International Data Transfers: Clarity on Timing of U.K. Transfer Mechanisms

Share

The U.K. Information Commissioner’s Office recently confirmed the options and clarified the timing of new data transfer agreements for transfers of personal data out of the U.K. The situation has been somewhat confusing, even to those relatively familiar with international data transfers. Organizations can now review their data transfer arrangements with greater certainty, and this will be a key priority for 2022.

Continue reading “International Data Transfers: Clarity on Timing of U.K. Transfer Mechanisms”

Illinois Supreme Court: BIPA Claims Not Barred By Workers’ Compensation Act

Share

The Illinois Supreme Court ruled that workers compensation preemption is not a defense to plaintiffs’ claims for damages under the Illinois Biometric Information Privacy Act. The February 3, 2022 ruling in McDonald v. Symphony Bronzeville Park, LLC, 2022 IL 126511 will likely awaken many long-stayed BIPA class action lawsuits and pave the way for new ones to be filed.

Continue reading “Illinois Supreme Court: BIPA Claims Not Barred By Workers’ Compensation Act”

FTC Updates to “Safeguards Rule” Has Impacts for Higher Education Institutions

Share

On December 9, 2021, the FTC published a final rule amending the requirements for safeguarding customer information under the Gramm-Leach-Bliley Act (GLBA). The Safeguards Rule has long established cybersecurity standards under which customer information must be maintained by financial institutions, which include all higher education institution that participate in the federal student financial aid programs authorized by Title IV of the Higher Education Act of 1965, as amended.

Continue reading “FTC Updates to “Safeguards Rule” Has Impacts for Higher Education Institutions”

Department of Commerce Seeks Public Comment on a Range of Broadband Infrastructure Issues Arising from the 2021 Infrastructure Investment and Jobs Act

Share

On the eve of the U.S. Senate’s confirmation of Alan Davidson as the new Administrator of the National Telecommunications and Information Administration (NTIA), NTIA published a request for public comments on January 10, 2022, on a range of broadband infrastructure issues, paving the way for Davidson’s reported top priority in his term. The request is the first of a series, which together are to establish three new NTIA programs under the appropriations from the November 2021 Infrastructure Investment and Jobs Act: the Broadband Equity, Access, and Deployment (BEAD) Program, the “Middle Mile Infrastructure” Program, and the Digital Equity Inclusion Program.

Continue reading “Department of Commerce Seeks Public Comment on a Range of Broadband Infrastructure Issues Arising from the 2021 Infrastructure Investment and Jobs Act”

U.S. Cybersecurity Officials Issue New Warning Regarding Threats to Critical Infrastructure

Share

On January 11, 2022, the U.S. Department of Homeland Security’s Cyber Security and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) issued a joint advisory, warning of an increasing cybersecurity threat posed by Russian state-backed threat actors to U.S. critical infrastructure.

Continue reading “U.S. Cybersecurity Officials Issue New Warning Regarding Threats to Critical Infrastructure”

Log4j Vulnerability Prompts Insurance Commissioners to Issue Guidance

Share

On December 11, 2021, the Cybersecurity and Infrastructure Security Agency, in partnership with the FBI and NSA, announced a critical remote code execution vulnerability had been identified in the Apache Log4j software library. This vulnerability allowed a successful threat actor to take control of a network system and cause a variety of damage, including the ability to launch ransomware, steal and destroy victim information, deploy malware, and disrupt internal and infrastructure operational control. Insurance regulators from four states have recently issued guidance in response to the threat, and it is likely more insurance commissioners will follow suit.

Continue reading “Log4j Vulnerability Prompts Insurance Commissioners to Issue Guidance”