Follow

Privacy & Security Law Blog Blog

Articles: 1-10 of 341

New York Department of Financial Services Proposes Significant Amendments to its Cybersecurity Regulation

USA - November 18 2022 The New York Department of Financial Services (NYDFS) has proposed significant amendments (Proposed Amendments) to its Cybersecurity Requirements for…

FTC Extends Deadline to Comply with GLBA Safeguards Rule Until June 9, 2023

USA - November 16 2022 On November 15, 2022, the Federal Trade Commission (FTC) announced a six-month extension of the deadline to comply with most provisions of its new…

New York Department of Financial Services' EyeMed Settlement Emphasizes Risk Assessments, Email Controls

USA - November 10 2022 The New York Department of Financial Services (NYDFS) continues to be a major player in data security enforcement. On Oct. 18, 2022, NYDFS announced…

NY Attorney General Settlement Highlights Challenges of Username and Password Breaches

USA - November 3 2022 October was a busy month in New York for cybersecurity enforcement. In addition to a $4.5 million settlement between the New York Department of…

UPDATE: California Overhauls State Voice Surcharge System Effective April 1, 2023

USA - October 31 2022 *October 28, 2022 Update: On October 20, 2022, the CPUC unanimously approved a revised proposed decision. The final decision contains two important…

New Executive Order Paves Way for Streamlined International Data Transfers

European Union, USA - October 24 2022 In March 2022, the US and EU announced they had agreed in principle to a new Trans-Atlantic Data Privacy Framework (Framework) intended to simplify…

Guiding Federal Agency Data to the Cloud

USA - October 19 2022 The Cybersecurity Infrastructure and Security Agency (CISA), an operational component of the U.S. Department of Homeland Security, released Version 2…

A First Look at the Colorado Privacy Act Proposed Rules

USA - October 10 2022 The Colorado Attorney General's Office has published its much-anticipated proposed rules (Proposed Rules) implementing the Colorado Privacy Act (CPA)…

Carrot or Stick? FERC Grapples With How to Incentivize Electric Utility Cybersecurity Investments

USA - September 29 2022 The U.S. electric grid is a prime target for cyberattacks, including by both nation-state actors and organized crime. Electric utilities have been…

CISA Issues RFI For Cyber Reporting Rules and Announces Public Listening Sessions

USA - September 28 2022 The federal Cybersecurity & Infrastructure Agency (CISA) has issued a Request for Information (RFI) seeking public input on its development of cyber…