Jonathan P. Garvin of Mintz writes: The Federal Communications Commission (“FCC”) announced Thursday that in furtherance of the work of the agency’s Privacy and Data Protection Task Force, the FCC’s Enforcement Bureau signed Memoranda of Understanding (“MOU”) with the Attorneys General of Connecticut, Illinois, New York, and Pennsylvania to share expertise and resources and to coordinate efforts conducting…
Category: Legislation
FBI explains how companies can delay SEC cyber incident disclosures
Jonathan Greig and Martin Matishak report: The FBI has published guidance on how companies can request a delay in disclosing cyber incidents to the Securities and Exchange Commission (SEC). The document is a followup to new rules that the SEC approved in June requiring companies to quickly disclose “material” cybersecurity incidents and share the details of their…
The EU’s Cyber Resilience Act Has Now Been Agreed
Mark Young and Aleksander Aleksiev of Covington and Burling write: Yesterday, the European Commission, Council and Parliament announced that they had reached an agreement on the text of the Cyber Resilience Act (“CRA”). As a result, the CRA now looks set to finish its journey through the EU legislative process early next year. As we explained in our…
DFS Announces $1 Million Cybersecurity Settlement With First American Title Insurance Company
Press Release of November 28: The New York State Department of Financial Services (DFS) today announced that First American Title Insurance Company (First American) will pay a $1 million penalty to New York State for violations of DFS’s Cybersecurity Regulation (23 NYCRR Part 500) stemming from a large-scale cybersecurity breach in May 2019. The breach…
Queensland passes mandatory data breach notice laws
Justin Hendry reports: Queensland has become only the second state to legislate a mandatory data breach notification scheme for public sector entities, as an almost identical scheme comes into effect in New South Wales. The Information Privacy and Other Legislation Amendment Bill 2023 passed through the Queensland state Parliament on Wednesday, less than two months…
China Cybersecurity and Data Protection Regulations – 2023 Recap and 2024 Outlook
Arendse Huld writes: China has been expanding its legal framework for cybersecurity and data protection in recent years, with further advancements seen in 2023. This year witnessed the refinement of legal requirements governing the procedures to export personal information (PI), bringing further clarity to the responsibilities and accountabilities of companies. At the same time, 2023…