On December 7, 2015, after more than two years of legislative consideration, the European Parliament and the European Council reached a political agreement concerning the Directive on Network and Information Security (“NIS Directive”). Under the NIS Directive, operators of essential services will be required to take appropriate security measures and report cybersecurity incidents. The amended draft NIS […]
Board Governance & Cyber Risk Management
FTC and FCC Sign Consumer Protection MOU
Since 2014, the Federal Communications Commission (FCC) has engaged in an increasing number of privacy and data security enforcement actions. The scope of the Commission’s jurisdiction over carriers has also dramatically increased – at least temporarily – following its recent net neutrality order, which reclassified broadband Internet access service as a telecommunications service under Title […]
Moody’s Identifies Cyber Risk As Key Factor in Credit Ratings
In a report released November 23, Moody’s Investors Service announced that the implications of cyber threats could start taking a higher priority in its credit analysis. Moody’s said it views cyber threats as similar to other extraordinary event risks, such as a natural disaster. “While we do not explicitly incorporate cyber risk as a principal […]
FTC’s Ability to Regulate Data Security Potentially Limited in FTC v. LabMD
A November 13, 2015 decision from the Federal Trade Commission’s Chief Administrative Law Judge, D. Michael Chappell, calls into question FTC enforcement in the data privacy space. The case began when the FTC filed a complaint on August 28, 2013 after an employee of LabMD, a cancer detection laboratory, downloaded peer-to-peer (“P2P”) software that exposed patient […]
Updated Schrems ECJ / Safe Harbor Ruling FAQs
Alston & Bird has published an updated set of Frequently Asked Questions (FAQs) on the decision by the European Court of Justice holding that the U.S.-EU Safe Harbor Framework is invalid (also known as the Schrems decision). The FAQs are designed to help companies that rely on the Safe Harbor Framework understand the scope of the ECJ […]