Header graphic for print
Global Media and Communications Watch The International Legal Blog for the Tech, Media and Telecoms Industry

Tag Archives: cybersecurity

Posted in Data Protection & Privacy Harriet PearsonPaul Otto

The “Final Final” is Here: NYDFS Cybersecurity Regulations

As Hogan Lovells previously reported, the New York State Department of Financial Services (NYDFS) has launched a significant initiative to impose detailed cybersecurity requirements on covered financial institutions. On February 16, NYDFS issued its Final Rules, following the initial proposed rules published in September 2016 and two rounds of feedback via industry complaints and public comment. The Final Rules … Continue Reading

Posted in Data Protection & Privacy Mark Parsons

“Cybersecurity Review” Takes Shape in China

On 4 February 2017, the Cyberspace Administration of China issued a draft of the Network Products and Services Security Review Measures (“Draft Measures”) for public comment: the Draft Measures remain open for comments until 4 March 2017.  The Draft Measures are follow-on legislation to China’s Cyber Security Law adopted on 7 November 2016, which will take effect on 1 June … Continue Reading

Posted in Policy & Regulation Andrew McGintyMark ParsonsNolan Shaw

China moves to implement security review of network products and services: but leaves foreign investor and manufacturer concerns unanswered

On 4 February 2017, the Cyberspace Administration of China issued a draft of the Network Products and Services Security Review Measures (“Draft Measures“) for public comment: the Draft Measures remain open for comments until 4 March 2017. The Draft Measures are follow-on legislation to China’s Cyber Security Law adopted on 7 November 2016, which will take effect from … Continue Reading

Posted in Data Protection & Privacy

New York Department of Financial Services Cybersecurity Rules Revised and Delayed

The New York Department of Financial Services (NYDFS) just issued major revisions to the cybersecurity regulations for financial institutions that were due to come into effect on January 1, 2017. To allow covered institutions more time to implement the rules, the effective date will now be March 1, 2017, with a series of staggered implementation dates beyond this. There are … Continue Reading

Posted in Data Protection & Privacy Conor Ward

The UK’s Cybersecurity Regulatory Landscape: An Overview

Have you visited our online client cybersecurity resource portal: Ready, Set, Respond? Designed by our cross-practice team of global practitioners to provide in-house counsel with the tools they need to prepare for the inevitable cybersecurity incident and quickly and easily stay up to date on the evolving state of cybersecurity regulation around the world, the portal is regularly updated … Continue Reading

Posted in Data Protection & Privacy Harriet PearsonPaul Otto

US Agencies Release Guidance for Securing the Internet of Things

The Internet of Things continues to draw broad interest from policymakers and regulators around the globe. Following on the heels of a major distributed denial-of-service attack in October 2016 that leveraged potentially millions of compromised IoT devices, members of Congress have sent letters to US federal agencies regarding the risks posed by insecure IoT devices and held a hearing about … Continue Reading

Posted in Internet, Technology, Telecoms & Broadband Wesley Platt

Winnik Forum Panelists Explore Cybersecurity in the Connected World

Hogan Lovells’ Winnik International Telecoms & Internet Forum  explored how the Internet of Things (IoT) may continue to expand the scope of cybersecurity concerns.  Cybersecurity risks for the IoT were previously synonymous with enterprise products.  Now these risks extend to consumer devices, services and applications.

According to cybersecurity leaders attending the forum, the IoT market needs new, market-driven approaches to … Continue Reading

Posted in Data Protection & Privacy Paul Otto

Recap of the OCR/NIST Conference on Safeguarding Health Information

Representatives from government and the private sector discussed the present state of healthcare cybersecurity, and experts discussed practical strategies for implementing the HIPAA Security Rule at the ninth annual “Safeguarding Health Information: Building Assurance through HIPAA Security” conference held from October 19–20, 2016 and co-hosted by the National Institute of Standards and Technology (NIST) and the Department of … Continue Reading

Posted in Data Protection & Privacy, Internet Conor Ward

The G-7 Fundamental Elements of Cybersecurity for The Financial Sector

Cyber risk has been high on the agenda of financial services regulators for some time now. In the UK, the FCA specifically addressed its concerns in its 2015/2016 Business Plan and it has an on-going programme of work which includes working with the PRA and Bank of England on visibility of IT resilience and risks at board level, and with … Continue Reading

Posted in Internet, Telecoms & Broadband

FCC Commissioners Discuss Issues Ranging from LTE-U to Privacy and Cybersecurity

Three Commissioners from the Federal Communications Commission (“FCC”) found areas of both agreement and disagreement in a wide-ranging discussion at the CTIA Super Mobility conference last week in Las Vegas. The discussion among Commissioners Mignon Clyburn, Ajit Pai, and Michael O’Rielly, moderated by CTIA President and CEO Meredith Attwell Baker, covered LTE-U, the Internet of Things, infrastructure, free data, competition, … Continue Reading

Posted in Data Protection & Privacy Julie BrillHarriet PearsonPaul Otto

FTC Highlights How Agency’s Approach to Data Security Aligns with NIST Cybersecurity Framework

The Federal Trade Commission (FTC) recently presented an analysis of how its approach to data security over the past two decades compares with the Framework for Improving Critical Infrastructure Cybersecurity (NIST Framework) issued in 2014 by the National Institute of Standards and Technology (NIST) and strongly endorsed by the White House.

The FTC’s recent blog post on “The NIST Continue Reading

Posted in Data Protection & Privacy

Privacy and Cybersecurity September 2016 Events

September 12
Cybercrime Compliance
Christian Tinnefeld will discuss compliance management requirements relating to new anti-cybercrime regulations at a Financial Experts Association event.
Location: Hamburg, Germany

 

September 15
Data and Business
Scott Loughlin will participate in a breakout session on “Privacy and Cybersecurity: A Big Deal for Big Deals” at the IAPP P.S.R. Conference.
Location:
Continue Reading
Posted in Data Protection & Privacy

HHS Issues New Guidance on Ransomware and HIPAA

The Department of Health and Human Services (HHS) released guidance on July 11, 2016, intended to help the healthcare industry prepare for and respond to ransomware attacks. Specifically, this guidance clarifies: (1) that a ransomware attack is considered a “security incident” under HIPAA, and (2) that a ransomware attack will typically be considered a “breach” by HHS unless entities are … Continue Reading

Posted in Policy & Regulation, Technology Jun WeiSherry GongNolan ShawAndrew McGintyMark Parsons

China’s second draft of the Cyber Security Law continues to propose more stringent regulation of cyberspace

On 6 July 2016, a second draft of the People’s Republic of China Cyber Security Law was released to the public for comment following its second reading by the Standing Committee of the National People’s Congress.  The deadline for submitting comments on the second draft is 4 August 2016.

Given the growing cyber threat globally, the Chinese move towards more … Continue Reading

Posted in Data Protection & Privacy Winston MaxwellTimothy Tobin

ENISA Jumpstarts Connected Car Cybersecurity Study for EU

With attention to connected car cybersecuity issues increasing globally, the European Union Agency for Network and Information Security (ENISA) is leading the EU’s first bloc-wide initiative to identify cybersecurity rules of the road for connected cars. On July 13, ENISA announced a study aimed at creating a comprehensive list of cybersecurity policies, tools, standards, and measures to enhance security in … Continue Reading

Posted in Data Protection & Privacy Julie Brill

Privacy Shield is the Right Replacement for Safe Harbour

Julie Brill, Hogan Lovells partner, and co-head of our global privacy and Cybersecurity practice, recently commented on the EU-US Privacy Shield for the EurActiv publication.  Her comments are republished here, with permission:

The free flow of data is essential to an ever-growing segment of the global economy.  Yet some policymakers and advocates, citing privacy concerns, have called for shutting off … Continue Reading

Posted in Data Protection & Privacy, Policy & Regulation Mark Parsons

Asia Pacific Data Protection and Cybersecurity Guide

The Asia Pacific region is undergoing significant development in data protection and cybersecurity regulation. These changes are impacting all business sectors.

Anticipating a new phase of development across the region we are delighted to share our latest briefing discussing the key trends and issues.

Click on the link below to read all about it. Asia Pacific Data Protection and Continue Reading

Posted in Data Protection & Privacy Paul Otto

Principles to Consider for your IoT Privacy and Security Program

Fifteen months after forming an Internet of Things (IoT) working group, on March 2, 2016, the Online Trust Alliance (OTA) released a final version of its IoT Framework (Framework) along with a companion Resource Guide that provides explanations and additional resources. The voluntary Framework sets forth thirty suggested guidelines that provide criteria for designing privacy, security, and sustainability into connected … Continue Reading

Posted in Data Protection & Privacy

FTC Commissioner Julie Brill To Co-Lead Hogan Lovells Privacy and Cybersecurity Practice as of 1 April

Hogan Lovells announced last week that Julie Brill will join the firm as a partner and co-director of the Privacy and Cybersecurity practice on 1 April.  Brill is a Commissioner at the Federal Trade Commission and her service will conclude on 31 March.

As co-director of the Privacy and Cybersecurity practice, Brill succeeds co-director and founding partner Christopher Wolf, who … Continue Reading

Posted in Data Protection & Privacy W. James DenvilPaul Otto

FTC Says Listen Up When Vulnerability Reports Come In

The FTC wants companies to listen. More precisely, the FTC wants companies to pay attention to and promptly to respond to reports of security vulnerabilities. That’s a key takeaway from the Commission’s recent settlement with ASUSTek (“ASUS”). In its complaint against the Taiwanese router manufacturer, the FTC alleged that ASUS misrepresented its security practices and failed to reasonably secure its … Continue Reading

Posted in Data Protection & Privacy

Cybersecurity Information Sharing Act Procedures and Guidance Released

The Cybersecurity Information Sharing Act of 2015 (CISA) provides limited liability protection and information disclosure protections for private-to-private and private-to-government cybersecurity information sharing. On February 16, 2016, two key U.S. agencies released a set of documents describing how CISA’s provisions are expected to work in practice. The materials released by the  Department of Homeland Security (DHS) and the Department of … Continue Reading

Posted in Data Protection & Privacy Katherine Gasztonyi

What’s New in the Cybersecurity National Action Plan

On February 9, 2016, President Obama directed his Administration to implement a Cybersecurity National Action Plan (CNAP), calling it a “bold reassessment of the way we approach security in the digital age.” Certainly, the cybersecurity budget increase associated with CNAP is significant: the 2017 Presidential Fiscal Year budget will be $19 billion—35% above that of Fiscal Year 2016.

What is … Continue Reading

Posted in Data Protection & Privacy, Internet Peter Watts

UK Government Boosts Digital Health Initiatives for NHS England

This week the Secretary of State for Health, Jeremy Hunt, announced that the Government will be investing £4.2 billion in digital health initiatives. The investment is part of the Government’s latest drive to create a “paperless” National Health Service (NHS) by 2020.

The full details of the funding are still being agreed between the Department of Health and NHS England. … Continue Reading