The U.S. Cybersecurity and Infrastructure Security Agency released cyberattack reporting rules for companies that operate critical infrastructure, The Wall Street Journal reports. The regulations require companies to "report significant cyberattacks within 72 hours and report ransom payments within 24 hours."
Full story
shareShare This
Related Stories
Pursuit of app-iness: the legal considerations of SDKs
Mobile apps that fail to uphold adequate data practices have been a recurring concern dating back at least to 2014 when whistleblower Edward Snowden revealed the popular gaming app Angry Birds and others like it engaged in the surreptitious collection and disclosure of personal information. A decade...
Analyzing the legal implications of using SDKs
With increased regulatory scrutiny on the use of software development kits, privacy professionals working for app developers are left to consider lawful incorporation of these technologies. IAPP Westin Research Fellow Andrew Folks, CIPP/E, CIPP/US, CIPM, outlines how SDKs enable data collection and ...
UK OfCom releases draft Children's Safety Codes of Practice
The U.K. Office of Communications published its draft Children's Safety Codes of Practice. The draft code lists more than 40 safety measures, which include age verification checks to prevent children from accessing harmful content, establishing a process for users to make complaints regarding servic...
TikTok sues US government over divestment law
TikTok sued the U.S. government over the new law forcing its parent company, ByteDance, to divest itself of the app or face a ban in the U.S., The New York Times reports. TikTok claimed the law violates the First Amendment, and the 270-day timeline to complete a sale of TikTok was unrealistic if Byt...
Colorado General Assembly approves children's privacy bill
The Colorado General Assembly approved Senate Bill 41 to add children's privacy amendments to the Colorado Privacy Act. Key provisions include requiring data controllers to take "reasonable care" to ensure their services are not harming minors and conducting a data protection assessment if there is ...
Comments
If you want to comment on this post, you need to login.