On October 6, 2021, Deputy Attorney General Lisa O. Monaco announced the launch of the Department of Justice’s Civil Cyber-Fraud Initiative. The Department plans to use civil enforcement tools to “pursue…those who are government contractors who receive federal funds, when they fail to follow required cybersecurity standards.” Stating the Department will pursue “very hefty fines,” […]
Board Governance & Cyber Risk Management
China’s First Comprehensive Personal Information Protection Law – Key Takeaways
On August 20, 2021, China’s first comprehensive Personal Information Protection Law (“PIPL”) was passed into law. The Cybersecurity Law, the Data Security Law, and the PIPL of China are the three pillars of China’s data protection framework, which govern cybersecurity, data security, and personal information protection respectively. The Cybersecurity Law largely governs cybersecurity requirements for […]
California Federal Court Dismisses Data Security-Related Securities Fraud Class Action
A California federal court has dismissed a putative securities fraud class action alleging that a large title insurer that disclosed a data security incident in May 2019 made false and misleading statements related to its data security practices and the incident. The dismissal follows the June 2021 settlement of a related Securities & Exchange Commission […]
September 27 Deadline Looming for EU Standard Contractual Clauses
On June 4th, the European Commission issued modernized Standard Contractual Clauses (SCCs) under the EU General Data Protection Regulation (GDPR) for data transfers from controllers or processors in the EU/EEA (or otherwise subject to the EU GDPR) to controllers or processors outside the EU/EEA (and not subject to the EU GDPR). The modernized SCCs will […]
UK Unveils Post-Brexit Data Plans with an Emphasis on International Transfers of Personal Data
Today, the UK Department of Digital, Culture, Media and Sport (“DCMS”) has made a series of announcements shedding light on the UK’s post-Brexit data strategy. The announcements – which emphasize the importance of international transfers of personal data to global trade – include as follows: A Press Release, providing an overview of the UK government’s […]