Category: International

EU, Japan, China

UK’s Data Protection Reform Proposals Show Distinct Divergence from EU Rules

Share

The UK government has recently published proposals to amend UK data protection legislation with moves towards divergence from EU rules and regulation following the UK’s decision to leave the EU (“Brexit”). The Data Protection and Digital Information Bill (“DPDI Bill”) proposes to make significant changes to existing UK data protection legislation, including the UK General Data protection Regulation (“UK GDPR”) and the Data Protection Act 2018 (“DPA”). The proposals include some measures that will result in a significant divergence, particularly for companies operating on a pan-European basis. While some compliance obligations will be relaxed, most of the changes can best be described as “similar but different” in approach. It remains to be seen what the final text will look like when the bill is passed into law, with some of the more radical proposals already having been dropped from consideration. A crucial point of consideration for UK legislators when the DPDI Bill is making its way through the various stages of the legislative process in the Houses of Parliament will be whether this legislation remains sufficiently similar to the EU’s General Data Protection Regulation (“EU GDPR”) that the UK is able to retain its adequacy status for the purposes of exports of personal data from the EU to the UK by companies operating internationally.

Continue reading “UK’s Data Protection Reform Proposals Show Distinct Divergence from EU Rules”

Ransomware Payments Become an Even Riskier Choice Amidst the Ever-Growing Sanctions List

Share

In February 2022, Executive Order 14024 highlighted that Russia’s invasion of Ukraine threatened not only Ukraine but also the national security and foreign policy of the United States. Pursuant to this executive order, and in the face of national security concerns, the U.S. Department of Treasury’s Office of Foreign Assets Control (OFAC) has instituted extensive sanctions, including both economic and trade sanctions. Also, in response to the national security concerns, the Cybersecurity and Infrastructure Security Agency (CISA) issued a Shields Up notice, urging companies to bolster their cybersecurity to protect themselves against the threat of a cyberattack.

As the conflict between Russia and Ukraine continues, the threat of a cyberattack, specifically ransomware and NotPetya-style attacks, remains top of mind. However, as entities continue to bolster their cybersecurity and protect themselves against these attacks, they should be cognizant of the implications that OFAC sanctions may have in connection with such an attack.

Continue reading “Ransomware Payments Become an Even Riskier Choice Amidst the Ever-Growing Sanctions List”

Russia, Cybersecurity & Government Contracting – Faegre Drinker on Law and Technology Podcast

Share

Russia’s invasion of Ukraine has created a host of challenges for the U.S. government to address, including the need to prepare for potential Russian cyberattacks and questions about how to handle Russian connections to supply chains and government contracts. In this episode of the Faegre Drinker on Law and Technology Podcast, host Jason G. Weiss sits down with Faegre Drinker partners Dana Pashkoff and Jessica Abrahams to unpack the thorny issues at the nexus of Russia, cybersecurity and U.S. government activity.

Continue reading “Russia, Cybersecurity & Government Contracting – Faegre Drinker on Law and Technology Podcast”

U.S. Government Details Prolonged Cyber Scheme by Russian State Actors Targeting the Energy Sector

Share

Last month, the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the U.S. Department of Energy (DOE) issued a joint advisory providing “information on multiple intrusion campaigns conducted by state-sponsored Russian cyber actors” that targeted “U.S. and international Energy Sector organizations.” While CISA, the FBI, and DOE all responded to these campaigns “with appropriate action in and around the time they occurred,” the U.S. government determined that it was important to share information about the attacks “in order to highlight historical tactics, techniques, and procedures (TTPs) used by adversaries to target U.S. and international Energy Sector organizations.”

Continue reading “U.S. Government Details Prolonged Cyber Scheme by Russian State Actors Targeting the Energy Sector”

Coming Soon to Singapore: Mandatory Data Breach Notifications

Share

Singapore’s Personal Data Protection Commission (PDPC) issued a statement on March 1 announcing its plan to introduce mandatory breach notifications as part of a set of proposed amendments to the country’s Personal Data Protection Act (PDPA). The proposed amendments come in response to the PDPC’s recent review of the PDPA in order “to ensure that it keeps pace with the evolving needs of businesses and individuals, and balances safeguarding individuals’ interests and enables the legitimate use of personal data by organisations.” The details of the mandatory breach notification have not yet been made public, but the amendment will likely require organizations to notify the PDPC and affected data subjects when a certain level of breach has occurred.

Continue reading “Coming Soon to Singapore: Mandatory Data Breach Notifications”

European Union Adopts Adequacy Decision For Safe Data Flows With Japan

Share

On January 23, 2019, the European Commission announced its decision to adopt adequacy status with Japan for transfers of personal data.  Pursuant to the European Union’s (EU) General Data Protection Regulation (GDPR), this decision will allow personal data to flow freely between the 28 EU countries, three additional European Economic Area member countries (Norway, Liechtenstein, and Iceland), and Japan, without the need for additional data protection safeguards or derogations.  Japan adopted an equivalent decision with the EU on January 22, 2019.  These reciprocal findings of adequacy will create the largest area of safe data flows in the world.

Continue reading “European Union Adopts Adequacy Decision For Safe Data Flows With Japan”

©2024 Faegre Drinker Biddle & Reath LLP. All Rights Reserved. Attorney Advertising.
Privacy Policy