Jeffrey P. Taft and Matthew Bisanz of Mayer Brown write: On January 7, 2019, the National Futures Association (“NFA”) announced that it had adopted amendments to its information security requirements that include a cybersecurity incident notification obligation.1 As discussed below, the NFA’s amendments represent the continued maturation of information security in the US financial services…
Category: Legislation
North Carolina AG re-introduces legislation to protect against identity theft
Back in January, 2018, North Carolina Attorney General Josh Stein and state Rep. Jason Saine (R) introduced legislation called “Act to Strengthen Identity Theft Protections.” In January, 2019, they’ve reintroduced it. A press release from the Attorney General explains: Attorney General Josh Stein and Rep. Jason Saine today unveiled legislation to strengthen North Carolina’s laws to prevent…
UN adopts India-backed data security resolutions
Dipanjan Roy Chaudhury reports: The United Nations has adopted two resolutions, proposed by Russia and backed by India, on International Information Security (IIS) system, marking progress towards creating the world’s first code of conduct in the digital sphere. This month the UN General Assembly adopted the two resolutions – ‘Developments in the field of information and telecommunications in the context…
Federal data privacy bill introduced by 15 US senators
Laura Hautala reports: The US doesn’t have a single data privacy law that applies to all fifty states. On Wednesday, a group of 15 US senators indicated it wanted to change the status quo, introducing the Data Care Act. The bill (PDF) would require companies that collect personal data from users to take reasonable steps to safeguard the information….
Standing Issues in Data Breach Litigation: An Overview
Priscilla Fasoro and Lauren Wiseman of Covington & Burling write: As many data breach litigation cases have demonstrated over recent years, the question of a plaintiff’s standing can be quite important to the outcome of each case. While the Supreme Court has addressed standing issues in several cases with potential applicability in the data breach litigation context,…
New China Guideline for Internet Personal Information Security Protection
Barbara Li and Bohua Yao report: On November 30, 2018 the Cyber Security Protection Bureau, under the auspices of the PRC Ministry of Public Security (the “MPS”), issued a draft Guideline for Internet Personal Information Security Protection (the “Guideline”) along with a request for public comments. Even though, upon reaching final form and taking effect, the…