Hunton Andrews Kurth writes: On January 16, 2023, the Directive on measures for a high common level of cybersecurity across the Union (the “NIS2 Directive”) and the Directive on the resilience of critical entities (“CER Directive”) entered into force. The NIS2 Directive repeals the current NIS Directive and creates a more extensive and harmonized set of rules on cybersecurity…
Category: Federal
FCC Proposes To Strengthen Data Breach Notification Rules for Telecom Operators
Marc S. Martin, Belinda Nixon, Samuel Klein, and Tyler Robbins of Perkins Coie write: In response to the increased frequency and severity of data breaches in the telecommunications industry, the Federal Communications Commission recently published a Notice of Proposed Rulemaking that seeks to strengthen and broaden its breach notification rules arising from the unauthorized disclosure of customer…
FCC Proposes to Modernize Data Breach Rules
Commission Will Seek Comment on Proposed Consumer and Law Enforcement Notification Requirements for CPNI Leaks — WASHINGTON, January 6, 2023—The Federal Communications Commission today launched a proceeding to strengthen the Commission’s rules for notifying customers and federal law enforcement of breaches of customer proprietary network information (CPNI). The Commission will look to better align its…
ANPD Updates Information Security Incident Notification Guidelines
Cristiane Manzueto, Rodrigo Leal, and Flavia Telles of Mayer Brown write: The Brazilian National Data Protection Authority (ANPD) has published new guidelines on information security incident notifications, which are required whenever an incident is likely to create risks or cause significant damages to data subjects. In summary, here are the new updates: A new form for…
ECB Fines Spain’s Abanca for Delay in Reporting Cyber Hack
Reuters reports: The European Central Bank said on Friday it had fined Spanish bank Abanca for its delay in reporting a cyber attack that forced it to suspend its main means of payment in 2019. “The bank’s omission hindered the ECB’s ability to properly assess Abanca’s prudential situation and to react in a timely manner…
Important Notice about FIPPA – Mandatory Breach Notification and Privacy Management Program Requirements Coming into Effect on February 1, 2023
Jeff Holowaychuk and Abigail Choi of Clark Wilson write: Starting from February 1, 2023, public bodies in BC will be required to comply with the mandatory privacy breach notification and privacy management program provisions of the Freedom of Information and Protection of Privacy Act. These new provisions were part of a package of FIPPA amendments introduced…