Sergiu Gatlan reports: US federal bank regulatory agencies have approved a new rule ordering banks to notify their primary federal regulators of significant computer-security incidents within 36 hours. Banks are only required to report major cyberattacks if they have or will likely impact their operations, the ability to deliver banking products and services, or the…
Category: Legislation
Data Breach Rule for Health Apps Leaves Developers in the Dark
Christopher Brown reports: Makers of health apps are scrambling to understand the extent of their legal liability after a divided Federal Trade Commission announced they’re now required to inform users about data and privacy breaches—and if they have used their customers’ health data without authorization. The commission approved 3-2 a policy statement that the makers of health…
China May Seek Cyber Check for HK Listings of Firms Holding Data
Bloomberg News reports: China may require a cybersecurity review for companies holding data that plan to go public in Hong Kong, if it’s decided that the listing will potentially have an impact on its national security. The draft rule, published by China’s cyberspace regulator on Sunday, didn’t specify how the regulators will define if a…
Congress Mulls Ban on Big Ransom Payouts Unless Victims Get Official Say-So
Lisa Vaas reports: A U.S. lawmaker has introduced a bill – the Ransomware and Financial Stability Act (H.R.5936) (PDF) – that would make it illegal for financial firms to pay ransoms over $100,000 without first getting the government’s permission. The legislation was introduced on Wednesday by the top Republican on the House Financial Services Committee, North Carolina…
European Parliament Adopts Draft Cybersecurity Directive
Hunton Andrews Kurth blog reports: On October 28, 2021, the European Parliament’s Committee on Industry, Research and Energy adopted a draft directive on cybersecurity (“NIS2 Directive”). The NIS2 Directive will broaden the scope of the existing NIS Directive to apply to “important sectors,” such as waste management, postal services, chemicals, food, medical device manufacturers, digital providers and…
Attorney General James Directs Unregistered Crypto Lending Platforms to Cease Operations In New York, Announces Additional Investigations
NEW YORK – New York Attorney General Letitia James today announced new efforts she is taking to protect New York investors, and the trading markets more generally, from exploitation by high-risk virtual currency schemes. Virtual or “crypto” currency lending platforms are essentially interest-bearing accounts that offer investors a rate of return on virtual currencies that…