Topic: General

California Consumer Privacy Act blog series: Covered entities

Data Protection Report - Norton Rose Fulbright

This is the Data Protection Report’s second blog in a series of blogs that will break down the major elements of the CCPA which will culminate in a webinar on the CCPA in October. This blog focuses on covered entities. Stay tuned for additional blogs and information about our upcoming webinar on the CCPA.… Continue reading

Uber as a HIPAA business associate

By Kim Gold (US) and Alexis Wilpon (US) on March 7, 2018 Posted in General

Norton Rose Fulbright - Data Protection Report blog

Uber recently announced the launch of Uber Health, a non-emergency ride service that allows healthcare providers to schedule and pay for transportation for their patients. The stated purpose of the service is to expand medical transportation to traditionally underserved areas. Roughly 3.6 million Americans miss medical appointments each year due to lack of reliable transportation, contributing to the … Continue reading

Singapore passes new Cybersecurity Bill: Here’s what you need to know before it comes into force

By Stella Cramer (SG), Wilson Ang (SG), David Olds, Jessica Paulin and Jeremy Lua on February 14, 2018 Posted in cybercrime, Data breach, General

The Singapore Parliament passed the much discussed Cybersecurity Bill (the Bill) on 5 February 2018 and it is anticipated that the new law will come into force soon.… Continue reading

New York Event: Shark Tank – Cybersecurity in the Boardroom

By Norton Rose Fulbright on June 27, 2017 Posted in General

How to pitch, explain, defend and collaborate on cybersecurity The board demands answers on cybersecurity. We discuss how executives can effectively respond to and collaborate with the board. Boards have now recognized that their companies, and board members themselves, face operational, financial, legal, and reputational consequences if they fail to address cybersecurity risk. Now, boards … Continue reading

Houston Event: Cybersecurity, Enterprise Risk and the Boardroom

By Norton Rose Fulbright on May 13, 2017 Posted in General

What could a hacking event mean for directors and officers? Significant cybersecurity incidents are intensifying and evolving. What are director and officer (D&O) duties to prevent, prepare for and respond to data breaches? Directors and officers are facing a sophisticated, organized, and motivated adversary in cyber attackers, who are untethered by law, ethics, or fear … Continue reading

White House Issues Cybersecurity Order

By Kathryn Linsky (US) on May 11, 2017 Posted in General, Regulatory response

On May 11th, 2017, the White House released an executive order on strengthening the cybersecurity of federal networks and critical infrastructure (the “Order”). The Order marks the administration’s first successful effort to address cybersecurity, after an earlier draft executive order on cybersecurity was postponed in January. The Order is divided into three substantive sections covering … Continue reading

Norton Rose Fulbright Nominated for Cyber Law Firm of the Year

By Norton Rose Fulbright on May 10, 2017 Posted in General

The 2017 Advisen Cyber Risk Awards nominees have been announced, and Norton Rose Fulbright is shortlisted for Cyber Law Firm of the Year. Ballots are now open, and you can show your support for Norton Rose Fulbright by casting your vote before Friday, May 19 at 11:59 pm ET. Each year, Advisen recognizes the most … Continue reading

New York Event: Cybersecurity Developments in Asia

By Norton Rose Fulbright on April 13, 2017 Posted in General

The past year has seen data breaches in the headlines for Asia-based companies and the continued strengthening of privacy and security laws in this region. Please join us for a panel discussion at our New York office on Friday, April 21, 2017, regarding cybersecurity developments in Asia, including China’s new cybersecurity law that comes into effect … Continue reading

Singapore legal update: Firm warned for WhatsApp personal data disclosure

By Gigi Cheah and Magdalene Lie on April 5, 2017 Posted in cybercrime, Data breach, General

Singapore’s Personal Data Protection Commission has on 21 March 2017 issued a warning to a local firm for disclosing a former employee’s personal information in a company WhatsApp group. A director at the firm, Executive Coach International, had shared highly sensitive information about the former employee with 58 members of a chat group comprising staff … Continue reading

IAPP San Francisco KnowledgeNet Event – Privacy Developments in Asia

By Norton Rose Fulbright on April 4, 2017 Posted in General

Please join us for a panel discussion as we host the upcoming IAPP San Francisco Bay Area KnowledgeNet Chapter meeting on April 27, 2017. This presentation will focus on the new China Cybersecurity Law, the latest developments with Asia-Pacific Economic Cooperation (APEC) Cross Border Privacy Rules (CBPR), and privacy laws in Asia. Panelists: Anna Gamvros, … Continue reading

Singapore cybersecurity – new amendments introduce four key changes

By Stella Cramer (SG), Wilson Ang (SG), Magdalene Lie and Jeremy Lua on March 24, 2017 Posted in General

Singapore’s Ministry of Home Affairs has announced amendments to the Republic’s cybersecurity laws, i.e. the Computer Misuse and Cybersecurity Act (CMCA), after a series of high-profile cyberattacks in recent years. The Computer Misuse and Cybersecurity Amendment Bill (the Bill), which will be discussed when Parliament sits on 3 April 2017, introduces four key changes to … Continue reading

Event: Cybersecurity Updates in the Financial Services Sector – April 6, 2017

By Norton Rose Fulbright on March 24, 2017 Posted in General

Please join us for a 40-minute briefing on the latest developments in cybersecurity and what the financial services sector needs to know in order to comply. There are new regulatory initiatives at the international, US national and US state levels. With the consistent threat of security breach, financial institutions need to be aware of the latest developments … Continue reading

IAPP Web Conference – The New Chinese Cybersecurity Law

By Norton Rose Fulbright on March 12, 2017 Posted in General

Barbara Li, a partner in Norton Rose Fulbright’s Beijing office, recently spoke on an International Association of Privacy Professionals (IAPP) Recorded Web Conference discussing legal updates surrounding the cybersecurity law passed in November 2016 that imposes new cybersecurity data governance requirements on companies doing business in and with China. The law encompasses both “network operators,” defined essentially as … Continue reading

New York’s financial sector cybersecurity rules take effect

By Norton Rose Fulbright on March 10, 2017 Posted in Compliance and risk management, General, Regulatory response

On March 1, 2017, a comprehensive set of new cybersecurity rules adopted by the New York Department of Financial Services (DFS) took effect. The rules require banks, insurers and other entities regulated by DFS to implement a number of specific cybersecurity controls to protect not only personal information but any business information that would cause … Continue reading

China data privacy: New guidance to strengthen protection of personal data

By Barbara Li (CI), Anna Gamvros (HK) and Tom Wong on March 7, 2017 Posted in General

China’s guidance on privacy of personal data is set to change in the near future, following the publication of a draft guideline in late 2016. Though a date has not yet been set for the guideline to be finalised, companies should take the opportunity to assess whether they will need to make changes to their … Continue reading

EU Data Package Highlights Connections between Data Protection and the Digital Single Market

By Jay Modrall (BE) on January 16, 2017 Posted in Data breach, General, Regulatory response

On January 10, 2017, the EU Commission published a package of documents on the EU’s data economy strategy, including e-privacy, data protection and the “European Data Economy.” The Commission documents, published in the context of the Commission’s digital single market (“DSM”) initiative announced in May 2015, illustrate again the strong links between the EU’s digital … Continue reading

Recent Developments from Our Sister Blogs

By Norton Rose Fulbright on November 5, 2016 Posted in General

Data protection and privacy issues frequently intersect with other areas of the law. In addition to the Data Protection Report, Norton Rose Fulbright publishes other blogs covering important legal developments across the globe. These blogs sometimes touch on issues that may be of interest to our readers. As a service to our readers, we highlight … Continue reading

The Intersection of Trademark Law and Cybersecurity

By Norton Rose Fulbright on July 16, 2016 Posted in cybercrime, General

Earlier this week, our colleague Sue Ross wrote on the intersection of trademark law and cybersecurity on Norton Rose Fulbright’s Brand Protection Blog. The post explains that by protecting its brand, a company can help to improve cybersecurity. For example, by seeking to recover “squatted” domain names and complaining to social networks about trademark infringement, a company … Continue reading

EU Network & Information Security Directive Expected to Become Effective in August 2016

By Marcus Evans (UK) on May 17, 2016 Posted in General, Regulatory response

The EU Network & Information Security Directive (NISD) (also known as the “Cyber Security Directive”) got one step closer to adoption today when, on May 17, 2016, the EU Council confirmed at first reading the agreement reached with the European Parliament in December 2015. To be enacted, the text must be approved by the European … Continue reading

Big data: French and German authorities explore antitrust issues

By Jay Modrall (BE) on May 12, 2016 Posted in Compliance and risk management, Data breach, General

On May 10, 2016, the French and German antitrust authorities published a joint study on competition law and the collection and use of data, particularly so-called big data (the Big Data Study). Data protection as such is outside the scope of EU competition laws, but antitrust authorities have considered the significance of data on a … Continue reading

IAPP Profiles Norton Rose Fulbright Attorney

By Norton Rose Fulbright on May 6, 2016 Posted in General

The International Association of Privacy Professionals (IAPP) recently profiled our colleague Nerushka Deosaran, a technology and privacy lawyer at Norton Rose Fulbright’s Johannesburg office. Read more in the “volunteer spotlight” feature in the latest edition of The Privacy Advisor. Nerushka was also appointed co-chair of the IAPP’s Johannesburg KnowledgeNet in January 2016. The Johannesburg KnowledgeNet … Continue reading

Norton Rose Fulbright discusses recent opinion on Privacy Shield

By Norton Rose Fulbright on April 14, 2016 Posted in General

The Article 29 Working Party released an opinion yesterday stating that it would not endorse the EU-US Privacy Shield. Norton Rose Fulbright partners Boris Segalis and Marcus Evans spoke with Law360 to discuss how the opinion will affect private companies. Read the full article and discussion here. For more information on the effects of the Article 29 Working Party’s … Continue reading

European Union-United States Privacy Shield – A Comprehensive Overview: Webinar

By Kim Gold (US) on April 7, 2016 Posted in Compliance and risk management, General

Data privacy partners at Norton Rose Fulbright invite you to join them on Thursday, April 21 for a discussion on the EU-US Privacy Shield and the impact of the Article 29 Working Party’s formal opinion on the adequacy of the Privacy Shield. The WP29’s formal opinion is expected on April 12th or April 13th. The discussion will be … Continue reading