Since the European Court of Justice invalidated the EU-US Privacy Shield last year, importers of EU data have increasingly relied on Standard Contractual Clauses for data transfers between the European Economic Area and countries not meeting its standard. These SCCs are important in the edata/ediscovery world, where relying on the so-called derogations in the GDPR […]
In a confirmation hearing by the Senate Homeland Security and Governmental Affairs Committee, Jen Easterly – nominee for Director of CISA – and Chris...
Senators Gary Peters (D-MI) and Rob Portman (R-OH), respectively the chair and ranking member of the Committee on Homeland Security and Government Affairs, have written to the acting director of OMB and the assistant to the president for national security affairs, “with serious concern about the state of our nation’s cybersecurity and the threat of […]
In a statement issued following testimony from Colonial Pipeline CEO Joseph Blount to the House Homeland Security Committee, Representative Jim Langevin (D-RI) strongly criticized Blount for his response to the ransomware attack on the company, and for his defense of it. “I am outraged that Mr. Blount today doubled down on his refusal to allow […]
The Department of Homeland Security will provide civilian agencies with vulnerability disclosure programs via partnerships with Bugcrowd and EnDyna. BugCrowd currently offers similar services to other governments, on the local level and internationally. EnDyna is a government technology, environmental, and safety services contractor. CISA’s platform will be run through its Cybersecurity Quality Services Management Office. […]
Carrying out a Cyberspace Solarium proposal enacted by the latest NDAA, the Defense Department is designing a possible threat hunting program that would focus on identifying vulnerabilities in the systems of defense contractors. The Intelligence and National Security Alliance, a non-profit professional organization for intelligence and national security personnel, has presented a set of recommendations. […]
FBI director Christopher Wray told the Senate Judiciary Committee that the bureau’s policy and guidance is that companies should not pay ransom to recover their systems after a cyberattack. Wray cited the incentive payments provide to future hackers, and the fact that victims don’t always get what they pay for. Both Colonial Pipeline and meat […]
On May 25, 2021, the Nevada legislature passed Senate Bill 260, which would amend the state’s online privacy notice statutes. The Bill will broaden Nevada’s existing right to opt-out of sales of covered information. In the Bill, the definition of “sale” is amended to expand the types of activity that could be considered sales, providing […]
The Mintz Privacy & Cybersecurity Blog provides regular updates of notable pending US state privacy laws. The most notable update is that Colorado is set to become the third US state to pass a comprehensive privacy law, as the Colorado Privacy Act is on the governor’s desk and is expected to be signed. It is […]
Peters & Portman Provision to Create Significant Incident Declaration for Major Cyber-Attacks Passes Senate...
The Senate has passed the American Innovation and Competition Act, which includes a provision added by Senators Gary Peters (D-MI) and Rob Portman (R-OH)...