When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Healthcare Document Retention
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Information Security and ISO 27001
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
Data Centers: Demand, Development, and Future Challenges With Ali Greenwood — TAG Infrastructure Talks Podcast
AGG Talks: Women in Tech Law - Episode 1: Charting the Course: Women Trailblazing in Cybersecurity and Crisis Governance
CYBERSECURITY - Nineteen States Have Banned TikTok on Government-Issued Devices - Governors of numerous states have issued Executive Orders in the past several weeks banning TikTok from government-issued devices and...more
According to the National Security Agency, actors backed by the Chinese government are actively targeting a zero-day vulnerability in two commonly-used Citrix networking devices. The exploit (CVE-2022-27518) affects Citrix...more
CYBERSECURITY - CISA Lists Top CVEs Exploited by Chinese State-Sponsored Cyber Actors - The Cybersecurity & Infrastructure Security Agency (CISA) recently issued an Alert outlining the top Common Vulnerabilities and...more
The Cybersecurity & Infrastructure Security Agency (CISA) recently issued an Alert outlining the top Common Vulnerabilities and Exposures (CVEs) that have been used by the People’s Republic of China (PRC) state-sponsored...more
Hackers allegedly stole the personal data of over 1 billion Chinese residents from a police database in Shanghai earlier this year – and the largest potential data privacy breach in the nation’s history should serve as a...more
CYBERSECURITY - Chinese APT41 Attacking State Networks - Although we are receiving frequent alerts from CISA and the FBI about the potential for increased cyber threats coming out of Russia, China continues its cyber...more
Although we are receiving frequent alerts from CISA and the FBI about the potential for increased cyber threats coming out of Russia, China continues its cyber threat activity through APT41, which has been linked to China’s...more
In Part 2 of this series, we discussed how the Personal Information Protection Law (“PIPL”), the centerpiece of China’s personal information (“PI”) protection law, needs to be read in conjunction with other relevant laws,...more
Microsoft has issued frequent updates on the Log4j vulnerability that we have been hearing so much about. The vulnerability is a serious problem that will become more widespread as time goes on....more
While everyone hoped that 2021 would be less tumultuous than 2020, it certainly did not turn out that way in the end. The same was true in the world of data privacy – with sweeping new data protection regulations and guidance...more
Report on Patient Privacy 21, no. 10 (October, 2021) - Conducting a risk analysis is a basic tenet of security compliance, with the overarching goal of understanding where protected health information (PHI) “lives” in an...more
Earlier this June, China passed the Data Security Law (“DSL”), which will go into effect on September 1, 2021. Unlike many international data security laws, the DSL is not restricted to personal information and instead...more
China's draft Personal Information Protection Law (PIPL) has just gone through the second reading and is now near final form and expected to be finalized very soon. Once promulgated, it will be the first comprehensive law on...more
The United States government, states, municipalities, and private companies all have been trying to defend themselves from cyber warfare from foreign adversarial governments, including Russia, China, and North Korea, for...more
On October 21, 2020, the Standing Committee of the National People’s Congress (NPC) of the People’s Republic of China (PRC) released the draft PIP Law for public comment. With the big data industry rapidly growing in China...more
UNITED STATES - Regulatory—Policy, Best Practices, and Standards - Cybersecurity Standards Issued for Government Contractors - On January 31, the Office of the Under Secretary of Defense for Acquisition and...more
Data protection authorities from around the world are stepping in to provide their input and guidance on the matter of data processing activities and the fight against the coronavirus. Hogan Lovells’ global Privacy and...more
City of Durham, NC Hit With Ryuk Ransomware - Another city—Durham, North Carolina—has become the victim of a ransomware attack stemming from a Russian hacker group following a successful phishing scheme. After falling...more
What do tornadoes, hurricanes, earthquakes, wildfires, and the coronavirus have in common? Scams. Disasters seem to beget scammers well versed in both price gouging and knockoff peddling, as well as phishing schemes and...more
Ransomware Attacks Predicted to Occur Every 11 Seconds in 2021 with a Cost of $20 Billion - Confirming what we are seeing in the field, cybersecurity firm Cybersecurity Ventures has predicted that, globally, businesses in...more
Researchers at Sentinel One and Dragos have detected malicious code, called EKANS or Snake, that has been designed specifically to target industrial control systems (ICS), including those of oil refineries, manufacturing...more
Concern over the spreading coronavirus from China is legitimate and real. The World Health Organization (WHO) has declared the coronavirus a global health emergency, and the United States and other countries are limiting...more
On October 1, 2019, China’s new regulation to protect personal data related to children – called the “Measures on Online Protection of Children’s Personal Data” – went into effect. As we wrote in June, when a draft of the...more
On 28 May 2019, the Cyberspace Administration of China (CAC) released the “Data Security Management Measures (Draft for Comments)” (Draft Measures) (unofficial English translation here), containing detailed rules to expand...more
International companies should keep in mind recent developments coming out of Asia on the privacy front. Chinese authorities are reported to be confiscating smartphones at the border to install surveillance apps. Companies...more