Blog

https://www.technologylawsource.com/

Recent Blog Posts

  • November Privacy and Security Roundup: Cybersecurity export controls, mandatory reporting bills and Safeguards Rule changes By Craig Fullen, Matthew Lapin, Donna Ruscitti and Porter Wright   BIS has issued an interim final rule, and entities dealing with cybersecurity exports are being asked to submit comments by early December. In this latest edition of our Privacy and Security Roundup, we share the details of the final rule’s two key measures including export restrictions and a new License Exception, provide an update on cyber incident reporting legislation, discuss modifications to the GLBA Safeguards Rule and much more. RECENT DEVELOPMENTS White-hat activities... More
  • October Privacy and Security Roundup: Cryptocurrencies endure scrutiny, China’s Privacy Law goes into effect and new EU SCCs now required By Diana Lingyu Jia, Donna Ruscitti and Porter Wright   Across the globe, concerns continue regarding cryptocurrencies and digital currency exchanges. In the October edition of our Privacy and Security Roundup, we dive into the latest details surrounding OFAC’s efforts to stifle ransomware attacks, how organizations should carefully assess the new Personal Information Protection Law in China, the new EU Standard Contractual Clauses requirement effective Sept. 27, and more. RECENT DEVELOPMENTS Increasing government pressure on cryptocurrencies and related businesses The exchange infrastructure that enables use... More
  • OFAC updates guidance on ransomware payments and sanctions risk By Matthew Lapin and Porter Wright   On Sept. 21, 2021, the Department of Treasury, Office of Foreign Assets Control (OFAC), updated its published guidance regarding sanctions risks associated with making ransomware payments and its official policy on such payments. This updated guidance, taken in conjunction with OFAC’s recent sanctions designation of a cryptocurrency payment exchange frequently used for ransomware payments, and other ongoing regulatory legislative efforts to address ransomware attacks, further highlights the whole of government effort by the United States... More
  • September Privacy and Security Roundup: Funding national cybersecurity, violating Safeguards Rule and fighting cyber threats By Donna Ruscitti and Porter Wright   Not only are public and private companies increasingly targeted for cyber-attacks, but local and state governments across the country are as well. In our latest Privacy and Security Roundup, we cover the Senate-passed bill that includes nearly $2 billion in national cybersecurity funding, recent sanctions by the SEC on investment advisors and broker-dealers, a new initiative that aims to improve defense planning and information sharing between the public and private sectors, and more. RECENT DEVELOPMENTS An opportunity... More
  • Privacy and Security Roundup: New consumer privacy laws, big developments in ransomware attacks and the FBI’s Operation Trojan Shield By Donna Ruscitti and Porter Wright   More states, including Ohio, are working on comprehensive consumer privacy laws that could impact how companies share data. In our August 2021 Privacy and Security Roundup, we cover the nuances in the various legislation, more ransomware and supply chain attacks and news of a messaging app used as a Trojan horse by the FBI. Recent Developments A new comprehensive consumer privacy law On July 8, 2021 Colorado became the third state to enact a comprehensive privacy law... More
  • New standard contractual clauses adopted by the European Commission By Katja Garvey   On June 4, 2021, the European Commission (EC) adopted a modernized set of standard contractual clauses for international data transfers (New SCCs) aimed at better protection of the data businesses transfer out of the European Union (EU). These New SCCs, which will take effect on June 27, 2021, will replace the standard contractual clauses that were adopted under the former EU Data Protection Directive in 2001, 2004 and 2010 (Previous SCCs). The New SCCs were eagerly awaited due to... More
  • Privacy and Security Roundup: Ransomware attack causes gasoline shortages, a new executive order to enhance cyber security and raising the stakes for trans-Atlantic data transfers By Donna Ruscitti and Porter Wright   The past few weeks have provided some big developments in the area of data privacy and security. In this Privacy and Security Roundup, we cover a ransomware attack on the largest oil pipeline in the U.S., an Executive Order from President Joe Biden to enhance U.S. cybersecurity and potential mandatory reporting/sharing requirements, the U.S. Supreme Court weighing in on the Federal Trade Commission’s ability to seek monetary relief, and more. Recent Developments FBI confirms ransomware attack on... More
  • Privacy and Security Roundup: The FBI removes malicious web shells from Microsoft Exchange Servers, clarity on auto-dialers and new privacy legislation By Donna Ruscitti and Porter Wright   The technology industry is constantly evolving and trusted legal advice is more important than ever. The attorneys in our Privacy and Data Security practice group are proud to offer a new blog series to provide curated data privacy and security news, developments and things to know moving forward. We will provide analysis designed to keep you and your organization up to speed. Our first roundup includes news on the FBI removing malicious web shells from Microsoft’s... More
  • Google v. Oracle: Use of copyrightable computer code is a fair use By Rick Mescher   In a highly awaited software copyright decision, the U.S. Supreme Court recently held that Google LLC’s copying of Oracle’s Java application programming interface (API) is a fair use as a matter of law. Java is a programming language and computing platform originally developed by Sun Microsystems, Inc., which was acquired by Oracle America, Inc. in 2009. Java is popular and widely used in many applications such as laptops, game consoles, supercomputers, mobile phones and websites because it provides... More
  • A different approach—Virginia’s Consumer Data Protection Act By Porter Wright   With Virginia Gov. Ralph Northam’s signature on March 2, 2021, Virginia, a bit surprisingly, became the second state to set comprehensive rules for how companies handle and share personal information. Virginia’s Consumer Data Protection Act (CDPA) will go into effect on Jan. 1, 2023, incidentally the same day as the California Privacy Rights Act (CPRA), a ballot measure that will strengthen the landmark California Consumer Privacy Act (CCPA). While Virginia’s CDPA and California’s CCPA share several features, each... More