Catalin Cimpanu reports: Australian lawmakers have filed on Monday a new bill that would mandate that local companies inform the Australian Cyber Security Centre (ACSC) of their intention to pay a ransomware gang. The Ransomware Payments Bill 2021 was put forward today by Tim Watts, Australia’s Shadow Assistant Minister for Cyber Security, and comes after Australian companies…
Category: Legislation
State Legislatures Consider Bans on Ransomware Payments
Emily Poole of Alston & Bird writes: As ransomware attacks continue to dominate the news cycle, legislation has recently been introduced in several states that would place limits on certain entities’ ability to pay a ransom payment in the event of a ransomware attack. Although the proposed limits would generally apply to state agencies and…
Do We Even Need the Computer Fraud & Abuse Act (CFAA)?–Van Buren v. US
Eric Goldman writes: Last week, the Supreme Court decided Van Buren v. US. Many hoped the decision would clarify how owners can delimit third-party usage of their computer resources for purposes of the Computer Fraud & Abuse Act (CFAA). Disappointingly, the court explicitly punted on that key question, though the decision probably will prompt lower…
China Passes Law to Strengthen Control Over Tech Firms’ Data
Bloomberg reports: China’s top legislative body has passed a data security law, strengthening Beijing’s control over digital information amid a crackdown on local technology giants and market access disputes with the U.S. The legislation was approved Thursday by the National People’s Congress Standing Committee, state broadcaster China Central Television said. The full text of the…
Connecticut on its Way to an Enhanced Data Breach Notification Law
Joseph J. Lazzarotti, Jason C. Gavejian, and Maya Atrakchi of Jackson Lewis write: State legislatures across the nation are prioritizing privacy and security matters, and Connecticut is no exception. This week, Connecticut Attorney General William Tong announced the passage of An Act Concerning Data Privacy Breaches, a measure that will enhance and strengthen Connecticut’s data breach notification…
South Africa lays down the law on cybercrime
Karen Allen writes: A new law brings South Africa up to international standards for fighting cybercrime. […] Together with the Protection of Personal Information (POPI) Act 2020, which will be in full effect after 30 June 2021, the new cyber law is a key part of South Africa’s armoury in the fight against cybercrime. […] In summary, cybercrime…