In a letter from Deputy Assistant Secretary James Sullivan, the U.S. Department of Commerce introduced a white paper, “Information on U.S. Privacy Safeguards Relevant to SCCs and Other EU Legal Bases for EU-U.S. Data Transfers after Schrems II,” to … [Read more] about U.S. Department of Commerce Releases White Paper to Assist Organizations in Conducting Schrems II Assessments
OCIE has released a risk alert regarding credential stuffing in the context of compliance with Regulation S-P and Regulation S-ID, and is encouraging firms to both (i) review and update their policies and procedures to address the risks associated … [Read more] about SEC Focused on Protecting Customer Accounts from Credential Stuffing Attacks
On Thursday, September 17, 2020, California Governor Gavin Newsom signed Assembly Bill 685 (“AB685”) into law. AB685 amends a number of portions of California’s Labor Code to address the COVID-19 pandemic. In addition to provisions that regulate … [Read more] about California Mandates COVID Exposure and Outbreak Reporting to Employees, Government Agencies
Brazil’s General Data Protection Law (the “LGPD”), a law similar to the European Union’s General Data Protection Regulation (the “GDPR”) is now effective. On April 29 of this year, Brazil’s President issued Provisional Measure 959 that, amongst … [Read more] about Brazil’s General Data Protection Law: A Comparison Between Brazil’s Newly Effective Law and the GDPR
On September 16, 2020, the U.S. Department of Justice (DOJ) announced that seven individuals believed to be part of a hacking group known as APT41 or “Wicked Panda,” including five Chinese nationals and two Malaysian nationals, have been charged in … [Read more] about DOJ Charges Seven Individuals in Connection with Global Hacking Campaigns Against More Than 100 Companies