016 by Dissent

Tony Ware reports: The U.S. Computer Emergency Readiness Team (US-CERT) is implementing new reporting requirements beginning April 1, 2017, and just released new guidelines to help federal departments and agencies; state, local, tribal, and territorial government entities; information sharing and analysis organizations; and foreign, commercial and private-sector organizations submit incident notifications. An “incident” is defined […] Continue reading New cyber incident notification guidelines take effect April 1, 2017→

Department Releases Intake and Charging Policy for Computer Crime Matters

Posted on October 27, 2016 by Dissent

As computers play an ever-greater role in our lives and cybercrime becomes both more commonplace and more devastating, the need for robust criminal enforcement of effective computer crime laws will only become more important. As we’ve said in public remarks last year, we urgently need targeted updates to the Computer Fraud and Abuse Act that will help the department […] Continue reading Department Releases Intake and Charging Policy for Computer Crime Matters→

Three times a charm? Twice dead data breach notification laws re-enter Australia’s Parliament

Posted on October 19, 2016 by Dissent

Chris Duckett reports: It’s a scenario that feels like it could use a Ron Howard voiceover as Australia is making a third attempt at passing data breach notification laws, following previous attempts being stranded in the Senate by both Labor and Coalition governments. […] The laws being introduced this time around are similar to those drafted […] Continue reading Three times a charm? Twice dead data breach notification laws re-enter Australia’s Parliament→

NAIC Task Force Releases Revised Draft Insurance Data Security Model Law

Posted on August 26, 2016 by Dissent

John S. Pruitt, Mary Jane Wilson-Bilik and John Allen Zumpetta of Sutherland Asbill & Brennan LLP write: On August 17, the National Association of Insurance Commissioners (the NAIC) Cybersecurity (EX) Task Force (the Task Force) released for comment a revised draft Insurance Data Security Model Law (the Model Law). This Model Law purports to “establish exclusive standards […] Continue reading NAIC Task Force Releases Revised Draft Insurance Data Security Model Law→

AU: Computer hacking victims entitled to damages from businesses over data leaks

Posted on August 20, 2016 by Dissent

Natasha Bita reports: Companies that lose or leak customers’ personal data will be forced to apologise or pay compensation for psychological harm under new laws blasted by business groups. The federal government plans to introduce new privacy legislation this year, requiring banks, phone and internet providers, retailers and government departments to tell customers when data has […] Continue reading AU: Computer hacking victims entitled to damages from businesses over data leaks→

Potential Risks and Rewards of Cybersecurity Information Sharing Under CISA

Posted on July 25, 2016 by Dissent

Peter Carey and Keith M. Gerver of Cadwalader, Wickersham & Taft LLP, write: When President Obama signed into law the Cybersecurity Act of 2015, which was designed to facilitate information sharing on cybersecurity threats between the public and private sectors, proponents hailed it as “our best chance yet to help address this economic and national security priority in a […] Continue reading Potential Risks and Rewards of Cybersecurity Information Sharing Under CISA→

9th Circuit: It’s a federal crime to visit a website after being told not to visit it

Posted on July 13, 2016 by Dissent

Orin Kerr writes: The U.S. Court of Appeals for the 9th Circuit has handed down a very important decision on the Computer Fraud and Abuse Act, Facebook v. Vachani, which I flagged just last week. For those of us worried about broad readings of the Computer Fraud and Abuse Act, the decision is quite troubling. Its reasoning appears […] Continue reading 9th Circuit: It’s a federal crime to visit a website after being told not to visit it→

European Parliament Adopts Directive on Security of Network and Information Systems

Posted on July 7, 2016 by Dissent

Hunton & Williams writes: On July 6, 2016, the European Parliament adopted the Directive on Security of Network and Information Systems (the “NIS Directive”), which will come into force in August 2016. EU Member States will have 21 months to transpose the NIS Directive into their national laws. The NIS Directive is part of the […] Continue reading European Parliament Adopts Directive on Security of Network and Information Systems→

Password-sharing case divides Ninth Circuit in Nosal II

Posted on July 7, 2016 by Dissent

Orin Kerr writes: The Ninth Circuit has handed down United States v. Nosal (“Nosal II“), a case on the scope of the Computer Fraud and Abuse Act that I blogged about here and here. The court held 2-1 that former employees of a company who had their company accounts revoked violated the CFAA when they subsequently […] Continue reading Password-sharing case divides Ninth Circuit in Nosal II→