Tony Ware reports: The U.S. Computer Emergency Readiness Team (US-CERT) is implementing new reporting requirements beginning April 1, 2017, and just released new guidelines to help federal departments and agencies; state, local, tribal, and territorial government entities; information sharing and analysis organizations; and foreign, commercial and private-sector organizations submit incident notifications. An “incident” is defined…
Category: Federal
Department Releases Intake and Charging Policy for Computer Crime Matters
As computers play an ever-greater role in our lives and cybercrime becomes both more commonplace and more devastating, the need for robust criminal enforcement of effective computer crime laws will only become more important. As we’ve said in public remarks last year, we urgently need targeted updates to the Computer Fraud and Abuse Act that will help the department…
Three times a charm? Twice dead data breach notification laws re-enter Australia’s Parliament
Chris Duckett reports: It’s a scenario that feels like it could use a Ron Howard voiceover as Australia is making a third attempt at passing data breach notification laws, following previous attempts being stranded in the Senate by both Labor and Coalition governments. […] The laws being introduced this time around are similar to those drafted…
NAIC Task Force Releases Revised Draft Insurance Data Security Model Law
John S. Pruitt, Mary Jane Wilson-Bilik and John Allen Zumpetta of Sutherland Asbill & Brennan LLP write: On August 17, the National Association of Insurance Commissioners (the NAIC) Cybersecurity (EX) Task Force (the Task Force) released for comment a revised draft Insurance Data Security Model Law (the Model Law). This Model Law purports to “establish exclusive standards…
AU: Computer hacking victims entitled to damages from businesses over data leaks
Natasha Bita reports: Companies that lose or leak customers’ personal data will be forced to apologise or pay compensation for psychological harm under new laws blasted by business groups. The federal government plans to introduce new privacy legislation this year, requiring banks, phone and internet providers, retailers and government departments to tell customers when data has…
Potential Risks and Rewards of Cybersecurity Information Sharing Under CISA
Peter Carey and Keith M. Gerver of Cadwalader, Wickersham & Taft LLP, write: When President Obama signed into law the Cybersecurity Act of 2015, which was designed to facilitate information sharing on cybersecurity threats between the public and private sectors, proponents hailed it as “our best chance yet to help address this economic and national security priority in a…