On November 8, 2021, law enforcement agencies in both the United States and European Union announced that a series of actions, including a number of arrests, were taken against the Russia-linked ransomware group, “REvil.”
Continue Reading Russia-Linked REvil Hackers and Their Affiliates Hit with Arrests by the U.S. and International Allies

On October 6, 2021, Deputy Attorney General Lisa Monaco announced the launch of the new Civil Cyber-Fraud Initiative that will use the False Claims Act to pursue cybersecurity related fraud by government contractors and grant recipients.
Continue Reading DOJ Announces New Cyber-Fraud Initiative and Intent to Utilize False Claims Act to Spur Compliance

On September 28, 2020, the U.S. Department of Commerce, along with the U.S. Department of Justice and the Office of the Director of National Intelligence, released a White Paper entitled Information on U.S. Privacy Safeguards Relevant to SCCs and Other EU Legal Bases for EU-U.S. Data Transfers after Schrems II (the “White Paper”). The White Paper outlines privacy safeguards in and updates to the U.S. surveillance provisions flagged by the Court of Justice of the European Union (“CJEU”) in its Schrems II decision. It is intended to serve as a resource for companies transferring personal data from the EU to the U.S. in the wake of the CJEU’s decision overturning the EU-U.S. Privacy Shield. Particularly, it focuses on companies relying on Standard Contractual Clauses (“SCCs”) for data transfers, and provides information to help them determine whether the U.S. ensures adequate privacy protections for companies’ data.

Continue Reading U.S. Government Issues White Paper on Data Transfers after Schrems II Decision

The Centre for Information Policy Leadership at Hunton Andrews Kurth LLP recently published a white paper on Organizational Accountability’s Existence in U.S. Regulatory Compliance and its Relevance for a Federal Data Privacy Law.
Continue Reading Organizational Accountability in U.S. Law and Its Relevance to a Federal Data Privacy Law: A CIPL Study

The U.S. Department of Justice has unsealed an indictment accusing nine Iranian nationals of engaging in a “massive and brazen cyber assault” against at least 176 universities, 47 private companies and 7 government agencies and non-governmental organizations, including the Federal Energy Regulatory Commission.
Continue Reading DOJ Accuses Iranian Nationals of “Brazen Cyber Assault” on Universities and Government Agencies