On October 22, 2013, the National Institute of Standards and Technology (NIST) released its Preliminary Cybersecurity Framework (“Framework”), marking one of the final steps in creating the “voluntary” Framework envisioned in an Obama Administration Executive Order (EO) issued earlier this year. That EO, which was designed to strengthen the cybersecurity of the United States’ critical […]
Data Protection
EU Data Protection Authorities Note Serious Reservations with Proposed General Data Protection Regulation
Several members of the Alston & Bird Privacy and Security Group attended the IAPP Europe Data Protection Congress held in Brussels this past week. Much of the discussion at the Congress centered on the proposed new General Data Protection Regulation (the “Regulation”), which if enacted would replace the European Union Privacy Directive (Directive 95/46/EC) in effect since […]
New Malaysian Data Privacy Law
After enactment in 2010, Malaysia’s Personal Data Protection Act, and implementing regulations, finally went into effect on November 15, 2013. The law applies to the processing of “personal data” by entities operating in Malaysia but generally does not apply to data processed entirely outside of Malaysia.[1] Additionally, official registration requirements will extend to many classes […]
Kim Peretti Interviewed by BankInfoSecurity about Her Discussion at the 2013 Fraud Summit
On October 22, Alston & Bird’s Kim Peretti, Security Incident Management & Response Team co-chair, spoke at the 2013 Fraud Summit in a session titled “Post-Fraud Investigation: Effective, Efficient, Defensible.” Her presentation focused on how organizations must ensure they are prepared to respond effectively, efficiently and defensibly when they detect fraudulent activity. Following the conference, […]
Update: California Governor Brown Signs into Law S.B. 46, New Notification Requirements for Data Security Breaches
On September 27, 2013, California Governor Brown signed into law S.B. 46, amending California’s data security breach notification law California Civil Code Section 1798.82. The new law builds upon existing requirements for prompt consumer notification whenever individuals have had their passwords, usernames or security question and answers compromised. It expands the definition of personal information […]