Our Privacy, Cyber & Data Strategy Team answers five questions about the standard contractual clauses that aim to ensure compliance with Articles 28(3) and (4) of the General Data Protection Regulation: Are controllers and processors obliged to use the Article 28 clauses for their data processing agreements? Do the Article 28 clauses ensure compliance with […]
The Supreme Court Narrows The Scope of The Computer Fraud and Abuse Act
Today, the Supreme Court issued a long-awaited decision in Van Buren v. United States interpreting the meaning of “exceeds authorized access” under the Computer Fraud and Abuse Act (“CFAA”). The 6-3 majority, led by Justice Barrett and joined by Justices Breyer, Sotomayor, Kagan, Gorsuch, and Kavanaugh, rejected the Government’s broad definition of this phrase. While […]
New York and Illinois Regulators Recommend Third Party Cybersecurity Review For Specific Vulnerabilities
This month, the Illinois Department of Insurance issued guidance to insurers recommending assessments in response to a Microsoft Exchange vulnerability, detailed in the guidance. In the Bulletin dated May 5, the Department encourages regulated entities to “assess the risk to their systems and consumers and take steps necessary to address vulnerabilities and customer impact.” The […]
Executive Order Details Cybersecurity Changes For Public And Private Sector
In a lengthy Executive Order issued on May 12, 2021 (the “Order”), the Biden Administration has taken steps “to make bold changes and significant investments” in both public and private sector cybersecurity “in order to defend the vital institutions that underpin the American way of life.” The full scope of the Order remains to be […]
Swire Report Addresses EU Data Localization Comments, Portuguese Order Restricting U.S. Data Flow
In November, the European Data Protection Board (EDPB) issued draft guidance regarding transfers of personal data from the European Union. That guidance has prompted nearly 200 comments from companies, trade groups, and interested observers. Senior Counsel Peter Swire, along with co-author DeBrae Kennedy-Mayo, has now published a report reviewing these comments through the Cross Border […]