On August 29, 2016, the FTC announced it is seeking public comment on its Safeguards Rule as part of a systematic review of all FTC rules and guides. The Safeguards Rule came into force in 2003 after the Gramm-Leach-Bliley Act (GLBA) required that the FTC and other agencies establish administrative, technical, and physical information security […]
Regulation
German DPAs to Create Model Processing Records for GDPR Compliance
On May 25, 2018, the EU General Data Protection Regulation (GDPR) enters into force. One of the major changes the GDPR introduces is a duty for in-scope controllers and processors to maintain written records of processing activities. Under Article 30 GDPR, companies will need to inventory all “processing activities under [their] responsibility” and memorialize them […]
FERC Takes Action on Cybersecurity in Response to Ukrainian Cyber Attacks
The Federal Energy Regulatory Commission (“FERC”) issued a Notice of Inquiry (“NOI”) and Final Rule at the end of July to address several urgent cybersecurity issues affecting the bulk electric system. FERC is taking these actions in the face of increasingly sophisticated threats to our power grid, including in response to an actual cyber-attack against Ukraine’s electricity […]
President Obama Issues Directive on Government Cyber Incident Response
Last week, President Obama issued a new Presidential Policy Directive (PPD) establishing principles to govern the federal government’s response to cyber incidents, “whether involving government or private sector entities.” Titled “PPD-41,” the document also designates the lead federal agencies for so-called significant cyber incidents and creates an “architecture for coordinating the broader Federal Government response” […]
Join Our Roadmap to the GDPR Webinar: Outsourcing & Processors — with Brexit
Alston & Bird invites you to join us for the third program in our Roadmap to the GDPR webinar series: Brexit Analysis, Outsourcing & Processors. Our GDPR Roadmap series provides you with the critical information you need to assess and address the myriad issues raised by the passage and implementation of the GDPR. This webinar will be held on Thursday, July 14, […]