Katitza Rodriguez of EFF writes: In the heart of New York City, a watershed moment for protecting users against unfettered government surveillance is unfolding at the sixth session of negotiations to formulate the UN Cybercrime Convention. Delegates from Member States have convened at UN Headquarters for talks this week and next that will shape the digital and…
Category: Legislation
SEC Cybersecurity Rule Leans on Materiality and Reasonableness
Rachel V. Rose, Ted Dziekanowski, and Andy Watkin-Child report: The US Securities and Exchange Commission released its final rule, effective Sept. 5, 2023, on cybersecurity risk management, strategy, governance, and incident disclosure. Investors, registrants, and other market participants should take special notice of two key terms in the regulations: “materiality” and the “reasonable investor.” The SEC…
Health Data and Investigations: Between a Rock and a Hard Place
Matt Fisher writes: Demands for medical records can stem from a variety of investigations, which can involve a myriad of sources. The most recent example driving headlines is an investigation involving Vanderbilt University Medical Center (“VUMC”). VUMC disclosed records concerning treatment of transgender patients to the Tennessee Attorney General. According to the Attorney General, an investigation of…
Compliance: National Credit Union Administration issues letter on cyber incident reporting notification requirements
CUNA reports: NCUA issued a Letter to Credit Unions (23-CU-07) on the cyber incident notification requirements that go into effect Sept. 1. Credit unions will be required to notify the NCUA no later than 72 hours after the credit union reasonably believes it has experienced a reportable cyber incident or has received a notification from…
Three managers picked up; 2 others invited for breaching Ghana data protection law
GNA reports: Three managers were arrested on Monday by the Data Protection Commission (DPC) and the Criminal Investigations Department (CID) of the Ghana Police Service for breaching the Data Protection Act, 2012 (Act 843). The three institutions are Hisense, an electronic goods dealership, Marwako Fast Foods and Agyabeng Akrasi and Co Limited, a law firm….
Governor Hochul Announces Nation-Leading Cybersecurity Strategy
Backed by $600 Million Commitment to Bolster Cybersecurity for All New Yorkers Representatives from the White House, Critical Infrastructure, and the Private Sector Joined Governor Hochul for Announcement Advances Governor’s State of the State Priority to Improve New York’s Cybersecurity Posture August 9 – Governor Kathy Hochul today announced New York’s first-ever statewide cybersecurity strategy aimed…