Kim Peretti, Lance Taubin, and Emily Poole of Alston & Bird write: On June 10, 2021, almost exactly three years after the passing of its Cybersecurity Law (CSL), the National People’s Congress of China passed a new Data Security Law (DSL) (click here for an unofficial English translation of the DSL), which goes into effect September 1, 2021. Where…
Category: Legislation
New Australian bill would force companies to disclose ransomware payments
Catalin Cimpanu reports: Australian lawmakers have filed on Monday a new bill that would mandate that local companies inform the Australian Cyber Security Centre (ACSC) of their intention to pay a ransomware gang. The Ransomware Payments Bill 2021 was put forward today by Tim Watts, Australia’s Shadow Assistant Minister for Cyber Security, and comes after Australian companies…
State Legislatures Consider Bans on Ransomware Payments
Emily Poole of Alston & Bird writes: As ransomware attacks continue to dominate the news cycle, legislation has recently been introduced in several states that would place limits on certain entities’ ability to pay a ransom payment in the event of a ransomware attack. Although the proposed limits would generally apply to state agencies and…
Do We Even Need the Computer Fraud & Abuse Act (CFAA)?–Van Buren v. US
Eric Goldman writes: Last week, the Supreme Court decided Van Buren v. US. Many hoped the decision would clarify how owners can delimit third-party usage of their computer resources for purposes of the Computer Fraud & Abuse Act (CFAA). Disappointingly, the court explicitly punted on that key question, though the decision probably will prompt lower…
China Passes Law to Strengthen Control Over Tech Firms’ Data
Bloomberg reports: China’s top legislative body has passed a data security law, strengthening Beijing’s control over digital information amid a crackdown on local technology giants and market access disputes with the U.S. The legislation was approved Thursday by the National People’s Congress Standing Committee, state broadcaster China Central Television said. The full text of the…
Connecticut on its Way to an Enhanced Data Breach Notification Law
Joseph J. Lazzarotti, Jason C. Gavejian, and Maya Atrakchi of Jackson Lewis write: State legislatures across the nation are prioritizing privacy and security matters, and Connecticut is no exception. This week, Connecticut Attorney General William Tong announced the passage of An Act Concerning Data Privacy Breaches, a measure that will enhance and strengthen Connecticut’s data breach notification…