Monthly Archives: January 2017

For internet-of-things watchers, some information to chew on:  several news outlets have reported on a dispute between Amazon and law enforcement investigators in Bentonville, Arkansas.  Arkansas police are investigating an apparent homicide that took place in November 2015, and have charged one suspect with murder.  Searching the house where the crime took place, investigators uncovered an Amazon Echo device, a personal digital assistant that can be activated by voice commands.… More

The new (EU) 2016/679 General Data Protection Regulation (GDPR) will enter into force on 25 May 2018. Its scope is broader than that of the current 95/46/CE Directive, which means that more companies headquartered outside of the EU will have to comply with European data protection rules than under the current regime.

The 95/46/CE Directive set up a European body, the Article 29 Working Party,… More

Who should you call when you suspect, or are certain of, a data breach?  Data breaches and other cybersecurity incidents have become of a fact of life.  Yahoo! recently disclosed that data for over one billion users was compromised in 2013.  Hundreds of incidents affecting millions of records were reported in 2016 alone.  So when — not if — your company suffers a breach,… More

US companies with employees or clients in Switzerland will be interested to hear that the new Swiss-US Privacy Shield was approved on 11 January.

Although Switzerland is not a member of the European Union, its data protection law (Federal law of ‎19 June 1992) is very similar to the European 1995 Data Protection Directive. According to the Federal law, the transfer of personal data outside of the country is not allowed if that would pose a serious threat,… More

Written by James Swann | This article was originally published in Bloomberg BNA Health Care Daily Report

An Illinois health system has reached a $475,000 settlement over allegations it waited too long to report a data breach, the first time the government has settled over untimely breach notifications.

Presence Health uncovered a data breach on Oct. 22, 2013 affecting 836 individuals,… More

The recent hack of the Democratic National Committee (DNC) and the United States’ subsequent decision to impose retaliatory sanctions against Russia poses an important question:  what does international law have to say about state-sponsored cyberattacks?  Unfortunately, and perhaps unsurprisingly, the answer is, very little.  While technological innovation races ahead at warp speed, international law has lagged behind.

There are no international treaties on cyber warfare.… More

In late December, New York’s Financial Services Superintendent Maria T. Vullo announced that the New York’s Department of Financial Services’ (“DFS”) new cybersecurity regulations would not go into effect on January 1, 2017 as initially planned.  These “first-in-the-nation” cybersecurity regulations were designed to help protect consumers and the financial system from the increasingly serious threat of cyberattacks.  However, the regulations faced opposition from the financial services companies and insurers that would have been subject to them.… More