By Claude-Étienne Armingaud and Nóirín McFadden
The UK Government has laid adequacy regulations before Parliament that, once in force from 12 October 2023, will permit use of the UK – US “Data Bridge” as a safeguard for personal data transfers from the UK to the US under Article 44 UK GDPR.
Read MoreBy Cameron Abbott, Rob Pulham and Max Evans
Over the past 2 years we’ve seen a steady rise in interest in cyber insurance policies to cover key online risks.
However, as the terms and coverage for cyber insurance offerings steadily standardise, it may not be worth throwing out your old policies just yet.
In his recent article available here our colleague Gregory Wright discusses several recent US cases where insurance holders were found to be covered under more general policies of insurance – even if they weren’t specifically directed towards cyber risks.
By Cameron Abbott and Max Evans
We recently blogged about the intention of Californian lawmakers to enact stringent privacy regulations through the California Consumer Privacy Act (CCPA). In particular, we noted the useful guidance provided by our colleagues over at The Privacist on the impact of potential contingencies for organisations.
Read MoreBy Cameron Abbott and Max Evans
With the California Consumer Privacy Act (CCPA) looming, Californian lawmakers have affirmed their intention to enact stringent privacy protections, with the legislature adjourning without making any major changes to the state’s landmark privacy laws.
Read MoreBy Cameron Abbott and Karla Hodgson
While the FBI won’t be impressed if you pay ransomware demands in order to get your systems or data back after a cyber attack, its updated ransomware guidance contemplates that this might just be the outcome of an attack anyway.
Read MoreBy Cameron Abbott, Michelle Aggromito and Max Evans
The Australian Therapeutic Goods Administration (TGA) has published its guidance framework dealing with medical device cyber security for manufacturers and sponsors of medical devices, as well as for consumers, health professionals and other users. This is driven by a number of challenges that regulators face to protect users against cyber security risks, including the alteration of device function, loss to privacy and the alteration of personal health data.
The crux of the framework is based on the TGA view that knowledge is power, in that patients using connected medical devices should be informed about the potential cyber security risks those devices have, and take proactive measures to protect their devices and networks.
Read MoreWhile the rest of us were still recovering from the May 25 effective date of the EU’s General Data Protection Regulation (GDPR), California, the most populous and largest economy of any of the United States, confidently adopted a broad consumer privacy law. The California Consumer Privacy Act of 2018 (CCPA) was enacted June 28 and becomes operative on January 1, 2020. Unlike existing industry-specific U.S. privacy laws, the CCPA has a broad overall scope, more like the GDPR. It ensures California residents the right to know what information about them is being collected and sold or disclosed, to reject the sale of their personal information, to access the information, and to receive equal service and price, even if they exercise their privacy rights.
According to a report highlighting findings from the Identity Theft Resource Center and CyberScout:
This isn’t the first data set to show that data breaches surged in 2016. According to Gemalto’s Breach Level Index, in the first six months of 2016, data breaches rose 15%, and the number of compromised data records jumped 31% compared to the previous six months. The findings also revealed that 64% of all data breaches involve identity and personal data theft.
By Cameron Abbott and Meg Aitken
A US District Court has ordered Apple to assist US law enforcement agents to bypass the security features, disable the auto-erase function and ultimately access the data contained within an iPhone 5C that was used by one of the San Bernardino shooters, Syed Rizwan Farook.
Apple’s CEO Tim Cook responded to the order with an open letter to customers discussing the privacy and security implications of the order and calling for public discussion on the issue.
Read Apple’s Customer Letter here.
Access the Court Order here.
By Cameron Abbott and Melanie Long
According to recent research conducted on behalf of cybersecurity firm Clearswift, finance and HR departments represent the biggest cybersecurity threat to organisations. The study polled more than 4500 information technology decision makers, security professionals and employees in the US, UK, Germany and Australia and found that 46% of respondents believed that finance departments posed a security threat to their organisation. In addition, 42% of respondents believed the same of an organisation’s HR departments.
Copyright © 2024, K&L Gates LLP. All Rights Reserved.