Category

Policy

21 July 2017

The Belgian Data Protection Authority Publishes Guidance on Records of Processing Activities Under the GDPR

The Belgian Commission for the Protection of Privacy (“Privacy Commission”) has recently published guidance on Article 30 of the GDPR which contains the obligation for data controllers and processors to record their processing activities.

This record will have to be up-to-date by 25 May 2018 and readily made available to the regulator should it ask to view it. (more…)

SHARE
EmailPrintShare
14 July 2017

Federal Agencies Focus on Risks, Guidance for Internet of Things

Businesses and consumers are increasingly using Internet of Things (“IoT”) devices to communicate and process quantities and types of information that have never before been captured.  In response, more federal agencies are turning their attention to the potential risks, and developing guidance for the deployment of IoT technologies.  The latest to weigh in on risks include the Governmental Accountability Office and the Department of Commerce. (more…)

SHARE
EmailPrintShare
26 June 2017

NYDFS Issues FAQs for Recently Issued Cybersecurity Regulations

On June 20, 2017, the New York State Department of Financial Services (“NYDFS”) expanded its set of frequently asked questions (“FAQs”) and answers concerning its recently finalized Cybersecurity Regulations (23 NYCRR 500.01), which set forth minimum requirements for NYDFS-regulated entities to address cybersecurity risk.  The now 17 questions included in the release address the types of entities that fall within the scope of the Regulations, the notice requirements attending a Cybersecurity Event (as defined in the Regulations), the annual certification requirement, and additional specific elements of the rules. (more…)

SHARE
EmailPrintShare
15 May 2017

President Trump Signs Executive Order on Cybersecurity at Federal Agencies

On Thursday, May 11, President Trump signed an executive order aimed at strengthening the cybersecurity of federal networks and critical infrastructure.  The order is expected to prompt a broad examination of cybersecurity vulnerabilities at federal agencies and re-orient federal cybersecurity efforts toward modernization and shared services.  The order also reaffirms the previous administration’s approach to cybersecurity protections for critical infrastructure – with increased emphasis on the power grid – and seeks to promote the growth and sustainment of the nation’s cybersecurity workforce in the public and private sectors.  (more…)

SHARE
EmailPrintShare
09 May 2017

Sidley’s Third Annual Privacy and Cybersecurity Roundtable

On April 18 in the DC office, Sidley hosted the firm’s third annual Privacy and Cybersecurity Roundtable for over 70 clients. Speakers included a senior representative of the European Data Protection Supervisor, senior officials from the Office of the New York State Attorney General and the Federal Trade Commission, legal, policy and compliance leaders from Facebook and Gannett, along with several members of the firm’s privacy, securities law and governance groups. (more…)

SHARE
EmailPrintShare
27 April 2017

Singapore’s Personal Data Protection Commission Publishes Advisory Guidelines on the Use of Anonymized Data

The Personal Data Protection Act, 2012 (PDPA), Singapore’s general data protection law, governs the collection, use and disclosure of personal data. The Singapore Personal Data Protection Commission (PDPC), which enforces the PDPA, recently updated the chapter on data anonymization found in its Advisory Guidelines (Guidelines). The Guidelines are not legally binding but provide guidance on how the PDPC will interpret the PDPA. The revisions encourage organizations to incorporate into the process of anonymizing data an inquiry into the risks that the data may be re-identified and any potential negative effect on the individuals involved rather than focusing purely on the various techniques to anonymize the data.

(more…)

SHARE
EmailPrintShare
17 April 2017

EU Lawmakers Say That Privacy Shield Deficiencies Must Be Fixed Urgently

On 6th April, 2017, the European Parliament adopted a resolution stating that there are deficiencies in the EU-US data transfer accord Privacy Shield which must be “urgently resolved” in order to give citizens and companies legal certainty. MEPs called on the EU Commission to conduct an assessment and to ensure that the Privacy Shield complies sufficiently with the EU Charter of Fundamental Rights and new EU data protection rules. (more…)

SHARE
EmailPrintShare
04 April 2017

A Farewell to the FCC Broadband Privacy Rules

On April 3, 2017, President Trump signed the bill repealing the Federal Communications Commission’s much-debated broadband privacy rules. The House of Representatives voted 215–205 to disapprove the rules, after a party-line Senate vote of 50–48. The result is that the FCC’s key rules governing internet service providers’ collection and use of consumer data, as well as data security, will not go into effect as scheduled. Moreover, the FCC will be precluded from promulgating any regulation in “substantially the same” form until a future Congress allows such action.

(more…)

SHARE
EmailPrintShare
17 March 2017

NAIC creates new Innovation and Technology (EX) Task Force

The National Association of Insurance Commissioners (NAIC) has created a new task force to monitor technology, data collection and Cybersecurity developments in the insurance industry.  The Innovation and Technology (EX) Task Force (IT Task Force) was formed on March 9, 2017 and reports directly to the NAIC’s Executive Committee.  The  IT Task Force will appoint and oversee the work of the following NAIC groups:  the Big Data Working Group, the Cybersecurity Working Group and the Speed-to-Market Working Group.  According to the NAIC’s March 9, 2017 press release, the IT Task Force’s purpose is to help insurance regulators stay informed about technology-related developments, products and services in the insurance industry, including start-up companies, and to ensure they meet consumer expectations and ensure consumer protections.  The press release notes that annual investment in insurance technology (InsurTech) has increased to more than $2.5 Billion and continues to grow.

(more…)

SHARE
EmailPrintShare
XSLT Plugin by BMI Calculator