Tag:US

1
UK Government Approves Adequacy of UK-US Data Bridge
2
No cyber insurance? Check your policy – you may be covered for more than you think
3
Proposed Regulations under the California Consumer Privacy Act: A Step in the Right Direction but Far from the Destination
4
Pushing for Change: Congress Pushes for Privacy Legislation ahead of CCPA
5
The FBI understands if you pay ransom to cyber hackers, but isn’t too pleased about it
6
A Different Immune System: TGA provides Insight into Cyber Security for Medical Devices
7
Eureka! California Just Adopted a Strong Consumer Privacy Law
8
U.S. data breaches reached record high in 2016: Report
9
Apple sends passionate message to customers following court order to hack iPhone
10
Report finds finance and HR departments the greatest cybersecurity threats to organisations

UK Government Approves Adequacy of UK-US Data Bridge

By Claude-Étienne Armingaud and Nóirín McFadden

The UK Government has laid adequacy regulations before Parliament that, once in force from 12 October 2023, will permit use of the UK – US “Data Bridge” as a safeguard for personal data transfers from the UK to the US under Article 44 UK GDPR.

Read More

No cyber insurance? Check your policy – you may be covered for more than you think

By Cameron Abbott, Rob Pulham and Max Evans

Over the past 2 years we’ve seen a steady rise in interest in cyber insurance policies to cover key online risks.

However, as the terms and coverage for cyber insurance offerings steadily standardise, it may not be worth throwing out your old policies just yet.

In his recent article available here our colleague Gregory Wright discusses several recent US cases where insurance holders were found to be covered under more general policies of insurance – even if they weren’t specifically directed towards cyber risks.

Proposed Regulations under the California Consumer Privacy Act: A Step in the Right Direction but Far from the Destination

By Cameron Abbott and Max Evans

We recently blogged about the intention of Californian lawmakers to enact stringent privacy regulations through the California Consumer Privacy Act (CCPA). In particular, we noted the useful guidance provided by our colleagues over at The Privacist on the impact of potential contingencies for organisations.

Read More

Pushing for Change: Congress Pushes for Privacy Legislation ahead of CCPA

By Cameron Abbott and Max Evans

With the California Consumer Privacy Act (CCPA) looming, Californian lawmakers have affirmed their intention to enact stringent privacy protections, with the legislature adjourning without making any major changes to the state’s landmark privacy laws.

Read More

The FBI understands if you pay ransom to cyber hackers, but isn’t too pleased about it

By Cameron Abbott and Karla Hodgson

While the FBI won’t be impressed if you pay ransomware demands in order to get your systems or data back after a cyber attack, its updated ransomware guidance contemplates that this might just be the outcome of an attack anyway.

Read More

A Different Immune System: TGA provides Insight into Cyber Security for Medical Devices

By Cameron Abbott, Michelle Aggromito and Max Evans

The Australian Therapeutic Goods Administration (TGA) has published its guidance framework dealing with medical device cyber security for manufacturers and sponsors of medical devices, as well as for consumers, health professionals and other users. This is driven by a number of challenges that regulators face to protect users against cyber security risks, including the alteration of device function, loss to privacy and the alteration of personal health data.

The crux of the framework is based on the TGA view that knowledge is power, in that patients using connected medical devices should be informed about the potential cyber security risks those devices have, and take proactive measures to protect their devices and networks.

Read More

Eureka! California Just Adopted a Strong Consumer Privacy Law

By Susan P Altman

While the rest of us were still recovering from the May 25 effective date of the EU’s General Data Protection Regulation (GDPR), California, the most populous and largest economy of any of the United States, confidently adopted a broad consumer privacy law. The California Consumer Privacy Act of 2018 (CCPA) was enacted June 28 and becomes operative on January 1, 2020. Unlike existing industry-specific U.S. privacy laws, the CCPA has a broad overall scope, more like the GDPR. It ensures California residents the right to know what information about them is being collected and sold or disclosed, to reject the sale of their personal information, to access the information, and to receive equal service and price, even if they exercise their privacy rights.

Read More

U.S. data breaches reached record high in 2016: Report

By Cameron Abbott 

According to a report highlighting findings from the Identity Theft Resource Center and CyberScout:

  • Data breaches in the U.S. reached an all-time high in 2016, with the number of breaches tracked reaching 1,093, a 40% increase from the year earlier
  • The financial services industry accounted for only 52 of the breaches, or 4.8%, making it the least hit of the five industries tracked. Business, healthcare, education and the government and military were hacked more than the financial services industry
  • For the eighth consecutive year, hacking, skimming and phishing were the main drivers of data breaches, representing 55.5% of all reported incidents. Many were due to CEO phishing in which sensitive data is exposed
  • While consumers and businesses are constantly warned to pay close attention to their email, breaches that used email and the internet as a way to hack people only accounted for 9.2% of all the hacks, while employee error was responsible for 8.7% of the hacks.

This isn’t the first data set to show that data breaches surged in 2016. According to Gemalto’s Breach Level Index, in the first six months of 2016, data breaches rose 15%, and the number of compromised data records jumped 31% compared to the previous six months. The findings also revealed that 64% of all data breaches involve identity and personal data theft.

Apple sends passionate message to customers following court order to hack iPhone

By Cameron Abbott and Meg Aitken

A US District Court has ordered Apple to assist US law enforcement agents to bypass the security features, disable the auto-erase function and ultimately access the data contained within an iPhone 5C that was used by one of the San Bernardino shooters, Syed Rizwan Farook.

Apple’s CEO Tim Cook responded to the order with an open letter to customers discussing the privacy and security implications of the order and calling for public discussion on the issue.

Read Apple’s Customer Letter here.

Access the Court Order here.

Report finds finance and HR departments the greatest cybersecurity threats to organisations

By Cameron Abbott and Melanie Long

According to recent research conducted on behalf of cybersecurity firm Clearswift, finance and HR departments represent the biggest cybersecurity threat to organisations. The study polled more than 4500 information technology decision makers, security professionals and employees in the US, UK, Germany and Australia and found that 46% of respondents believed that finance departments posed a security threat to their organisation. In addition, 42% of respondents believed the same of an organisation’s HR departments.

Read More

Copyright © 2024, K&L Gates LLP. All Rights Reserved.