Cybersecurity

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

Deep Fake of CFO on Videocall Used to Defraud Company of US$25M | Privacy World

Address Cyber-risks From Quantum Computing

The Monetary Authority of Singapore (MAS) has issued an advisory[1] to financial institutions on quantum computing and the cybersecurity risks that it could pose, including potentially breaking commonly used encryption and digital signature algorithms.

Similar concerns have been raised elsewhere. Some related and ongoing developments include:

  • National Institute of Standards and Technology’s (NIST) initiation

What is the PSTI?

It is a new UK legislation which aims to regulate cyber security for home networks and IoT devices. It applies together with The Product Security and Telecommunications Infrastructure (Security Requirements for Relevant Connectable Products) Regulations 2023 (“The Regulations”).

When does the PSTI enter into force?

29 April 2024.

What products does

The first month of 2024 brought two new state privacy laws. On January 18, the New Hampshire legislature passed the 15th US state consumer privacy law (notably, still subject to some procedural requirements and signature by Governor Chris Sununu before it is officially law). The New Hampshire law was passed a few days after New Jersey’s new consumer privacy law (Approved P.L.2023, c.266) was signed into law on January 16. 

Both new state consumer privacy laws follow the now-familiar format, offering consumer privacy rights and requiring role-based data processing agreements, but with a few notable differences. A more detailed comparison follows.Continue Reading New Jersey and New Hampshire Pass Consumer Privacy Laws – and 11 Other States Are Considering Similar Laws

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

2023 Cybersecurity Year In Review | Privacy World

FTC Consumer Protection and Data Protection Insights for 2024 | Privacy World

2023 was another busy year in the realm of data event and cybersecurity litigations, with several noteworthy developments in the realm of disputes and regulator activity.  Privacy World has been tracking these developments throughout the year.  Read on for key trends and what to expect going into the 2024.

Growth in Data Events Leads to Accompanying Increase in Claims

The number of reportable data events in the U.S. in 2023 reached an all-time high, surpassing the prior record set in 2021.  At bottom, threat actors continued to target entities across industries, with litigation frequently following disclosure of data events.  On the dispute front, 2023 saw several notable cybersecurity consumer class actions concerning the alleged unauthorized disclosure of sensitive personal information, including healthcare, genetic, and banking information.  Large putative class actions in these areas included, among others, lawsuits against the hospital system HCA Healthcare (estimated 11 million individuals involved in the underlying data event), DNA testing provider 23andMe (estimated 6.9 million individuals involved in the underlying data event), and mortgage business Mr. Cooper (estimated 14.6 million individuals involved in the underlying data event). Continue Reading 2023 Cybersecurity Year In Review

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

Newly Issued Guidelines on Standard Contracts for Cross-boundary Data Flow Within the Greater Bay Area (i.e., Hong Kong, Macau and

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

Notes from the Asia Pacific Region, December 2023 | Privacy World

Singapore to Amend Cybersecurity Law | Privacy World

The

In a decision last week, the Ninth Circuit Court of Appeals affirmed dismissal of a putative class action concerning allegations that Shopify violated various California privacy and unfair competition laws by purportedly concealing its involvement in online consumer transactions.  Briskin v. Shopify, Inc., No. 22-15815, 2023 WL 8225346 (9th Cir. Nov. 28, 2023).  In