From the where-have-I-heard-this-all-before dept.: The Information Commissioner’s Office (ICO) said it welcomed proposals outlined by the national governments that make up the EU which would restrict the cases where organisations would be required to notify data protection authorities and consumers of data breaches under the General Data Protection Regulation that EU law makers are currently…
Category: Federal
Data breach notification requirements in the Dubai International Financial Centre
Nick O’Connell of Al Tamimi & Company lays out the data breach notification requirements for entities doing business in Dubai. Although databreach notification to consumers is not required, it may be appropriate and could influence any penalties the entity might face for the breach. Read more about the expectations and requirements on Lexology.
South Korea: KCC introduces ‘strong incentive’ for breach reporting
Oh, this is an intriguing approach. Alice Marini reports: The Korean Communications Commission (KCC) announced, on 21 August 2015, the implementation of a new penalty scheme, which allows companies, that have voluntarily reported a data breach to the KCC, to receive a reduction on the total administrative fine prescribed of up to the 30% (‘the…
China Issues Draft Network Security Law
Ashwin Kaja and Yan Luo write: Close on the heels of a sweeping new National Security Law, the Standing Committee of the National People’s Congress released last month for public comment a very significant draft Network Security Law (“Draft Law”), also referred to as the draft Cybersecurity Law. Read more on Covington & Burling InsidePrivacy See also their e-alert on the…
Trade groups send letter with data security priorities to Senate
Seen on NACS: Last Friday, NACS and a group including eight other trade associations sent a letter to every U.S. Senator articulating the priorities of the associations in the context of data breach or data security legislation. The Senate has indicated that it might consider cybersecurity information-sharing legislation on the floor this coming week and if so,…
New German cyber security law to protect critical infrastructure
Neil Ford explains: Germany has passed a new IT security law requiring critical infrastructure institutions to implement minimum information security practices or face fines of up to €100.000. The new law, which was drafted last August, was passed by the Bundestag last month and has now been passed by Germany’s upper house, the Bundesrat. It gives…