“This was a deliberate and sweeping intrusion into the private information of the American people,” said Attorney General William P. Barr, who made the announcement. “Today, we hold PLA hackers accountable for their criminal actions, and we remind the Chinese government that we have the capability to remove the Internet’s cloak of anonymity and find the hackers that nation repeatedly deploys against us. Unfortunately, the Equifax hack fits a disturbing and unacceptable pattern of state-sponsored computer intrusions and thefts by China and its citizens that have targeted personally identifiable information, trade secrets, and other confidential information.”
On this International Day of Commemoration in Memory of the Victims of the Holocaust, it is not only important to compassionately contemplate the past, but is also important to cautiously consider the future through the lens of the events and enablers that contributed to the identification and extermination of millions of people. One of these enablers was technology.
The NIST Privacy Framework is a voluntary tool intended to help organizations identify and manage privacy risk to build innovative products and services while protecting individuals’ privacy.
On December 19, 2019, the European Court of Justice (ECJ) Advocate General, Henrik Saugmandsgaard ØE, provided his opinion on the validity of Standard Contractual Clauses (SCCs) adopted by the European Commission for the transfer of personal data from controllers to processors. The rendered opinion confirms that companies relying upon SCCs do not need to consider changing their approach at this time.
Released in December of 2019, Norton Rose Fulbright’s 2019 Litigation Trends Annual Survey highlighted that a majority of corporate counsel respondents foresee an economic downtown that will lead to a rise in disputes. Additionally, the number of in-house counsel who rated cybersecurity and privacy as the most important litigation issue facing them doubled from 2018 to 2019. Respondents said worries over cybersecurity and data protection risks are rooted in the volume of such threats, the creativity of cyber criminals, the sensitive nature of some data content and some jurisdictions’ enactment of stringent data privacy laws.
In this recently published guidance note, DPC Ireland shares important considerations for both data requestors and controllers on the topic of Data Subject Access Requests (DSARs).
In this eDiscovery Day educational panel with eDiscovery experts including Jennifer Hamilton (John Deere) and Scott Thayer (Dawn Food Products), presenters will discuss how to create a holistic framework for effectively managing data in the midst of new privacy and eDiscovery requirements.
In this recently published information note (October 2019), the Data Protection Commission (DPC) Ireland shares country-specific statistics and trends related to data breach notifications during the first year of GDPR.
Business Email Compromise/Email Account Compromise (BEC/EAC) is a sophisticated scam that targets both businesses and individuals who perform legitimate transfer-of-funds requests. The scam is frequently carried out when a subject compromises legitimate business or personal email accounts through social engineering or computer intrusion to conduct unauthorized transfers of funds. Between June 2016, and July 2019, more than $26B in exposed dollar losses due to BEC/EAC were reported to the Federal Bureau of Investigation (FBI) Internet Crime Complaint Center (IC3).
Ransomware attacks are becoming more targeted, sophisticated, and costly, even as the overall frequency of attacks remains consistent. Since early 2018, the incidence of broad, indiscriminate ransomware campaigns has sharply declined, but the losses from ransomware attacks have increased significantly, according to complaints received by IC3 and FBI case information.