Cyber

The U.S. Department of Treasury, Office of Foreign Assets Control (“OFAC”) implemented additional measures today to combat the growing ransomware problem.  OFAC’s measures consist of: (1) the designation of the entire SUEX OTC, S.R.O. (“SUEX”) crypto-currency exchange (SUEX) to the SDN List; (2) designating a fairly large number (~25) additional digital currency addresses to the […]

On September 21, Treasury’s Office of Foreign Assets Control issued an Updated Advisory on Potential Sanctions Risks for Facilitating Ransomware Payments on the sanctions risks associated with facilitating ransomware payments. It explains that OFAC has designated malicious cyber actors under its cyber-related sanctions programs. Cyberattack victims, financial institutions, insurance firms and other companies assisting with […]

The Treasury Department has announced sanctions against Russia-based cryptocurrency exchange Suex or facilitating transactions involving money gained via ransomware and other hacking. The sanctions block all of Suex’s property and business interests in the U.S. Additional sanctions are threatened for any individuals who engage with the platform. Treasury said that over 40% of Suex’s transactions […]

On September 15, the FTC adopted – on a 3-2 party-line vote – a policy statement that takes a broad view of which health apps and connected devices are subject to the FTC’s Health Breach Notification Rule and what triggers the Rule’s notification requirement. The Rule was promulgated in 2009 under the Health Information Technology […]

On September 20, 2021, the Commerce Department’s Bureau of Industry and Security (BIS) published a Notice of Request for Public Comments on Risks in the Information Communications Technology (ICT) Supply Chain. The RFC calls for comments on cybersecurity and supply chain challenges for the ICT sector and will inform a federal report on ICT supply […]

A new amendment to the fiscal 2022 National Defense Authorization Act would require the Department of Defense to give Congress an estimate of how...

The FTC has again signaled its focus on the growing use of apps, wearables, and other devices to track health and wellness data, in a statement on the scope of the Health Breach Notification Rule. The rule is intended to address those entities that collect health information, but are not covered by HIPAA. Under the […]

The Biden administration has announced the formation of a new security partnership with Australia and the United Kingdom, which will focus on advancing cyber and other emerging technology with military capabilities. Administration officials say that AUKUS is not targeting China, but that country looms large in issues the partnership says it will address. A key […]

Perkins Coie’s Privacy & Security practice maintains a comprehensive chart that summarizes state laws regarding security breach notification. The chart is for informational purposes only and is intended as an aid in understanding each state’s sometimes-unique security breach notification requirements. The chart has been revised to reflect new developments in state cybersecurity laws and regulations […]

In this 19-minute episode of “Life with GDPR”, Jonathan Armstrong and Tom Fox discuss the difficult decision of whether to pay or not to pay a ransomware demand. Some of the questions considered include: How does a ransomware attack occur? What are the potential legal and commercial risks of paying ransoms? What about specific new […]