By: Sydney White

The U.S. Board of Governors of the Federal Reserve System, the U.S. Office of the Comptroller of the Currency (OCC), and the U.S. Federal Deposit Insurance Corporation (the “Agencies”), released an Advanced Notice of Proposed Rulemaking (“ANPR”) on October 20, requesting comments by January 17, 2017, on enhanced cybersecurity risk management rules for the financial sector, particularly companies that are interconnected with other industries. 
Continue Reading

By: Carolyn Bigg

After a third deliberation, the Chinese government passed the new PRC Cybersecurity Law on 7 November 2016. The new law will come into force on 1 June 2017 and has significant implications for the data privacy and cybersecurity practices of both Chinese companies and international organisations doing business in China.
Continue Reading

By: Jim Halpert and Anne Kierig

Online businesses and those with mobile applications have a new incentive to post privacy policies that comply with the California Online Privacy Protection Act (CalOPPA).  California Attorney General Kamala Harris launched an online tool Friday through which people can report websites, mobile apps, and other online services that they allege are in violation of the law.  A business is in violation of CalOPPA if it fails to post privacy policies or posts policies that are incomplete and it fails to cure that violation within 30 days of notice from the Attorney General’s Office.  
Continue Reading