In the ongoing Federal Trade Commission (“FTC”) proceeding against LabMD, Inc. (“Lab MD”), the FTC recently denied LabMD’s attempts to stay the proceeding pending the outcome of the company’s separate requests for injunctive relief pending before the U.S. District Court for the District of Columbia and petition for review before the U.S. Court of Appeals for […]
Data Security
NIST’s Preliminary Cybersecurity Framework Could Have Broad Implications for Critical, Non-Critical Infrastructure Alike
On October 22, 2013, the National Institute of Standards and Technology (NIST) released its Preliminary Cybersecurity Framework (“Framework”), marking one of the final steps in creating the “voluntary” Framework envisioned in an Obama Administration Executive Order (EO) issued earlier this year. That EO, which was designed to strengthen the cybersecurity of the United States’ critical […]
New Malaysian Data Privacy Law
After enactment in 2010, Malaysia’s Personal Data Protection Act, and implementing regulations, finally went into effect on November 15, 2013. The law applies to the processing of “personal data” by entities operating in Malaysia but generally does not apply to data processed entirely outside of Malaysia.[1] Additionally, official registration requirements will extend to many classes […]
California’s New Privacy Law Covering Utility ‘Smart Meter’ Data Takes Effect on January 1, 2014
On January 1, 2014, California’s new “smart meter” privacy law goes into effect, which may impact Internet Service Providers, financial institutions and other businesses that handle or receive smart meter data. On October 5, 2013, California Governor Brown approved the law passed by the Assembly (A.B. 1274) that will require certain non-utility businesses to obtain the […]
Department of Defense Publishes Safeguarding Rule Requiring Contractors to Follow NIST Security Standards, Report Cybersecurity Incidents
On November 18, the U.S. Department of Defense (“DoD”) published a final safeguarding rule (the “UCTI Safeguarding Rule”) applicable to contractors in possession of unclassified yet nonpublic technical information (“UCTI”) that requires them to, at a minimum, satisfy the security controls specified in NIST Special Publication (SP) 800-53 in order to safeguard UCTI. Additionally, the UCTI Safeguarding […]