Andreas Kaltsounis and Shea M. Leitch of BakerHostetler write: Three states recently enacted variations of the National Association of Insurance Commissioner’s (NAIC) Insurance Data Security Model Law (MDL-668), based on the landmark cybersecurity requirements issued by the New York Department of Financial Services (NYDFS) in March 2017. The NYDFS requirements apply to certain banking, insurance…
Category: Legislation
United States: National Futures Association Adopts Notification Requirement For Certain Cybersecurity Incidents
Jeffrey P. Taft and Matthew Bisanz of Mayer Brown write: On January 7, 2019, the National Futures Association (“NFA”) announced that it had adopted amendments to its information security requirements that include a cybersecurity incident notification obligation.1 As discussed below, the NFA’s amendments represent the continued maturation of information security in the US financial services…
North Carolina AG re-introduces legislation to protect against identity theft
Back in January, 2018, North Carolina Attorney General Josh Stein and state Rep. Jason Saine (R) introduced legislation called “Act to Strengthen Identity Theft Protections.” In January, 2019, they’ve reintroduced it. A press release from the Attorney General explains: Attorney General Josh Stein and Rep. Jason Saine today unveiled legislation to strengthen North Carolina’s laws to prevent…
UN adopts India-backed data security resolutions
Dipanjan Roy Chaudhury reports: The United Nations has adopted two resolutions, proposed by Russia and backed by India, on International Information Security (IIS) system, marking progress towards creating the world’s first code of conduct in the digital sphere. This month the UN General Assembly adopted the two resolutions – ‘Developments in the field of information and telecommunications in the context…
Federal data privacy bill introduced by 15 US senators
Laura Hautala reports: The US doesn’t have a single data privacy law that applies to all fifty states. On Wednesday, a group of 15 US senators indicated it wanted to change the status quo, introducing the Data Care Act. The bill (PDF) would require companies that collect personal data from users to take reasonable steps to safeguard the information….
Standing Issues in Data Breach Litigation: An Overview
Priscilla Fasoro and Lauren Wiseman of Covington & Burling write: As many data breach litigation cases have demonstrated over recent years, the question of a plaintiff’s standing can be quite important to the outcome of each case. While the Supreme Court has addressed standing issues in several cases with potential applicability in the data breach litigation context,…