Topic: General

Subscribe to General RSS feed

Pennsylvania Supreme Court holds common law duty for employers extends to protecting sensitive employee information

Data Protection Report - Norton Rose FulbrightOn November 21, 2018, the Pennsylvania Supreme Court broke new ground by holding that employers have a legal duty to take reasonable care to safeguard its employees’ sensitive personal information from cyberattacks. … Continue reading

Browsewrap agreements: Are you covered?

Norton Rose Fulbright - Data Protection Report blogIn a recent decision, a California federal court held that an arbitration provision contained in Viacom, Inc.’s browsewrap agreement was unenforceable and denied Viacom’s request to stay the case pending arbitration.[1] The court’s decision in Rushing v. Viacom, Inc. is consistent with “courts’ traditional reluctance to enforce browsewrap agreements against individual consumers.”[2]… Continue reading

CCPA extends “right to deletion” to California residents

Data Protection Report - Norton Rose FulbrightFollowing Europe’s lead and some recent high profile scandals involving the use of personal information, California passed the California Consumer Privacy Act which goes into effect on January 1, 2020. (You can find our coverage of it here.) The law, the first of its kind in the US, is an omnibus privacy law for the … Continue reading

California Consumer Privacy Act: Disclosure requirements

Data Protection Report - Norton Rose FulbrightThis is the Data Protection Report’s fourth blog in a series of blogs that will break down the major elements of the CCPA which will culminate in a webinar on the CCPA in October. Stay tuned for additional blogs and information about our upcoming webinar on the CCPA. The California Consumer Privacy Act (the “CCPA” … Continue reading

Singapore’s new Cybersecurity Act comes into force: Here’s what you need to know

The much discussed Cybersecurity Act 2018 (Act. 9 of 2018) (the Act), which was passed by the Singapore Parliament on 5 February 2018, came into force on 31 August 2018 [1]. The new law creates a regulatory framework for the monitoring and reporting of cybersecurity threats to essential services in Singapore through the appointment of the … Continue reading

California Consumer Privacy Act: GDPR-like definition of personal information

Data Protection Report - Norton Rose FulbrightThis is the Data Protection Report’s third blog in a series of blogs that will break down the major elements of the CCPA which will culminate in a webinar on the CCPA in October. This blog focuses on the CCPA’s broad definition of Personal Information. Stay tuned for additional blogs and information about our upcoming … Continue reading

California Consumer Privacy Act blog series: Covered entities

Data Protection Report - Norton Rose FulbrightThis is the Data Protection Report’s second blog in a series of blogs that will break down the major elements of the CCPA which will culminate in a webinar on the CCPA in October. This blog focuses on covered entities. Stay tuned for additional blogs and information about our upcoming webinar on the CCPA.… Continue reading

Uber as a HIPAA business associate

Norton Rose Fulbright - Data Protection Report blogUber recently announced the launch of Uber Health, a non-emergency ride service that allows healthcare providers to schedule and pay for transportation for their patients. The stated purpose of the service is to expand medical transportation to traditionally underserved areas. Roughly 3.6 million Americans miss medical appointments each year due to lack of reliable transportation, contributing to the … Continue reading

New York Event: Shark Tank – Cybersecurity in the Boardroom

UK NIS Regulations impose new cybersecurity obligations (and a new penalties regime) on operators of essential services and digital service providers in the UK | Norton Rose FulbrightHow to pitch, explain, defend and collaborate on cybersecurity The board demands answers on cybersecurity. We discuss how executives can effectively respond to and collaborate with the board. Boards have now recognized that their companies, and board members themselves, face operational, financial, legal, and reputational consequences if they fail to address cybersecurity risk. Now, boards … Continue reading

Houston Event: Cybersecurity, Enterprise Risk and the Boardroom

Data Protection Report - Norton Rose FulbrightWhat could a hacking event mean for directors and officers? Significant cybersecurity incidents are intensifying and evolving. What are director and officer (D&O) duties to prevent, prepare for and respond to data breaches? Directors and officers are facing a sophisticated, organized, and motivated adversary in cyber attackers, who are untethered by law, ethics, or fear … Continue reading

White House Issues Cybersecurity Order

Data Protection Report - Norton Rose FulbrightOn May 11th, 2017, the White House released an executive order on strengthening the cybersecurity of federal networks and critical infrastructure (the “Order”).  The Order marks the administration’s first successful effort to address cybersecurity, after an earlier draft executive order on cybersecurity was postponed in January. The Order is divided into three substantive sections covering … Continue reading

Norton Rose Fulbright Nominated for Cyber Law Firm of the Year

Data Protection Report - Norton Rose FulbrightThe 2017 Advisen Cyber Risk Awards nominees have been announced, and Norton Rose Fulbright is shortlisted for Cyber Law Firm of the Year.  Ballots are now open, and you can show your support for Norton Rose Fulbright by casting your vote before Friday, May 19 at 11:59 pm ET. Each year, Advisen recognizes the most … Continue reading

New York Event: Cybersecurity Developments in Asia

The past year has seen data breaches in the headlines for Asia-based companies and the continued strengthening of privacy and security laws in this region. Please join us for a panel discussion at our New York office on Friday, April 21, 2017, regarding cybersecurity developments in Asia, including China’s new cybersecurity law that comes into effect … Continue reading

Singapore legal update: Firm warned for WhatsApp personal data disclosure

Singapore’s Personal Data Protection Commission has on 21 March 2017 issued a warning to a local firm for disclosing a former employee’s personal information in a company WhatsApp group. A director at the firm, Executive Coach International, had shared highly sensitive information about the former employee with 58 members of a chat group comprising staff … Continue reading

IAPP San Francisco KnowledgeNet Event – Privacy Developments in Asia

Data Protection Report - Norton Rose FulbrightPlease join us for a panel discussion as we host the upcoming IAPP San Francisco Bay Area KnowledgeNet Chapter meeting on April 27, 2017. This presentation will focus on the new China Cybersecurity Law, the latest developments with Asia-Pacific Economic Cooperation (APEC) Cross Border Privacy Rules (CBPR), and privacy laws in Asia. Panelists: Anna Gamvros, … Continue reading

Singapore cybersecurity – new amendments introduce four key changes

Singapore’s Ministry of Home Affairs has announced amendments to the Republic’s cybersecurity laws, i.e. the Computer Misuse and Cybersecurity Act (CMCA), after a series of high-profile cyberattacks in recent years. The Computer Misuse and Cybersecurity Amendment Bill (the Bill), which will be discussed when Parliament sits on 3 April 2017, introduces four key changes to … Continue reading

Event: Cybersecurity Updates in the Financial Services Sector – April 6, 2017

Data Protection Report - Norton Rose FulbrightPlease join us for a 40-minute briefing on the latest developments in cybersecurity and what the financial services sector needs to know in order to comply. There are new regulatory initiatives at the international, US national and US state levels. With the consistent threat of security breach, financial institutions need to be aware of the latest developments … Continue reading

IAPP Web Conference – The New Chinese Cybersecurity Law

Barbara Li, a partner in Norton Rose Fulbright’s Beijing office, recently spoke on an International Association of Privacy Professionals (IAPP) Recorded Web Conference discussing legal updates surrounding the cybersecurity law passed in November 2016 that imposes new cybersecurity data governance requirements on companies doing business in and with China. The law encompasses both “network operators,” defined essentially as … Continue reading

New York’s financial sector cybersecurity rules take effect

Data Protection Report - Norton Rose FulbrightOn March 1, 2017, a comprehensive set of new cybersecurity rules adopted by the New York Department of Financial Services (DFS) took effect.  The rules require banks, insurers and other entities regulated by DFS to implement a number of specific cybersecurity controls to protect not only personal information but any business information that would cause … Continue reading

IAPP New York KnowledgeNet Event – GDPR Deep Dive

Please join us as we host the upcoming New York IAPP KnowledgeNet Chapter meeting. A panel of industry legal and operational leaders will discuss the Article 29 Working Party’s guidance on the requirements of Data Protection Officers and Data Portability under the new EU General Data Protection Regulation (GDPR) and describe how best to prepare GDPR’s other enhanced … Continue reading

EU Data Package Highlights Connections between Data Protection and the Digital Single Market

Data Protection Report - Norton Rose FulbrightOn January 10, 2017, the EU Commission published a package of documents on the EU’s data economy strategy, including e-privacy, data protection and the “European Data Economy.” The Commission documents,  published in the context of the Commission’s digital single market (“DSM”) initiative announced in May 2015, illustrate again the strong links between the EU’s digital … Continue reading
LexBlog