New European Standard Contractual Clauses are Not ‘Set and Forget’
Since the European Court of Justice invalidated the EU-US Privacy Shield last year, importers of EU data have increasingly relied on Standard Contractual Clauses for data transfers between the European Economic Area and countries not meeting its standard. These SCCs are important in the edata/ediscovery world, where relying on the so-called derogations in the GDPR […]
Biden’s Cyber-Director Nominees Testify at Senate Confirmation Hearing
In a confirmation hearing by the Senate Homeland Security and Governmental Affairs Committee, Jen Easterly – nominee for Director of CISA – and Chris...
Peters, Portman Write to White House about Infrastructure & Ransomware
Senators Gary Peters (D-MI) and Rob Portman (R-OH), respectively the chair and ranking member of the Committee on Homeland Security and Government Affairs, have written to the acting director of OMB and the assistant to the president for national security affairs, “with serious concern about the state of our nation’s cybersecurity and the threat of […]
Rep. Langevin Criticizes Colonial Pipeline CEO Over Cyberattack Response
In a statement issued following testimony from Colonial Pipeline CEO Joseph Blount to the House Homeland Security Committee, Representative Jim Langevin (D-RI) strongly criticized Blount for his response to the ransomware attack on the company, and for his defense of it. “I am outraged that Mr. Blount today doubled down on his refusal to allow […]
DHS Partners with Companies to Run Civilian Agencies’ Vulnerability Disclosure Programs
The Department of Homeland Security will provide civilian agencies with vulnerability disclosure programs via partnerships with Bugcrowd and EnDyna. BugCrowd currently offers similar services to other governments, on the local level and internationally. EnDyna is a government technology, environmental, and safety services contractor. CISA’s platform will be run through its Cybersecurity Quality Services Management Office. […]
INSA Presents Recommendations for Potential DoD Threat Hunting Program
Carrying out a Cyberspace Solarium proposal enacted by the latest NDAA, the Defense Department is designing a possible threat hunting program that would focus on identifying vulnerabilities in the systems of defense contractors. The Intelligence and National Security Alliance, a non-profit professional organization for intelligence and national security personnel, has presented a set of recommendations. […]
FBI Director Warns Against Paying Ransom to Hackers
FBI director Christopher Wray told the Senate Judiciary Committee that the bureau’s policy and guidance is that companies should not pay ransom to recover their systems after a cyberattack. Wray cited the incentive payments provide to future hackers, and the fact that victims don’t always get what they pay for. Both Colonial Pipeline and meat […]
Nevada Seeks to Broaden Online Privacy Laws
On May 25, 2021, the Nevada legislature passed Senate Bill 260, which would amend the state’s online privacy notice statutes. The Bill will broaden Nevada’s existing right to opt-out of sales of covered information. In the Bill, the definition of “sale” is amended to expand the types of activity that could be considered sales, providing […]
US State Privacy Law Update – June 11, 2021
The Mintz Privacy & Cybersecurity Blog provides regular updates of notable pending US state privacy laws. The most notable update is that Colorado is set to become the third US state to pass a comprehensive privacy law, as the Colorado Privacy Act is on the governor’s desk and is expected to be signed. It is […]
Peters & Portman Provision to Create Significant Incident Declaration for Major Cyber-Attacks Passes Senate...
The Senate has passed the American Innovation and Competition Act, which includes a provision added by Senators Gary Peters (D-MI) and Rob Portman (R-OH)...