Month: August 2023
CFPB Announces Plans to Extend FCRA to Data Brokers through Rulemaking
At an August 15, 2023, White House roundtable, Consumer Financial Protection Bureau (CFPB) Director Rohit Chopra announced plans to issue rules that would extend the Fair Credit Reporting Act (FCRA) to certain “data broker practices.” This announcement and a concurrently issued fact sheet come on the heels of a March […]
United Kingdom: Injunctive Relief Against Persons Unknown – The Ransomware Edition
On 11 July 2023, the English High Court handed down its decision on the claimant’s application in Armstrong Watson LLP v. Persons Unknown, granting judgment in default and final injunctive relief. Specifically, the court granted the claimant permanent injunctive relief against persons unknown – a group of unidentified hackers – […]
Breached the GDPR? Calculate your own fine!
The General Data Protection Regulation (GDPR) is a difficult piece of legislation to comply with, and not meeting some of its requirements may lead to hefty fines of up to 4% of global annual revenues of the preceding year or 20 million euros, whichever is highest. Organisations may find it […]
China Issues Measures on Generative Artificial Intelligence Services
On July 13, 2023, the Cyberspace Administration of China (CAC) and six other Chinese government agencies jointly released the final version of the Interim Administrative Measures for Generative Artificial Intelligence Services (see the Chinese version here). These measures will enter into force on August 15, 2023. For background, the CAC […]
SEC Adopts Comprehensive Cybersecurity Disclosure Requirements
On July 26, 2023, the Securities and Exchange Commission (SEC) voted at an open meeting to adopt final rules to mandate standardized cybersecurity disclosures by public companies. The final rules will: The final rules will become effective 30 days after publication in the Federal Register. Companies other than smaller reporting companies […]