You may not believe that dogs have much to do with privacy and security, but on September 20, 2021, New Jersey’s highest state court ruled that dog owners’ names and addresses were public and therefore not exempt from disclosure by a city dog licensing authority, but other information (such as dog breed and name) raised security concerns. Bozzi v. City of Jersey City, — A.3d —- (2021) (2021 WL 4256377).
How do you balance sharing and protecting your business’ data? Unlike tangible assets, which can be protected primarily through physical means, intangible assets such as data require additional considerations. One key strategy to protect your business’ data is to characterize,
The declining cost of electronic data storage may have caused some company executives to conclude that retaining personal data forever is “cheap.” Perhaps the CNIL’s €1.75 million (USD $2,051,930) penalty for over-retention will lead to a different view.
The matter
The U.S. Department of Treasury, Office of Foreign Assets Control (“OFAC”) implemented additional measures today to combat the growing ransomware problem. OFAC’s measures consist of: (1) the designation of the entire SUEX OTC, S.R.O. (“SUEX”) crypto-currency exchange (SUEX) to the
The SEC announced enforcement actions against three sets of advisers for alleged failures in cybersecurity policies that violate the Safeguards Rule.
On August 27, 2021, the U.S. House Homeland Security Committee released a draft bill that would, among other things, establish a Cyber Incident Review Office (CIR Office) within the Cybersecurity and Infrastructure Security Agency (CISA), which is part of the U.S. Department of Homeland Security (DHS), and require critical infrastructure owners and operators to report cybersecurity incidents to the CIR Office. The bill would be known as the “Cyber Incident Reporting for Critical Infrastructure Act of 2021” (the Act) and would build on recent Executive Orders and directives aimed at the U.S. critical infrastructure (including pipelines).
On 26 August 2021, in a move that puts it on a potential collision course with the EU, the UK Government made a number of announcements relating to the future of the UK’s data protection regime, with the stated intention
Given global trends in the development of privacy laws and enforcement, Canada and several provinces are looking at modernizing their respective privacy regimes. Ontario’s new proposed privacy law, which would govern commercial activities more broadly than current legislation (i.e., our
China passed its Personal Information Protection Law (PIPL) on 20 August 2021. This is China’s first omnibus data protection law, and will take effect from 1 November 2021 allowing companies just over two months to prepare themselves. The PIPL is
China passed its Personal Information Protection Law (PIPL) on 20 August 2021. The new law will take effect from 1 November 2021 allowing companies just over 2 months to prepare themselves. The full text has not been made public yet.