Alston & Bird Privacy, Cyber & Data Strategy Blog

Board Governance & Cyber Risk Management

Fourth Circuit Court of Appeals Allows Wikimedia Upstream Suit to Proceed

By

On May 23, 2017, the Fourth Circuit Court of Appeals issued its opinion on Wikimedia foundation v. NSA/CSS. The Court vacated and remanded the NSA’s previously successful motion to dismiss Wikimedia’s Fourth and First Amendment claims against the NSA’s Upstream surveillance program, while a 2-1 majority upheld the dismissal of the eight other organizations joined […]

Facebook Fined for WhatsApp Data Linking Fallout

By

On 18 May 2017, the European Commission (“Commission”) fined Facebook €110 million ($122 million) for misrepresentations made in its application for competition clearance of the company’s acquisition of WhatsApp. In its merger application, Facebook claimed that it would be unable to automatically match Facebook users’ accounts and WhatsApp users’ accounts for marketing and other purposes. […]

President Trump Signs Long-Awaited Cyber Executive Order

By

On May 11, 2017, President Trump signed a long-awaited executive order on cybersecurity (the “Order”).  The Order directs executive agencies to complete a risk management report based on the NIST Cybersecurity Framework (the “Framework”) and also requires the Department of Homeland Security (DHS) and other agencies to undertake activities in support of effective cybersecurity risk […]

Outbreak of “WannaCry” and “Wanna Decryptor” Ransomware Affects Companies Across the Globe

By

On Friday, May 12, companies in countries across the globe witnessed an unprecedented malware outbreak as ransomware labeled “WannaCry” and “Wanna Decryptor” infected a large range of critical systems. The malware exploits a vulnerability in older versions of Microsoft’s Windows, locks the systems it infects, and threatens to delete files unless a bitcoin ransom is […]

French CNIL Releases GDPR Compliance Toolkit

By

On March 15, 2017, the French data protection authority (CNIL) released its six step- GDPR compliance program together with GDPR-tailored templates for use by companies, the “GDPR Toolkit.” The GDPR Toolkit is helpful for companies because it provides guidance that companies may directly include in their privacy programs. Companies with sophisticated privacy programs may also […]