Telecommunications

In a cautionary decision for companies handling personal data, the Spanish Data Protection Authority (AEPD) issued a substantial fine to a telecommunications distributor following a significant data breach. In April 2021, the company at the center of the case had been targeted by a ransomware attack using Babuk malware, which encrypted files and interrupted operations. When the company refused to pay the ransom, cybercriminals published the personal data of around 13 million individuals on the dark web, exposing affected users to serious risks of fraud and identity theft.Continue Reading When Data Breaches Cost Twice – AEPD’s Landmark Fine Shows That Being the Victim of a Cyberattack Doesn’t Excuse GDPR Failures

In this blog post, we breakdown the new Vietnamese cybersecurity regulations which apply to both Vietnamese and foreign organisations. Alongside the ongoing consultation for the Ministry of Public Security’s proposed data law, Vietnam is taking steps to move towards a data protection compliance regime in line with other countries and regions, such as the EU – something of particular relevance in a country with one of highest internet user growth rate (nearly 80 million internet users).

What Is the CAS Decree?

The Cybersecurity Administrative Sanctions Decree (CAS Decree) is a decree unveiled by the Vietnamese Ministry of Security to the Ministry of Justice in mid-May 2024.

The first draft was published for consultation in September 2021 and has undergone multiple revisions following public consultations.Continue Reading Summarising the New Vietnamese Cybersecurity Regulations

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

The FCC’s Net Neutrality Order: Going Beyond Blocking, Throttling, and Fast Lanes | Privacy World

What Happened to the UK’s

After months of debate and speculation, the Federal Communications Commission (FCC) issued its order last month reclassifying broadband internet access service (BIAS) as a telecommunications service subject to common carriage regulations under Title II of the Communications Act.1 In so doing the FCC reversed its order of 2017 classifying BIAS as an information service under the Act (and thus not subject to common carriage regulation). It also reinstated rules that prohibit BIAS providers from blocking or throttling access to content, sites, or applications (or categories of content, sites, or applications), prioritizing third-party traffic in exchange for consideration, prioritizing traffic from affiliates, and engaging in broadly defined unreasonable discrimination in the offering of BIAS.Continue Reading The FCC’s Net Neutrality Order: Going Beyond Blocking, Throttling, and Fast Lanes

The Federal Communications Commission (FCC) recently issued four orders imposing $196 million in fines against the three largest national mobile services providers in the United States (i.e., AT&T, T-Mobile, and Verizon) and Sprint, who merged with T-Mobile in 2020 (the “Mobile Providers”).[1] The FCC fined them for sharing customer location information with third parties without prior customer consent and then failing to take reasonable measures to protect that information against unauthorized disclosure. Although AT&T, T-Mobile, and Verizon suspended in 2019 the specific programs that gave rise to the fines, the Forfeiture Orders stand as the definitive guidance from the FCC on the treatment of customer location information under Section 222 of the Communications Act and the FCC’s rules regulating access to “customer proprietary network information” or “CPNI.” They also provide a window into upcoming debates and possible additional FCC actions.Continue Reading FCC Fines National Mobile Providers for Sharing Customer Location Information: What Are the Lessons and What to Expect in this New Era of FCC Mobile Data Privacy Oversight

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

Deep Fake of CFO on Videocall Used to Defraud Company of US$25M | Privacy World

Address Cyber-risks From Quantum Computing

A growing area of privacy litigation concerns claims brought under federal and state wiretapping laws against website operators.  In many of those cases, plaintiffs allege that their personal information was improperly intercepted and disclosed to third parties, including in relation to information purportedly provided through a website’s chat feature.  Last month, a federal court in

Following up on its initial notice from last September, the Federal Communications Commission (the Commission) has released a draft Report and Order and Further Notice of Proposed Rulemaking to address unwanted text messages that “invade consumer privacy and are vehicles for consumer fraud and identity theft.” The Commission will consider adopting the proposed rules at

Congratulations to Privacy World’s Kristin Bryan and Stephanie Faber, recognized as Legal Influencers (Q3 and Q4, respectively) by Lexology. Both lawyers were recognized regionally in the Technology, Media and Telecommunications category (TMT), with Kristin being acknowledged for the US and Stephanie for Europe. Lexology Legal Influencers recognizes industry thought leaders each quarter who

The Federal Communications Commission (FCC) has unanimously adopted a Notice of Proposed Rulemaking (NPRM) to revise its requirements related to data breach reporting requirements applicable to telecommunications carriers and interconnected Voice over Internet Protocol providers. The proposal seeks to “strengthen the Commission’s rules for notifying customers and federal law enforcement of breaches of customer proprietary network information (CPNI).” CPNI is data on the subscribers’ telephone usage as originally defined in Section 222 of the Communications Act. The Commission’s aim is “to better align its rules with recent developments in federal and state data breach laws covering other sectors.”
Continue Reading Federal Communications Commission Proposes Revisions to Data Breach Rules