Tuesday, October 26, 2021

Subscribers Only

Free

Calls for Federal Breach Notification Law Continue After Yahoo Data Breach

The fallout from the massive breach of Yahoo’s systems continues, with federal officials calling for legislation to require companies to announce cyber breaches. The Federal Trade Commission called for legislation to strengthen its existing authority over companies’ cyber practices and to require companies to notify consumers when there is a breach. Assistant Attorney General for […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

EDPS Issues Opinion on Coherent Enforcement of Fundamental Rights in the Age of Big...

The European Data Protection Supervisor has issued an opinion on data privacy calling for a digital enforcement clearing house for EU authorities responsible for regulating the digital sector; an EU values-based common area on the web where individuals are able to interact without being tracked; and improved representation of the individual’s interest in the mergers […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

CISPE Unveils Cloud Providers Code of Conduct

The Cloud Infrastructure Services Providers in Europe has published its Data Protection Code of Conduct, addressing transparency and compliance with EU data protection laws. Based on internationally recognized security standards and compliant with the new EU General Data Protection Regulation, the code calls for cloud customers to be offered the ability to process and store […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

You’ve Been Hacked and You Have No Cyber Insurance?

In the major recent decision Travelers Insurance v. Portal Healthcare Solutions, a federal court of appeals held that a cyber incident was covered, at least in part, by the victim company’s commercial general liability policy. While policies vary, CGL commonly covers oral or written publication of material that violates a person’s right to privacy. Although […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

More Companies in EU-U.S. Data Transfer Plan at Deadline

Nearly 300 firms submitted certifications for the EU-US Privacy Shield data transfer program in advance of the September 30 safe harbor deadline, which provides them nine months to ensure their third party partners have the same levels of data protection as required under the Shield. However, some firms have balked at certifying, in part due […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

A Grand Bargain to Make Tech Companies Trustworthy

In this commentary, Jack Balkin, the Knight Professor of Constitutional Law and the First Amendment at Yale Law School, and Jonathan Zittrain, a professor at Harvard Law School, suggest the creation of a fiduciary requirement for tech firms that gather and store significant amounts of data from the public. The approach would establish a legal […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

SWIFT Security Controls to be Mandatory by 2018

The SWIFT interbank messaging system will require its banking partners to implement baseline security controls, but observers say the plan’s lack of detail calls into question how well the new policy can be implemented and enforced. More at Search Security
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Compliance Pushing Boards’ Cyber Security More Than Breaches

According to a new survey by Bay Dynamics and Osterman Research, corporate boards say federal and state regulatory requirements are more important than the threat of a breach when it comes to cybersecurity planning. Eighteen percent of respondents said more government regulation was the top driver for prioritizing cybersecurity, compared to only three percent who […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Why DHS Didn’t Need Its Own Internet of Things Guidance

In this commentary, independent analyst and freelance writer Ariel Robinson says the Department of Homeland Security’s plan to develop a set of unifying principles for security the internet of things is duplicative and unnecessary. Instead of creating yet another set of government guidelines, DHS would be better served to drive awareness and adoption of existing […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

HHS Awards Funds for Health IT Cybersecurity Threat Sharing

The Department of Health and Human Services has entered into a cooperative agreement with the National Health Information Sharing and Analysis Center to build an infrastructure for sharing cybersecurity threat and prevention information. Under the agreement, HHS is providing $350,000 in funding to the center to build the information sharing environment. More at Federal Times
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.