The Information Commissioner’s Office and eleven other data protection and privacy authorities from around the world have today published a joint statement calling for the protection of people’s personal data from unlawful data scraping taking place on social media sites. Data scraping is an automated way to pull large amounts of information from the web. Scraping from…
Category: Breach Laws
Cyberattacks And Compromise of Attorney Client Confidences
Scott Greenfield comments on a ruling previously noted on this site: In an underappreciated ruling, District of Columbia Judge Amit Mehta ruled that the multinational law firm Covington & Burling must comply with an SEC subpoena requiring the firm to give up the names of clients, publicly-traded corporations, in order for the SEC to investigate whether…
School Accreditation Organization Data Breach Exposed Sensitive Information on Students, Parents, and Teachers Online
Seen on WebsitePlanet: Cybersecurity Researcher, Jeremiah Fowler, discovered and reported to WebsitePlanet a non-password protected database that contained 680k records. Upon further investigation, it was identified that these records were related to educational institutions. Documents inside the database suggested that it belonged to the Southern Association of Independent Schools, Inc (SAIS). In my many years as…
Crooks pwned your servers? You’ve got four days to tell us, SEC tells public companies
Jessica Lyons Hardcastle reports: Public companies that suffer a computer crime likely to cause a “material” hit to an investor will soon face a four-day time limit to disclose the incident, according to rules approved today by the US Securities and Exchange Commission. The SEC proposed the changes last March, and on Wednesday the financial watchdog voted…
Leaking Someone’s Personal Data Will Cost You Up to $2 Million in Pakistan
ProPK reports: A fine which may extend to $2 million or an equivalent amount in Pakistani rupees would be levied on those who process or cause to be processed, disseminate, or disclose personal data in violation of any of the provisions of the “Personal Data Protection Bill, 2023”. The Ministry of Information, Technology and Telecommunication…
SEC to Consider Cyber Rules Next Week
Micaela McMurrough, Ashden Fein, David H. Engvall, Caleb Skeath, Kerry Burke, and Shayan Karbassi of Covington and Burling write: According to a recently-released meeting agenda, the Securities and Exchange Commission’s (“SEC”) upcoming July 26, 2023 meeting will include consideration of adopting rules to enhance disclosures regarding cybersecurity risk management, governance, and incidents by publicly traded companies….