On August 22, 2022, the Federal Trade Commission (FTC) published its advance notice of proposed rulemaking (ANPR) to request public comment on commercial surveillance and data security practices. The ANPR comes at the same time as Congress is considering the federal American Data Privacy and Protection Act (ADPPA). The FTC seeks public comment on a […]
Regulation
UK Information Commissioner’s Office Issues Warning on Ransomware Payments
On July 8, 2022, the UK Information Commissioner’s Office (UK ICO) together with the UK National Cyber Security Centre (NCSC), published a joint letter asking the Law Society of England & Wales to remind its members that they should not advise clients to pay ransomware demands should they fall victim to a cyber-attack. The Law […]
CPPA Formal Rulemaking Began on July 8, 2022
On July 8, 2022, the California Privacy Protection Agency (the “CPPA” or “Agency”) began the formal rulemaking process to adopt regulations implementing the amendments to the California Consumer Privacy Act (the “CCPA”) introduced by the California Privacy Rights Act (the “CPRA”). The “Proposed CCPA Regulations” (the “Proposed Regulations” or “Regulations”) were originally released by the […]
New Cybersecurity Rules In India Impose Strict Reporting Requirements and Steep Penalties
The Indian Computer Emergency Response Team (“CERT-In”) issued Directions on April 28, 2022 “to strengthen the cybersecurity in the country” and that has significant implications for the cybersecurity landscape. Effective June 27, 2022, the Directions, among other requirements, impose a strict 6-hour timeline for notice of a cybersecurity incident and expands the types of cybersecurity […]
California Privacy Protection Agency Initiates Notice and Comment Period for CCPA Regulations
The California Privacy Protection Agency (the “CPPA”) has issued a Notice of Proposed Rulemaking, as anticipated, for amendments to regulations the California Attorney General promulgated in 2020, and to propose new regulations under the CPPA’s mandate provided in the California Privacy Rights Act. The comment period closes on August 23, 2022. There will be a […]