Header graphic for print
Global Media and Communications Watch The International Legal Blog for the Tech, Media and Telecoms Industry

Harriet Pearson

Posts by Harriet Pearson
Posted in Data Protection & Privacy Harriet Pearson

Combatting the Massive Wave of WannaCry Ransomware

Major companies, health care organizations and government agencies are facing a wave of cyberattacks involving ransomware that takes control of computers and denies access until a ransom is paid.  These attacks are occurring on a global scale and in some cases are having a significant impact on business and healthcare operations.  The cyberattack has disrupted targets throughout the world from … Continue Reading

Posted in Data Protection & Privacy Harriet PearsonPaul Otto

The “Final Final” is Here: NYDFS Cybersecurity Regulations

As Hogan Lovells previously reported, the New York State Department of Financial Services (NYDFS) has launched a significant initiative to impose detailed cybersecurity requirements on covered financial institutions. On February 16, NYDFS issued its Final Rules, following the initial proposed rules published in September 2016 and two rounds of feedback via industry complaints and public comment. The Final Rules … Continue Reading

Posted in Data Protection & Privacy Harriet Pearson

Changes in Japan Privacy Law to Take Effect in Mid-2017; Key Regulator Provides Compliance Insights

Recent changes to Japan’s Act on the Protection of Personal Information and the establishment of a new Personal Information Protection Commission have raised questions about how the world’s third-largest economy plans to implement new domestic requirements and engage internationally on cross-border data transfers, APEC, new technologies, and more.

Hogan Lovells recently hosted some of Japan’s senior data privacy regulators and … Continue Reading

Posted in Data Protection & Privacy Harriet PearsonPaul Otto

NIST Updates Cybersecurity Framework Guidance

In the past month, the National Institute of Standards and Technology (NIST) has issued a draft update to its flagship cybersecurity framework as well as new standalone guidance on how organizations can plan to recover from cybersecurity events. The publication of these documents demonstrates NIST’s ongoing focus on providing substantive guidance to the private and public sectors alike on cybersecurity … Continue Reading

Posted in Data Protection & Privacy Harriet PearsonPaul Otto

US Agencies Release Guidance for Securing the Internet of Things

The Internet of Things continues to draw broad interest from policymakers and regulators around the globe. Following on the heels of a major distributed denial-of-service attack in October 2016 that leveraged potentially millions of compromised IoT devices, members of Congress have sent letters to US federal agencies regarding the risks posed by insecure IoT devices and held a hearing about … Continue Reading

Posted in Data Protection & Privacy Harriet Pearson

Ready, Set, Respond – Hogan Lovells Launches Global Cybersecurity Resource Portal

Cybersecurity risk continues to evolve at an astonishingly rapid rate, prompting companies to review and adjust their plans to deal with the fast-moving threats posed by an increasingly connected world. At the same time, cybersecurity law and regulation around the world are coming of age. In this complex and uncertain environment, it is not surprising that lawyers are increasingly being … Continue Reading

Posted in Data Protection & Privacy Harriet Pearson

New York State Proposes Cybersecurity Regulation for Financial Services Institutions

On September 12, New York Governor Andrew Cuomo broke new ground in proposing a state-level regulation that would require banks, insurance companies, and other financial services entities regulated by the New York Department of Financial Services (“NYDFS”) to establish formal cybersecurity programs.

Having a written cybersecurity policy and a designated chief information security officer responsible for overseeing a company’s cybersecurity … Continue Reading

Posted in Data Protection & Privacy Julie BrillHarriet PearsonPaul Otto

FTC Highlights How Agency’s Approach to Data Security Aligns with NIST Cybersecurity Framework

The Federal Trade Commission (FTC) recently presented an analysis of how its approach to data security over the past two decades compares with the Framework for Improving Critical Infrastructure Cybersecurity (NIST Framework) issued in 2014 by the National Institute of Standards and Technology (NIST) and strongly endorsed by the White House.

The FTC’s recent blog post on “The NIST Continue Reading

Posted in Data Protection & Privacy Julie BrillBret CohenEduardo UstaranHarriet Pearson

Privacy Shield Receives Final Approval from European Commission—Some Initial Practical Advice

On 12 July 2016, the European Commission issued its much awaited “adequacy decision” concerning the Privacy Shield framework for the transfer of personal data from the EU to the U.S. This adequacy decision is based on the latest version of the Privacy Shield, which was further negotiated and revised following the Article 29 Working Party’s April 2016 concerns with … Continue Reading

Posted in Data Protection & Privacy, TMT2020 Harriet PearsonEduardo UstaranBret CohenKatherine Gasztonyi

TMT2020: Inside the New EU-U.S. Data Framework: A Practical Breakdown of the Privacy Shield

EDITOR’S NOTE:  We are excited to present this entry in our new TMT2020 series, which reflects the key technology, media, and telecoms legal issues that are expected to impact today’s organizations and tomorrow’s marketplace.  It also provides an opportunity to highlight contributions by TMT associates across our global offices and practice areas. 

The February 29, 2016 announcement of the new … Continue Reading

Posted in Data Protection & Privacy Timothy TobinHarriet PearsonKatherine Gasztonyi

CFPB Dives Into Data Security Enforcement

On March 2, 2016, the Consumer Financial Protection Bureau (CFPB) announced its first data security enforcement action in the form of a Consent Order with online payment platform Dwolla, Inc.  The five-year Consent Order is based on CFPB allegations that Dwolla engaged in deceptive acts and practices by misrepresenting to consumers that it had “reasonable and appropriate data security practices.”  … Continue Reading

Posted in Data Protection & Privacy Eduardo UstaranHarriet PearsonBret CohenKatherine Gasztonyi

First Look: EU–U.S. Privacy Shield

On February 29, 2016, and after more than two years of negotiations with the U.S. Department of Commerce, the European Commission released its draft Decision on the adequacy of the new EU–U.S. Privacy Shield program, accompanied by new information on how the Program will work. The Privacy Shield documentation is significantly more detailed than that associated with its predecessor, the … Continue Reading

Posted in Data Protection & Privacy Harriet Pearson

Hogan Lovells Expands Cybersecurity Practice; Launches Cyber Risk Services

Anyone reading this blog already knows that cybersecurity is a team sport. No longer does the IT security department bear sole responsibility for protecting a company’s data and systems. Today companies are setting up enterprise-wide councils to oversee cybersecurity that include lawyers, risk managers, technical professionals, and other leaders. And if a breach occurs, that team gets even more diverse … Continue Reading

Posted in Data Protection & Privacy H. Deen KaplanHarriet PearsonTimothy Tobin

New York Department of Financial Services Previews Rigorous Cybersecurity Rules for Financial Sector

On November 9, 2015, Anthony Albanese, Acting Superintendent of the New York State Department of Financial Services (NYDFS), issued a letter to a wide array of federal and state financial services regulators that are part of the Financial and Banking Information Infrastructure Committee (FBIIC). The FBIIC members work together to enhance the reliability and security of financial sector infrastructure. … Continue Reading

Posted in Data Protection & Privacy Eduardo UstaranHarriet PearsonBret Cohen

EU Data Transfers: Considering Your Options After Friday’s Article 29 Working Party Statement

The EU’s Article 29 Working Party issued a statement on Friday on the recent Schrems decision invalidating the adequacy of the EU-U.S. Safe Harbor framework, emphasizing that affected businesses should start to put in place legal and technical solutions in a timely manner to meet EU data protection standards.  The statement gave a January 2016 deadline for companies to come Continue Reading

Posted in Data Protection & Privacy Winston MaxwellHarriet PearsonBret CohenEduardo Ustaran

Safe Harbor Invalidated – What Next?

On 6 October 2015, the Court of Justice of the European Union (CJEU) declared the EU-US Safe Harbor framework invalid as a mechanism to legitimize transfers of personal data from the EU to the US.  This decision effectively leaves any organisation that relied on Safe Harbor exposed to claims that such data transfers are unlawful.

Safe Harbor was jointly devised … Continue Reading

Posted in Data Protection & Privacy Harriet PearsonMichelle Kisloff

Seventh Circuit Finds Article III Standing Following Data Breach, but Significant Hurdles Remain for Plaintiffs Seeking Recovery

In a move counter to the trending precedent in data breach litigation, the U. S. Court of Appeals for the Seventh Circuit ruled on July 20 that data breach plaintiffs whose personal information was potentially exposed in a confirmed hacking breach of a major retailer’s network alleged enough risk of harm to meet the standing requirements of Article III of … Continue Reading

Posted in Policy & Regulation Paul OttoHarriet PearsonH. Deen KaplanBeth Peters

Executive Order Authorizes Economic Sanctions as New Tool for U.S. Cyber Defense

On 1 April 2015, President Obama signed an Executive Order authorizing the imposition of sanctions on individuals and entities determined to be responsible for or complicit in malicious cyber-enabled activities constituting a significant threat to the national security, foreign policy, or economic health or financial stability of the United States.

Read More: Executive Order Authorizes Economic Sanctions as New Tool Continue Reading