On June 11, Connecticut SB949 became a Public Act, after being passed by both chambers of the state legislature. Governor Dannel Malloy can now either sign the bill or take no action for it to become law. SB949 will, among other provisions, require companies that experience a security breach requiring notice to individuals under Connecticut […]
Board Governance & Cyber Risk Management
The Digital Single Market Strategy and EU Data Security Policies
The landscape of data security regulation within the European Union will likely change drastically over the next few years. In just the latest indicator of this regulatory revolution, the European Commission adopted on May 6, 2015 the heavily anticipated Digital Single Market (DSM) strategy, a multifaceted package of initiatives aimed at reducing or eliminating barriers […]
Alston & Bird issues a Privacy and Security ADVISORY on Russia’s new Data Localization Law
Today, Alston & Bird issued a Privacy and Security ADVISORY on Russia’s new Data Localization Law will take effect in September, 2015. Penalties for non-compliance can be severe, including suspension of offending websites. Our Privacy & Data Security Group gives details on the law, the compliance challenges facing U.S. companies, and the solutions available to them. […]
The FTC Announces It Will Host a “Start with Security” Initiative in September
On May 13, 2015, Federal Trade Commission Chairwoman Edith Ramirez announced that the FTC will host an initiative for its “Start with Security” program in September. The FTC unveiled the “Start with Security” program in March at the IAPP Global Privacy Summit. During the unveiling, FTC Bureau of Consumer Protection Director Jessica Rich stated that […]
Nevada Expands Definition of Personal Information In Data Security Statute
On May 13, Nevada Governor Brian Sandoval signed Assembly Bill 179, which expands the definition of personal information for purposes of Nevada’s data breach notification and data security law. Effective July 1, 2015, personal information will include an individual’s medical identification number or health insurance identification number and a user name, unique identifier or email […]