On October 25, 2022, the U.S. Department of Justice announced that Google had entered into an agreement to resolve a dispute over the loss of data responsive to a search warrant issued in 2016.
Continue Reading Google Enters into Agreement with DOJ over 2016 Search Warrant Data Loss
Criminal Law
U.S. Department of Justice Announces U.S. – UK CLOUD Act Agreement
Posted on
On October 3, 2022, the U.S. Department of Justice announced that the agreement between the U.S. Government and the UK Government on Access to Electronic Data for the Purpose of Countering Serious Crime entered force, effect the same day. …
Continue Reading U.S. Department of Justice Announces U.S. – UK CLOUD Act Agreement
Former Uber Security Chief Found Guilty in Criminal Trial for Failure to Disclose Breach to FTC
Posted on
Posted in Information Security, Security Breach
On October 5, 2022, former Uber security chief Joe Sullivan was found guilty by a jury in U.S. federal court for his alleged failure to disclose a breach of Uber customer and driver data to the FTC in the midst of an ongoing FTC investigation. This case is significant because it represents the first time a company executive has faced criminal prosecution related to the handling of a data breach.
Continue Reading Former Uber Security Chief Found Guilty in Criminal Trial for Failure to Disclose Breach to FTC
DOJ Accuses Iranian Nationals of “Brazen Cyber Assault” on Universities and Government Agencies
Posted on
Posted in Cybersecurity, U.S. Federal Law
The U.S. Department of Justice has unsealed an indictment accusing nine Iranian nationals of engaging in a “massive and brazen cyber assault” against at least 176 universities, 47 private companies and 7 government agencies and non-governmental organizations, including the Federal Energy Regulatory Commission. …
Continue Reading DOJ Accuses Iranian Nationals of “Brazen Cyber Assault” on Universities and Government Agencies
Insider Trading Charges Brought Against CIO for Post-Breach Trading
Posted on
On March 14, 2018, the Department of Justice and the SEC announced insider trading charges against a CIO of a business unit of Equifax, Inc.
Continue Reading Insider Trading Charges Brought Against CIO for Post-Breach Trading
EU and U.S. Sign Umbrella Agreement
Posted on
On June 2, 2016, the European Union and the U.S. signed an Umbrella Agreement, which, if approved, will implement a comprehensive data protection framework for criminal law enforcement cooperation. The European Council will adopt a decision on the Umbrella Agreement after obtaining consent from the European Parliament.
Continue Reading EU and U.S. Sign Umbrella Agreement
Foreign Couple Found Guilty of Illegal Collection of Personal Information in Shanghai
Posted on
On August 8, 2014, a foreign couple was found guilty of the illegal collection of personal information by a court in Shanghai.
Continue Reading Foreign Couple Found Guilty of Illegal Collection of Personal Information in Shanghai
Chinese Postal Bureau Issues Personal Information Protection Rules
Posted on
Posted in Information Security, International
In March 2014, the State Postal Bureau of the People’s Republic of China formally issued three rules establishing significant requirements regarding the protection of personal information. This blog post highlights some of the key elements of the new rules, which are now in effect.
Continue Reading Chinese Postal Bureau Issues Personal Information Protection Rules
State Post Bureau of China Releases Draft Normative Rules Involving Personal Information Protection for Public Comment
Posted on
On November 27, 2013, the State Postal Bureau of the People’s Republic of China released five draft normative rules for solicitation of public comment. This blog entry highlights three of these rules relating to the protection of personal information. The deadline for submitting comments on the rules is December 27, 2013.
Continue Reading State Post Bureau of China Releases Draft Normative Rules Involving Personal Information Protection for Public Comment
Malaysian Data Protection Law Takes Effect
Posted on
After years of postponements, Malaysia’s Personal Data Protection Act 2010 became effective on November 15, 2013.
Continue Reading Malaysian Data Protection Law Takes Effect