After two rounds of public comments, the Data Security Law of the People’s Republic of China was formally issued on June 10, 2021, and will become effective on September 1, 2021. This blog entry provides highlights of the new law.
Continue Reading China Issues Data Security Law
Cybersecurity
CIPL Submits Comments on China’s Updated Draft Personal Information Protection Law
Posted on
The Centre for Information Policy Leadership at Hunton Andrews Kurth LLP has submitted its response to the Standing Committee of the National People’s Congress of the People’s Republic of China on the updated version of the Draft Personal Information Protection Law.…
Continue Reading CIPL Submits Comments on China’s Updated Draft Personal Information Protection Law
U.S. Department of Homeland Security Announces Pipeline Cybersecurity Directive
Posted on
On May 27, 2021, the U.S. Department of Homeland Security’s Transportation Security Administration announced a Security Directive that will impose new cybersecurity requirements on critical pipeline owners and operators.…
Continue Reading U.S. Department of Homeland Security Announces Pipeline Cybersecurity Directive
HHS Reaches Settlement with Clinical Laboratory for Alleged Violations of HIPAA Security Rule
Posted on
On May 25, 2021, the Office for Civil Rights of the U.S. Department of Health and Human Services announced that it had reached a settlement with a clinical laboratory for violations of the HIPAA Security Rule. As part of this settlement, the company agreed to pay OCR $25,000 and to implement a robust corrective action plan. …
Continue Reading HHS Reaches Settlement with Clinical Laboratory for Alleged Violations of HIPAA Security Rule
Ecuador Approves Data Protection Law
Posted on
The Ecuadorian National Assembly has unanimously approved the Organic Law on Data Protection, which President Moreno is expected to sign.…
Continue Reading Ecuador Approves Data Protection Law
New Executive Order Takes Aim at Improving Cybersecurity
Posted on
On May 12, 2021, President Biden signed an Executive Order on Improving the Nation’s Cybersecurity. The Order outlines a number of initiatives intended to improve cybersecurity in the U.S. and protect federal government networks.…
Continue Reading New Executive Order Takes Aim at Improving Cybersecurity
China Issues the Second Version of the Draft of Data Security Law for Public Comments
Posted on
On April 29, 2021, China issued a second draft version of the Data Security Law (“Draft DSL”). The Draft DSL will be open for public comments until May 28, 2021.
While the framework of this version of the Draft DSL is the same as the prior version issued on July 3, 2020, below we summarize the material changes in the second version of the Draft DSL.…
Continue Reading China Issues the Second Version of the Draft of Data Security Law for Public Comments
Court Authorizes FBI to Remove Web Shells from Compromised Microsoft Exchange Servers
Posted on
Posted in Cybersecurity, U.S. Federal Law
On April 13, 2021, the U.S. Department of Justice announced that the Federal Bureau of Investigation executed a court-authorized removal of malicious web shells from hundreds of vulnerable computers in the U.S. …
Continue Reading Court Authorizes FBI to Remove Web Shells from Compromised Microsoft Exchange Servers
White House to Nominate First National Cyber Director
Posted on
Posted in Cybersecurity, U.S. Federal Law
The Biden administration announced it intends to nominate Chris Inglis, a former Deputy Director of the National Security Agency, to be the first U.S. National Cyber Director, subject to Senate confirmation. The newly-established position, which will serve as the President’s principal cybersecurity policy and strategy advisor, and the Office of the National Cyber Director were created under the National Defense Authorization Act for Fiscal Year 2021, which became law on January 1, 2021.…
Continue Reading White House to Nominate First National Cyber Director
Ticketmaster Appeal of ICO Fine Stayed by UK Tribunal Until 2023
Posted on
On April 9, 2021, the First-Tier Tribunal of the General Regulatory Chamber stayed proceedings in Ticketmaster UK Limited’s (“Ticketmaster’s”) appeal against a fine issued by the UK Information Commissioner’s Office (“ICO”) until 28 days after a judgment in civil litigation brought by 795 customers against Ticketmaster. The group action, which relates to the breach for which Ticketmaster was fined by the ICO, is currently before the High Court in England. As a result of the stay in proceedings, the appeal likely will not be heard before the Tribunal until mid to late 2023.
…
Continue Reading Ticketmaster Appeal of ICO Fine Stayed by UK Tribunal Until 2023