Global Privacy & Cybersecurity Update Issue 21 | February 2019 Jones Day GLOBAL PRIVACY & CYBERSECURITY UPDATE View PDF | Forward | Subscribe | Subscribe to RSS | Related Publications United States | Latin America | Europe | Asia | Australia Jones Day Cybersecurity, Privacy & Data PRACTICE DIRECTORY Protection Lawyer Spotlight: Edward S. Chang Daniel J. McLoon, Los Angeles Mauricio F. Paez, New York Data privacy and securityrelated Jay Johnson, Dallas class actions appear to be on the Jonathon Little, London rise, and effectively defending Elizabeth A. Robertson, London them requires the right mix of Todd S. McClelland, Atlanta substantive and procedural Jeff Rabkin, San Francisco knowledge. Edward Chang is a Lisa M. Ropple, Boston partner based in Irvine, California, Adam Salter, Perth and, for nearly 15 years, has Michiru Takahashi, Tokyo represented institutional clients in Undine von Diemar, Munich a wide array of complex litigation matters, with an Richard M. Martinez, Minneapolis emphasis on cybersecurity, privacy, and consumer issues. Samir C. Jain, Washington He has served as lead counsel in hundreds of class and John A. Vogt, Irvine individual actions, complicated business disputes, and Edward S. Chang, Irvine regulatory investigations, including betthecompany Aaron D. Charfoos, Chicago matters. Elizabeth Cole, Singapore Chiang Ling Li, Hong Kong As a leader in Jones Day's cybersecurity practice in Richard DeNatale, San Francisco California, Ed advises clients on their most sensitive Olivier Haas, Paris business and cybersecurity issues. He advises industry Jörg Hladjk, Brussels leaders on a variety of cyber and privacy matters, Guillermo E. Larrea, Mexico City including industry standards, cybersecurity management, Todd Kennard, Columbus data governance, thirdparty management, product Jimmy Kitchen, Pittsburgh liability risk, licensing, and regulatory and litigation risks. Ryan M. DiSantis, Boston Ed also advises clients on databreach response and data Matthew L. Jacobs, Washington breach class actions filed in state and federal courts across the country, including working on a team handling EditorinChief: Kerianne N. Tobitsch more than 47 nationwide databreach class actions in one Partner Lead: Jay Johnson of the largest databreach matters in U.S. history HOT TOPICS IN THIS ISSUE United States Additional U.S. States Propose Bills Regulatory—Policy, Best Practices, and with CCPALike Provisions Standards Canadian Health Department Seeks NIST Evaluates Advances in Face Recognition
Comment on Medical Device Software Cybersecurity Guidance On November 30, 2018, the National Institute of Standards and Technology ("NIST") published a report Argentinian Agency Approves evaluating the accuracy of facial recognition software. Guidelines for Binding Corporate NIST's study found that between 2014 and 2018, facial Rules recognition software became 20 times better at searching databases to find matching photographs. The evaluation EU Negotiators Reach an Agreement used 127 software algorithms from 39 different on Cybersecurity Act developers, which represent the bulk of the industry. European Commission Adopts NIST Proposes Steps to Modernize Technology Adequacy Decision on Japan Transfer and Innovation On December 6, 2018, NIST released a draft green paper RECENT AND UPCOMING SPEAKING ENGAGEMENTS with proposed steps to modernize the transfer and commercialization of technology developed through federally funded research and development initiatives. Industrial IoT, Privacy. Security. The proposals include updating legal tools for the transfer Risk. 2019, Las Vegas (September of technology, such as intellectual property rights for the 2019). Jones Day Speaker: licensing and commercial development of federal Mauricio Paez research. The draft green paper includes input from 2019 Fourth Annual Latin America federal stakeholders, such as the National Science and Privacy & Cybersecurity Symposium, Technology Council's LabtoMarket Subcommittee, as Mexico City (May 2019): Jones Day well as public comments. Speakers: Mauricio Paez, Guillermo Regulatory—Consumer and Retail Larrea, Todd McClelland, Olivier Haas, and Rick Martinez FTC Releases Do Not Call Registry Data for Fiscal Year 2018 Data Privacy, Retail Robotics & AI On December 6, 2018, the Federal Trade Commission Conference, Northwestern ("FTC") released the National Do Not Call Registry Data University, Evanston, IL (April 2019). Book for Fiscal Year 2018, along with statebystate Jones Day Speaker: Mauricio Paez analyses of the data. The number of registrants with the Fraud & Breach Summit, Information Do Not Call list has increased significantly, while the Security Media Group, Dallas, Texas number of complaints has decreased and the most (April 2019). Jones Day Speaker: prevalent types of calls have changed. Jay Johnson FTC Holds Hearings on Data Security 50 Points of Law—What's New & On December 1112, 2018, the FTC held hearings on data Dangerous in Civil Litigation!, MCLE security as part of its examination of consumer protection 50th Anniversary Series, Boston, in the 21st century. The hearings included discussions on Massachusetts (April 2019). Jones incentives to invest in data security, consumer demand Day Speaker: Lisa Ropple for data security, data security assessments, a U.S. consumer framework for data security, and the FTC's data Cybercrime, Cryptocurrency, and security enforcement program. Video recordings and ICOs, Handling Your First (or Next) transcripts of the hearing are available on the FTC White Collar Crime Case, Texas website. State Bar, Austin, Texas (April 2019). Jones Day Speakers: Jay Retailer Discloses Cybersecurity Attack Johnson, Mark Rasmussen On December 21, 2018, a retailer disclosed that it was the victim of a cybersecurity attack involving suspicious login CIPP/E Training as part of the GDPR activity. The retailer planned to notify all customers whose Ready 4 Day Training of the IAPP, usernames and passwords may have been used to access Munich, Germany (March 2019). their accounts, even though there was no indication that Jones Day Speaker: Undine von the usernames and passwords used in the login attempts Diemar were obtained from its systems, or that any personal information stored on its customers' accounts were 2019 IoT National Institute, American obtained. Bar Association, Washington, D.C. (March 2019). Jones Day Speaker: Hotel Discloses Approximately 383 Million Records
Recommend
More recommend
