Earlier this year, German data protection authorities issued guidance (in German) for companies regarding monitoring employees’ work email account and Internet usage. The guidance establishes a framework based on the German Federal Data Protection Act (“FDPA”) and whether the employer allows employees to use their work email and Internet services for personal use. Where personal use is prohibited, the data protection recognize a greater scope for monitoring. The guidance also recognizes that employers may randomly check employees’ Internet use to ensure it is being used only for business purposes. Further, employers may access an employees’ sent and received emails during a long absence if required for business purposes.
On July 7, Russian President Vladimir Putin signed a law amending existing anti-terrorism legislation that could affect U.S. telecom and internet service companies operating in Russia. It will require that telecommunications operators and internet service providers (“ISPs”) retain up to 6 months of data, including personal data and communications content, as well as metadata, for periods up to 3 years. Further, if any encryption is used to protect the data, the telecommunication or internet service provider must provide the Russian authorities the decryption technology.
In this two-part article, the authors provide an overview of government cybersecurity resources, and encourage companies to consider whether and when it makes sense to take advantage of this assistance. The first part, which appeared in the October 2015 issue of Pratt’s Privacy & Cybersecurity Law Report, introduces the jurisdictional landscape and cybersecurity resources available from the Department of Justice and the Department of Homeland Security. This second part of the article discusses the cybersecurity resources available from the Federal Bureau of Investigation, the United States Secret Service, and regulators.
The first edition of The Privacy, Data Protection and Cybersecurity Law Review appears at a time of extraordinary policy change and practical challenge for this field of law and regulation. Several Sidley lawyers in the Privacy, Data Security and Information Law practice have contributed to this publication.
Editor’s Preface, Alan Charles Raul
- Chapter 1, “European Union Overview,” William Long, Geraldine Scali and Alan Charles Raul
- Chapter 2, “APEC Overview,” Catherine Valerio Barrad and Alan Charles Raul
- Chapter 9, “Hong Kong,” Yuet Ming Tham and Joanne Mok
- Chapter 12, “Japan,” Takahiro Nonaka
- Chapter 16, “Singapore,” Yuet Ming Tham, Ijin Tan and Teena Zhang
- Chapter 20, “United Kingdom,” William Long and Geraldine Scali
- Chapter 21, “United States,” Alan Charles Raul, Tasha D Manoranjan and Vivek Mohan