On Monday, 3 January 2022, the European Data Protection Board (“EDPB”) published the finalized version of its regulatory guidance entitled “Examples regarding Personal Data Breach Notification” (the “Guidelines”), following a public consultation on a draft set of guidelines in 2021. The finalized Guidelines are a practice-oriented, and case-based set of examples that leverage the experiences gained by EU Supervisory Authorities since the EU GDPR became applicable. The Guidelines build on and … [Read more] about EDPB Issues New Guidance for Assessing Personal Data Breaches under the EU GDPR
Less than a month ago, a critical vulnerability was identified in the ubiquitous, open source Log4j tool prompting swift guidance from Cybersecurity and Infrastructure Security Agency (CISA) and other security practitioners. Now, the Federal Trade … [Read more] about FTC Releases Warning to Companies that Fail to Mitigate Log4j Vulnerability
Alston & Bird Senior Counsel Peter Swire recently published an article in Lawfare titled, “Towards OECD Principles for Government Access to Data.” Peter and his co-authors discuss recent efforts of the Organization for Economic Cooperation and … [Read more] about Time to Restore Trust in Data Flows between Countries? Peter Swire Discusses Recent OECD Efforts in Developing Principles for Government Access to Data.
As an update to prior coverage of the FTC’s final revisions to the Gramm-Leach-Bliley Safeguards Rule (Final Rule), following its publication in the Federal Register on December 9, 2021, the Final Rule now will take effect on January 8, 2022, 30 days … [Read more] about Update: FTC Amendments to the Safeguards Rule and Request for Comment on Proposed Reporting Requirement Published to the Federal Register
The New York Department of Financial Services (NYDFS) continues to refine its position regarding the importance of and requirements regarding Multi-Factor Authentication (MFA), as evidenced most recently with the release of new guidance. This new … [Read more] about NYDFS Issues Guidance on Multi-Factor Authentication