On July 31, after reading a news story about a breach involving a school district, I emailed the FTC to ask for clarification on FACTA: I have searched and searched but cannot find a definitive answer to the following: Are k-12 public school districts covered by FACTA? Assume for purposes of my question that there…
Category: Federal
Article: The Good Hacker: A Look at the Role of Hacktivism in Democracy
Ben Monarch, a University of Kentucky College of Law student, has an article that he has uploaded to SSRN that calls for amendments to the Computer Fraud and Abuse Act (CFAA) to recognize hacktivism as a defense. Monarch argues that the U.S. “application of the CFAA and (attempted) simultaneous adherence to Article 19 of the International Covenant on…
ICO raises concerns about data breach notification overload
From the where-have-I-heard-this-all-before dept.: The Information Commissioner’s Office (ICO) said it welcomed proposals outlined by the national governments that make up the EU which would restrict the cases where organisations would be required to notify data protection authorities and consumers of data breaches under the General Data Protection Regulation that EU law makers are currently…
Data breach notification requirements in the Dubai International Financial Centre
Nick O’Connell of Al Tamimi & Company lays out the data breach notification requirements for entities doing business in Dubai. Although databreach notification to consumers is not required, it may be appropriate and could influence any penalties the entity might face for the breach. Read more about the expectations and requirements on Lexology.
South Korea: KCC introduces ‘strong incentive’ for breach reporting
Oh, this is an intriguing approach. Alice Marini reports: The Korean Communications Commission (KCC) announced, on 21 August 2015, the implementation of a new penalty scheme, which allows companies, that have voluntarily reported a data breach to the KCC, to receive a reduction on the total administrative fine prescribed of up to the 30% (‘the…
China Issues Draft Network Security Law
Ashwin Kaja and Yan Luo write: Close on the heels of a sweeping new National Security Law, the Standing Committee of the National People’s Congress released last month for public comment a very significant draft Network Security Law (“Draft Law”), also referred to as the draft Cybersecurity Law. Read more on Covington & Burling InsidePrivacy See also their e-alert on the…