Earlier this year, Washington passed an amended version of its data breach notification law, which goes into effect Friday July 24, 2015. Washington’s updated breach notification statute will now, among other things, require compromised entities to notify the state Attorney General (AG) in some circumstances, and require notification to both consumers and, as applicable, the […]
Privacy & Cyber Regulatory Enforcement
Canadian Parliament Amends PIPEDA with the Digital Privacy Act
On June 18, 2015, the Canadian Parliament passed into law the Digital Privacy Act (the “Act”), which amends Canada’s federal data protection statute, the Personal Information Protection and Electronic Documents Act (PIPEDA). PIPEDA applies to businesses in every Canadian province except British Columbia, Alberta and Quebec; however, businesses in those provinces may become subject to […]
FCC TCPA Order has Harsh Impact on Businesses
On July 10, 2015, the FCC entered its long awaited Order on 21 petitions seeking clarification on a number of issues related to the federal Telephone Consumer Protection Act (“TCPA”). A copy of the complete Order is available here https://www.fcc.gov/document/tcpa-omnibus-declaratory-ruling-and-order. The Order is consistent with comments that the FCC made during its open hearing on […]
Peter Swire Testifies Before Senate Judiciary Committee on Encryption
Alston & Bird Senior Counsel Peter Swire testified today before the Senate Judiciary Committee as part of its hearing entitled, Going Dark: Encryption, Technology, and the Balance Between Public Safety and Privacy. The hearing, held on July 8, 2015, featured Sally Quillian Yates, Deputy Attorney General, and James B. Comey, Jr., Director of the Federal […]
FFIEC Issues Optional Cybersecurity Assessment Tool
On June 30, 2015, the Office of the Comptroller of the Currency (OCC) announced that the Federal Financial Institutions Examination Council (FFIEC) has issued an optional Cybersecurity Assessment Tool (Assessment) for banking institutions (“institution”) to use to evaluate risks and cybersecurity maturity (i.e., level of preparedness). OCC also announced that it would “gradually incorporate the […]