Topic: Regulatory response

Subscribe to Regulatory response RSS feed

Blocking illegal or fraudulent ‘robocalls’: FCC rulemaking, with FTC comments

Norton Rose Fulbright - Data Protection Report blogIllegal robocalls are a “scourge.”  So says FCC Chairman Ajit Pai, and most consumers likely agree.  Both the FCC and the FTC (each of which has jurisdiction over some aspects of telemarketing regulation) are actively pursuing ways to curb illegal and fraudulent robocalls.  The FCC issued a report and order in November 2017 authorizing telecommunications … Continue reading

February 15 deadline looms for first DFS Cybersecurity Certification

Data Protection Report - Norton Rose FulbrightFebruary 15, 2018, is quickly approaching and any entity subject to New York’s cybersecurity regulation (23 NYCRR Part 500) must file its first annual certification of compliance with the New York State Department of Financial Services (DFS) by that date. New York imposes cybersecurity requirements on all entities (covered entities) subject to the jurisdiction of … Continue reading

Data breach notification to become mandatory in Australia from 22 February 2018

Data Protection Report - Norton Rose FulbrightPrivacy compliance will become even more important for all companies in Australia now that the mandatory data breach notification scheme has been enacted. From 22 February 2018, certain data breaches (known as “eligible data breaches”) will need to be notified to the Australian Privacy Commissioner and affected individuals.  Previously, notification of data breaches was optional.… Continue reading

New California “sanctuary” law restricts access to workers and their records

Data Protection Report - Norton Rose FulbrightA new state law places California businesses on the front line in responding to federal immigration enforcement actions.  Effective January 1, 2018, AB 450 requires California employers to protect employees and their private information from warrantless “workplace raids” and I-9 form demands, and to warn employees who become targets of an immigration investigation.… Continue reading

South Dakota and Colorado strengthen data breach protections

Norton Rose Fulbright - Data Protection Report blogLast week, South Dakota moved closer to implementing a data breach notification law, while Colorado legislators introduced a new bill requiring “reasonable security procedures,” imposing data disposal rules and shortening the time frame in which to alert authorities regarding a breach.  South Dakota and Colorado are the latest states taking steps in cybersecurity lawmaking in … Continue reading

Data privacy in Turkey

Norton Rose Fulbright - Data Protection Report blogTurkey continues to further develop its data protection regime. Recent developments include publication of a regulation and a guideline focusing on deletion, destruction and anonymization of personal data. These new pieces of legislation provide guidance on the methods to be used to remove personal data, which was previously processed and is no longer needed. Data … Continue reading

UK data protection after Brexit – UK government Statement of Intent contains few surprises

Norton Rose Fulbright - Data Protection Report blogOn the 7th August 2017, the UK’s Government Department for Digital, Culture, Media and Sport issued a Statement of Intent (the Statement) outlining its planned reforms of the UK’s data protection laws which are to be implemented by the Data Protection Bill (the Bill). The Statement anticipates the UK’s departure from the EU and makes … Continue reading

US Senators introduce IoT cybersecurity bill

Data Protection Report - Norton Rose FulbrightOn August 1, 2017, US Senators unveiled a bipartisan bill to mandate baseline cybersecurity requirements for internet connected devices purchased by the federal government. Recent attacks demonstrate that connected devices, which make up the Internet of Things (“IoT”), can paralyze websites, networks, and even components of critical infrastructure. The draft bill, introduced by a bipartisan … Continue reading

US Coast Guard Releases Draft Cybersecurity Guidelines

Data Protection Report - Norton Rose FulbrightOn July 11, 2017, the US Coast Guard (USCG) and the Department of Homeland Security (DHS) proposed new cybersecurity draft guidelines for Maritime Transportation Security Act (MTSA) regulated facilities. The guidelines follow the White House’s May 2017 Executive Order to strengthen the cybersecurity of critical infrastructure. The draft guidelines are open for public comment until … Continue reading

Hong Kong Company Director Convicted Under Personal Data (Privacy) Ordinance

Data Protection Report - Norton Rose FulbrightA director of a Hong Kong company has been convicted of an offence under the Personal Data (Privacy) Ordinance (“PDPO”). This is the first conviction of its type under the PDPO since the law came into effect in 1996, confirming the potential for directors’ liability under the law.… Continue reading

China Seeks Comment on Draft Regulation on Critical Information Infrastructure

On 10 July 2017 the Cyberspace Administration of China (CAC) issued a draft Regulation on the Protection of Critical Information Infrastructure (CII Regulation) for public comment. The comment period ends on 10 August 2017. This long-anticipated regulation, formulated pursuant to Article 31 of the Cyber Security Law of China (Cyber Security Law), is a key … Continue reading

The Privacy Implications of Autonomous Vehicles

Norton Rose Fulbright - Data Protection Report blogThis is the first of a two-part series discussing the privacy and security issues associated with the widespread use of automated vehicle technology.  This first post focuses on potential privacy issues, while the second post – coming soon – will address security issues. Background As the development and testing of self-driving car technology has progressed, the … Continue reading

Singapore – Comprehensive Cyber Bill Published For Consultation

Data Protection Report - Norton Rose FulbrightOverview: On 10 July 2017, the Singapore Government unveiled its draft Cybersecurity Bill (the Bill) and announced a public consultation to seek views and comments from the industry and members of public. The public consultation runs from 10 July to 3 August 2017.This Bill comes on the back of various moves by the Singapore Government … Continue reading

Colorado Division of Securities Adopts Final Cybersecurity Rule

Norton Rose Fulbright - Data Protection Report blogBroker-dealers and investment advisers in Colorado will soon be required to comply with new rules designed to protect the electronic information they collect and maintain.  On May 19, 2017, the Colorado Division of Securities adopted final cybersecurity rules under the Colorado Securities Act.  In addition to requiring written procedures that are “reasonably designed to ensure … Continue reading

China Amends Draft Regulation on Cross-Border Data Transfer

Data Protection Report - Norton Rose FulbrightWe have just received a revised draft of the Measures on Security Assessment of Cross-border Data Transfer of Personal Information and Important Data (Measures).  Here we outline the changes made to the draft Measures first issued on 11 April 2017 for public comment (see our previous briefing and blog post here). The revised draft is … Continue reading

Hong Kong: SFC consults on proposed measures to improve cyber security for internet trading of securities in Hong Kong

A two-month consultation on proposed measures to reduce and mitigate cyber security risks associated with internet trading of securities in Hong Kong (the Consultation) was launched on 8 May 2017 by the Securities and Futures Commission (the SFC). The Consultation follows a recent review by the SFC of resilience of brokers in Hong Kong to … Continue reading

White House Issues Cybersecurity Order

Data Protection Report - Norton Rose FulbrightOn May 11th, 2017, the White House released an executive order on strengthening the cybersecurity of federal networks and critical infrastructure (the “Order”).  The Order marks the administration’s first successful effort to address cybersecurity, after an earlier draft executive order on cybersecurity was postponed in January. The Order is divided into three substantive sections covering … Continue reading

Cross-border data transfers: China issues new measures to strengthen data localisation

Norton Rose Fulbright - Data Protection Report blogThe Cyberspace Administration of China (CAC) issued draft measures for implementing the data localisation provisions under the Cybersecurity Law of China (Cybersecurity Law) and the National Security Law of China on 11 April 2017. The draft regulations are open for public comment until 11 May 2017.… Continue reading
LexBlog