President Biden and EU leaders announced on March 25, 2022 an agreement in principle to craft a replacement for the Privacy Shield and expand options for trans-Atlantic data transfers in accordance with the General Data Protection Regulation (“GDPR”).
Background
The
Latest from Security, Privacy and the Law
How to Prevent and Respond to Business Email Compromises
Foley Hoag presented a discussion and Q&A regarding the growing threat of business email compromises (a.k.a. man-in-the-middle attacks). Attorneys Chris Hart and Yoni Bard, litigators with experience in privacy matters and business disputes, shared what they have learned through successfully representing
Key Considerations for Health App Developers from the FTC
If your company creates health-related apps, the Federal Trade Commission (FTC) has set out some key considerations:
- Make accurate representations. Clearly explain how people’s information will be used and shared and then live up to those promises. If your
US, UK, Australia, Canada and New Zealand Issue Advisory on Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure
The cybersecurity authorities of the United States, Australia, Canada, New Zealand, and the United Kingdom have released a joint Cybersecurity Advisory (CSA) to warn organizations that Russia’s invasion of Ukraine could expose organizations both within and beyond the region
A Comprehensive Privacy Law May Be Heading for Massachusetts, And Businesses Should Prepare (originally on the MassTLC Blog)
Eds. Note: This post was originally published on the MassTLC Blog.
Get ready: there’s a good chance that comprehensive data privacy legislation is coming to the Commonwealth. If your business is not already compliant with the European Union’s or
Potential Board Liability for Cybersecurity Failures Under Caremark Law
Blog contributor Leah Rizkallah recently wrote an article for CPO Magazine, available here, about how cybersecurity is a critical risk-area for companies across industries and boards of directors must be vigilant in overseeing their companies’ cybersecurity efforts.The post Potential
Preparing for and Mitigating Foreign Influence Operations Targeting Critical Infrastructure (i.e., Dealing with the Fallout from Russia’s Invasion of Ukraine)
The Cybersecurity & Infrastructure Security Agency (“CISA”) has just released CISA Insights: Preparing for and Mitigating Foreign Influence Operations Targeting Critical Infrastructure, which provides proactive steps organizations can take to assess and mitigate risks from information manipulation. Malicious actors
The proposed Massachusetts Information Privacy and Security Act: Will This Be the Year Massachusetts Finally Updates Its Consumer Privacy Laws?
Since Massachusetts becoming a trailblazer among states with the passage of privacy legislation in 2007 and subsequent regulations, Massachusetts’ own privacy laws have been passed by those of other states, most notably California. The proposed Massachusetts Information Privacy and
U.S. Department of Homeland Security Launches First-Ever Cyber Safety Review Board
Earlier this week, the U.S. Department of Homeland Security (DHS) announced the establishment of the Cyber Safety Review Board (CSRB), as directed in President Biden’s Executive Order 14028 on Improving the Nation’s Cybersecurity. The CSRB is a public-private
Cybersecurity 2022 – The Year in Preview: Privacy Regulations at the FTC
As we think about what 2022 may hold with regard to privacy and data security regulation by the Federal Trade Commission (FTC), we should first look back at some of the developments from last year that set the stage for