Eric Carlson, Yan Luo, Min He and Zhijing Yu of Covington & Burling write: On December 2, 2020, China’s Ministry of Commerce (“MOFCOM”), State Cryptography Agency (“SCA”), and the General Administration of Customs (“Customs”) jointly issued three documents (here) related to import and export of commercial encryption items: List of Commercial Encryption Subject to Import…
Category: Legislation
U.S. Supreme Court to Weigh Anti-Hacking Law’s Limits on Access
Andrea Vittorio reports: The U.S. Supreme Court is set to hear oral argument Nov. 30 over the scope of an anti-hacking law in a case that has implications for cybersecurity research, and other situations where computer access is in question. The case, Van Buren v. United States, involves whether people who misuse their authorized access can be…
Bipartisan Internet of Things Security Bill Passes Congress
From EPIC.org: Both branches of Congress have now passed a bill governing the security of the Internet of Things. The “Internet of Things Cybersecurity Improvement Act of 2019” sets baseline cybersecurity standards for IoT devices purchased by the federal government. The bipartisan measure is sponsored by Rep. Will Hurd (R-Texas) and Rep. Robin Kelly (D-Ill.) in the House and…
Trudeau Privacy Law to Level Stiff Fines for Digital Breaches
Kait Bolongaro reports: Prime Minister Justin Trudeau’s government unveiled a remake of Canadian privacy laws to strengthen user rights in the digital world. Under legislation introduced Tuesday in Ottawa, companies that commit the most serious offenses would be hit with fines worth as much as 5% of revenue or C$25 million ($19 million), whichever is…
PH: NPC to allow data breach victims to apply for cease-and-desist orders
Jenina P. Ibañez reports: Victims of personal data breaches may request cease-and-desist orders from the National Privacy Commission (NPC) if the breach violates their privacy rights and causes “irreparable injury.” The NPC, in circular no. 20-02 signed on Oct. 6, said that it may issue such orders in the event of violations or threats to…
Pennsylvania bill requiring state agencies to notify individuals of breaches within seven day approved
Times Observer reports: The Senate Communications & Technology Committee approved a bill requiring timely public notification when a security breach compromises personal information, according to Senator Dan Laughlin, prime sponsor of the bill. Senate Bill 487 updates the Breach of Personal Information Notification Act to require state agencies victimized by a breach involving personally identifiable…