(14 July 2017) The Privacy Commissioner for Personal Data, Hong Kong (“Privacy Commissioner”) Mr Stephen Kai-yi WONG welcomed the passing of the Apology Bill by the Legislative Council yesterday (13 July). Mr Wong said, “The enactment of the Apology Ordinance will generally help to protect persons who wish to make an apology without fear of…
Category: Legislation
Judges Question FTC Data Security Standard at LabMD Argument
Jimmy Koo reports: The Federal Trade Commission’s data security enforcement standard came under fire June 22 from a panel of federal appeals court judges ( LabMD, Inc. v. FTC , 11th Cir., No. 16-16270, oral argument 6/21/17 ). As predicted, the level of harm required for the FTC to act was “front and center” during…
Update: Case Involving Sharing of Passwords May Be Headed to the Supreme Court
Jeffrey M. Schlossberg of Jackson Lewis writes: Last August, we reported on a Ninth Circuit case in which a former employee was convicted of a crime under the Computer Fraud and Abuse Act (“CFAA”) for accessing and downloading information from his former company’s database “without authorization.” The former employee has now asked that the U.S. Supreme review the Ninth…
IL: New Rules to Require Tighter Data Security
Dror Halavy reports: The Knesset Law and Constitutional Committee has approved measures that will require companies and groups that collect data on Israelis to protect the information from hackers. The new rules, which supply specific criteria to organizations on the types of security needed, will apply equally to government and private sector organizations. The measures…
New Mexico passes data breach notification and protection bill
Erich Falke writes: Then there were two. On March 16, 2017, the New Mexico state legislature passed a bill requiring that New Mexico residents be notified if their “personal identifying information” was affected by a breach of electronic data. Upon signature of the bill, New Mexico will join 47 other states requiring such notification, and the only…
Will a Pending OCR Rule Impact Breach Class-Action Suits?
Marianne Kolbasuk McGee A pending federal regulation – called for under the HITECH Act – that would allow regulators to share with breach victims money collected in HIPAA violation cases eventually could have implications in class-action breach lawsuits, says privacy attorney Adam Greene. The Department of Health and Human Services’ Office for Civil Rights “is working on a new…