No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
Life With GDPR: Episode 104 – Solar Winds and Your Mother – Tell The Truth
No Password Required: American University’s Vice Provost for Research and Innovation and a Tracker of (Cyber) Unicorns
Snooping Sadia Talks to Former Official Gene Fishel — Unauthorized Access Podcast
Life With GDPR: Critical Perspectives on Big Law Firm Cybersecurity
No Password Required: Chief Adversarial Officer at Secure Yeti, a DEF CON Groups Global Ambassador, and a World-Class Awkward Hugger
2023 DSIR Deeper Dive: How International and Domestic Regulatory Enforcement Spotlights the Information Governance Tensions Between ‘There’ and ‘Here’ and Between ‘Keep’ and ‘Delete’
Marketing Minute with NP Strategy (Video): How to Respond to a Cyber Security Breach
Life With GDPR – Lessons Learned from The Singtel Opus Data Breach
State AG Pulse | CT AG Reacts to Genetic Data Breach
Cybersecurity in Video Games & Esports
2023 DSIR Deeper Dive: State Privacy and Data Collection
In a recent case, Pacini & Anor v Dow Jones & Company Inc., the publisher of the Wall Street Journal unsuccessfully applied to strike out a data protection claim concerning two historic articles....more
By March 31, 2025, U.K. firms regulated by the Financial Conduct Authority will be required to have conducted mapping and testing to ensure they remain within their impact tolerances for identified operational risks of...more
SEC Fines the New York Stock Exchange’s Parent Company $10 million for Failure to Promptly Notify Its Subsidiaries of Cybersecurity Breach - On May 22, 2024, the Securities and Exchange Commission (“SEC”) imposed a $10...more
Last year proved to be a big year in data protection with U.S. state data protection laws popping up across the country, the FTC updating its guidance and regulations on everything from data breaches and biometric...more
With the pensions industry having direct experience of recent cyber security incidents, the Pensions Regulator (TPR) has updated its guidance for trustees in this area. As a reminder, this year saw Capita suffer a cyber...more
Welcome to the latest edition of Updata – the international update from Eversheds Sutherland’s dedicated Privacy and Cybersecurity team. Updata provides you with a compilation of privacy and cybersecurity regulatory and...more
Cross Border Transfers of Data. UK Data Transfers. The UK government has published a U.S. “adequacy decision” which permits U.S. organizations that have certified to the EU-US Data Privacy Framework (DPF) and UK Extension...more
Welcome to your weekly update from the Allen & Overy Pensions team, covering all the latest legal and regulatory developments in the world of workplace pensions. This week we cover the following topics: HMRC Pensions Tax...more
I recently had the chance to visit with Jonathan Armstrong on a recent data breach case that occurred in the health service provider NHS Lanarkshire (Scotland) during the COVID-19 pandemic. This breach serves as a stark...more
As cybersecurity breaches remain a common threat globally, the UK government has published a cybersecurity breach survey detailing various cybersecurity policies, processes, and reliances for all types of business....more
Paying a cyber ransom will, allegedly, secure your data and give you back control of your systems. But there are legal, operational and ethical risks to consider....more
Data is yet again at the top of the agenda in the UK Parliament. Seeking to balance the need for the protection of privacy of data and enabling data-driven growth, the UK Department for Science, Innovation and Technology...more
The story so far - In July 2022 the Data Protection and Digital Information Bill (the original Bill) was introduced into Parliament and we finally got sight of the UK Government’s intended direction for data protection...more
Editor’s Note: On February 15, 2023, HaystackID shared an educational webcast to provide valuable insight into the ways in which AI is being used to address key issues in the realm of privacy and cybersecurity. The expert...more
The UK’s new Code of Practice for App Store Operators and App Developers provides companies with privacy-related resources. It also highlights ICO privacy expectations. Participating in the code is done by voluntarily...more
The British Virgin Islands ("BVI") Data Protection Act, 2021 ("DPA") came into force on 9 July 2021. It was introduced so the BVI would have a data protection framework which is broadly similar to EU and UK standards. To...more
In this month’s Privacy & Cybersecurity Update, we examine the European Commission’s draft adequacy decision on the EU-U.S. Data Privacy Framework, as well as guidance from the U.K. Information Commissioner’s Office on...more
The crucial question that a company and its board will face if it suffers a cyber security breach is: "Had you taken reasonable steps to try to prevent a breach, and to prepare to handle any breach that occurred?" If the...more
Introduction - The number of class actions brought in the UK is likely to grow considerably in the coming years. In particular, we expect claimant firms to continue making claims for misuse use of data where an issue...more
The Department for Digital, Culture, Media & Sports (DCMS) confirmed on August 30, 2022, that it will push forward with tough new regulations and a code of practice to bolster the security and resilience of the United...more
In a recent letter to the UK law society, the UK Information Commissioner’s Office and the National Cyber Security Centre have provided lawyers with advice about ransomware payments...more
On 31 January 2022, the English High Court delivered its judgment in Stadler v Currys Group Limited (EWHC 160 (QB)); the latest in a series of rulings which appear set to constrain the relatively nascent UK data breach claims...more
In this episode of Life with GDPR, Jonathan Armstrong and I return to take a deep dive into class action litigation in the UK and EU around data privacy and data protection. We consider some issues in class action lawsuits...more
The decision of the UK Supreme Court in Lloyd v Google is a welcome relief for data controllers. However, is it the end of class actions for data breach?...more
The United Kingdom’s Supreme Court, its highest court, blocked a bid for a $4.3 billion class action against Google over claims the company violated the country’s Data Protection Act (DPA). The claimants alleged that Google...more