John S. Pruitt, Mary Jane Wilson-Bilik and John Allen Zumpetta of Sutherland Asbill & Brennan LLP write: On August 17, the National Association of Insurance Commissioners (the NAIC) Cybersecurity (EX) Task Force (the Task Force) released for comment a revised draft Insurance Data Security Model Law (the Model Law). This Model Law purports to “establish exclusive standards…
Category: Federal
AU: Computer hacking victims entitled to damages from businesses over data leaks
Natasha Bita reports: Companies that lose or leak customers’ personal data will be forced to apologise or pay compensation for psychological harm under new laws blasted by business groups. The federal government plans to introduce new privacy legislation this year, requiring banks, phone and internet providers, retailers and government departments to tell customers when data has…
Potential Risks and Rewards of Cybersecurity Information Sharing Under CISA
Peter Carey and Keith M. Gerver of Cadwalader, Wickersham & Taft LLP, write: When President Obama signed into law the Cybersecurity Act of 2015, which was designed to facilitate information sharing on cybersecurity threats between the public and private sectors, proponents hailed it as “our best chance yet to help address this economic and national security priority in a…
9th Circuit: It’s a federal crime to visit a website after being told not to visit it
Orin Kerr writes: The U.S. Court of Appeals for the 9th Circuit has handed down a very important decision on the Computer Fraud and Abuse Act, Facebook v. Vachani, which I flagged just last week. For those of us worried about broad readings of the Computer Fraud and Abuse Act, the decision is quite troubling. Its reasoning appears…
European Parliament Adopts Directive on Security of Network and Information Systems
Hunton & Williams writes: On July 6, 2016, the European Parliament adopted the Directive on Security of Network and Information Systems (the “NIS Directive”), which will come into force in August 2016. EU Member States will have 21 months to transpose the NIS Directive into their national laws. The NIS Directive is part of the…
Password-sharing case divides Ninth Circuit in Nosal II
Orin Kerr writes: The Ninth Circuit has handed down United States v. Nosal (“Nosal II“), a case on the scope of the Computer Fraud and Abuse Act that I blogged about here and here. The court held 2-1 that former employees of a company who had their company accounts revoked violated the CFAA when they subsequently…