Less than a month after China’s Personal Information Protection Law (PIPL) took effect, ships in Chinese waters began disappearing from industry tracking systems. While the PIPL governs the collection and cross-border transfer of personal information, which is broadly defined as information related to an identified or identifiable natural person that is recorded electronically or by … Continue Reading
On Oct. 29, 2021, the Cyberspace Administration of China (CAC) published the “Draft Measures on Security Assessment of Cross-Border Data Transfer” (Draft Measures) for comment through Nov. 28. The Draft Measures follow and are based on China’s Cybersecurity Law (CSL), Data Security Law (DSL), Personal Information Protection Law (PIPL) and related regulations. These measures appear … Continue Reading
On June 10, 2021, the National People’s Congress of the People’s Republic of China (PRC) approved the passage of the Data Security Law (DSL), which will take effect on Sept. 1, 2021. Overview Unlike the PRC’s Cybersecurity Law of 2016 (CSL) and the Personal Information Protection Law – undergoing public comment for its second draft, … Continue Reading
Background Growing awareness regarding cybersecurity concerns with the Internet of Things (IoT) has achieved a milestone with the promulgation of the IoT Cybersecurity Improvement Act (the Act), which was signed into law by President Donald Trump on December 4, 2020. The Act requires the development, adoption and implementation of security standards for IoT devices by … Continue Reading
Part 1 Part 2 This blog is the third in a series exploring how organizations can prevent or mitigate the severity of a third-party data breach or cyber exploit by implementing a variety of cybersecurity risk management controls, such as assessing compliance with regulations, vetting third-party security practices, and establishing data breach and cyber exploit … Continue Reading
This blog is the second in a series exploring how organizations can prevent or mitigate the severity of a third-party data breach or cyber exploit by implementing a variety of cybersecurity risk management controls, such as assessing compliance with regulations, vetting third-party security practices, and establishing data breach and cyber exploit incident response procedures. While … Continue Reading
This blog is the first in a series exploring how organizations can prevent or mitigate the severity of a third-party data breach or cyber exploit by implementing a variety of cybersecurity risk management controls such as assessing compliance with regulations, vetting third-party security practices, and establishing data breach and cyber exploit incident response procedures. While … Continue Reading
If you’ve been feeling encouraged about your company’s preparation for the California Consumer Privacy Act’s (CCPA) launch on January 1, 2020, you may not want to breathe a sigh of relief just yet. Alastair Mactaggart, the founder and board chair of Californians for Consumer Privacy (one of the coauthors of the CCPA), is hoping that … Continue Reading
On January 1, 2020, California’s new Internet of Things (IoT) Security Law goes into effect. The law is the first IoT-specific security law in the United States and, simply put, requires all IoT devices sold in California to be equipped with reasonable security measures. There has been a significant amount of discussion regarding exactly what … Continue Reading