Charles S. Morgan, Daniel G.C. Glover, and Eugen Miscoi of McCarthy Tétrault LLP write: Since September 22, 2022, organizations doing business in Québec have to report any confidentiality incidents (i.e., privacy breaches) that cause a risk of serious injury, due to the partial entry into force of An Act to modernize legislative provisions as regards the…
Category: Legislation
FCC Proposes to Modernize Data Breach Rules
Commission Will Seek Comment on Proposed Consumer and Law Enforcement Notification Requirements for CPNI Leaks — WASHINGTON, January 6, 2023—The Federal Communications Commission today launched a proceeding to strengthen the Commission’s rules for notifying customers and federal law enforcement of breaches of customer proprietary network information (CPNI). The Commission will look to better align its…
2023 New Year’s Resolution: Don’t Get “Whacked” By A State AG for Cybersecurity Compliance
Joe Lazzarotti of Jackson Lewis writes: It usually happens after a reported data breach. The organization experiencing the breach sends notifications to affected individuals, as well as federal and or state agencies where appropriate and perhaps other parties. Not long thereafter, the organization receives an inquiry from one or more government agencies. These inquiries typically…
Nevada Gaming Commission Adopts Cybersecurity Regulations
Joseph Lazzarotti of JacksonLewis writes: On December 22, 2022, the Nevada Gaming Commission (NGC) adopted regulations creating new cybersecurity requirements for certain gaming operators. This action joins agencies in other jurisdictions moving quickly to protect consumers and their personal information in the gaming industry. The NGC adopted the October 17, 2022 version of the regulations, which become effective January…
ECB Fines Spain’s Abanca for Delay in Reporting Cyber Hack
Reuters reports: The European Central Bank said on Friday it had fined Spanish bank Abanca for its delay in reporting a cyber attack that forced it to suspend its main means of payment in 2019. “The bank’s omission hindered the ECB’s ability to properly assess Abanca’s prudential situation and to react in a timely manner…
Important Notice about FIPPA – Mandatory Breach Notification and Privacy Management Program Requirements Coming into Effect on February 1, 2023
Jeff Holowaychuk and Abigail Choi of Clark Wilson write: Starting from February 1, 2023, public bodies in BC will be required to comply with the mandatory privacy breach notification and privacy management program provisions of the Freedom of Information and Protection of Privacy Act. These new provisions were part of a package of FIPPA amendments introduced…