Kristin L. Bryan and Jeffrey L. Turner of Squire Patton Boggs write: Last week, the House Energy and Commerce Committee advanced H.R. 4551, the “Reporting Attacks from Nations Selected for Oversight and Monitoring Web Attacks and Ransomware from Enemies Act” (“RANSOMWARE Act”). H.R. 4551 was introduced by Consumer Protection and Commerce Ranking Member Gus Bilirakis…
Category: Legislation
Florida Follows North Carolina in Prohibiting State Agencies from Paying Ransoms
Elise Elam and Benjamin Wanger of BakerHostetler write: We recently wrote about North Carolina’s new law prohibiting state agencies – including public schools and universities – from paying a ransom or even communicating with a threat actor following a ransomware incident. On June 24, Florida followed suit when its governor signed HB 7055 into law, amending portions…
Joint Statement by the United States and the United Kingdom on Data Access Agreement
The United States and United Kingdom intend to bring into force the Agreement between the Government of the United States of America and the Government of the United Kingdom of Great Britain and Northern Ireland on Access to Electronic Data for the Purpose of Countering Serious Crime (“Data Access Agreement”), which was signed in 2019,…
Russian Ministry for Digital Development proposes turnover fines for data breaches
RAPSI News reports: The Ministry for Digital Development, Communications and Mass Media of the Russian Federation is preparing a bill on turnover-based fines for the personal data breach. This additional responsibility is to put business up to invest in the development of the information safety infrastructure and the personal data protection, a statement released on…
Au: Infrastructure companies must report cyberattacks within 12 hours
Tom Burton reports: Critical infrastructure operators must now report significant cyber breaches to the federal government within 12 hours of an attack, following the expiry of a three-month grace period that enabled nearly 2500 of them to prepare for the new rules. Owners of electricity, gas, ports and water, and sewerage assets are also required…
Dangerous Ruling Says If Someone Goes Onto Your Openly Shared Google Drive, You Can Sue Them For Unauthorized Access
Mike Masnick writes: If you accidentally leave your Google Drive accessible to anyone with the URL, and someone goes there and deletes stuff, is that “unauthorized access” and a violation of the CFAA? To me, the answer should be absolutely not. But in this recent ruling the judge went the other direction (first noted by Evan Brown). So,…