188bet金博宝隐私法博客

Solarwinds供应商供应链攻击:及时理由审查风险评估和供应商合同的程序

据上周报道,国家赞助的黑客可能会通过Solarwinds提供的广泛使用的软件产品突破多个美国政府网络。已知为ORION的受损产品可帮助组织管理其网络,服务器和网络设备。软件更新中的黑客隐藏恶意软件,允许黑客执行侦察,提升用户权限,横向移动到其他环境并泄露组织的数据。金博宝188登录

赎金软件的监管镇压

In recent years, Ransomware has evolved from merely encrypting files/disabling networks in solicitation of ransom, to sophisticated attacks that often involve actual data access, theft and sometimes, the threat of publication. These sophisticated malware attacks frequently destroy backups and provide criminals even more leverage over their victims, coercing them to pay ransoms. Ransomware does not just target businesses – it is often used to attack hospitals, research institutions, and other public services that are especially critical during this global pandemic.

阅读Proskauer的资本承诺博客上的全帖

188asia.com

合格企业还有一年来遵守CCPA的某些主要规定。CCPA或2018年加州消费者隐私法案是一项加利福尼亚州法律,赋予加州消费者,广泛定义,包括所有加利福尼亚州的居民,某些权利关于他们的个人信息。即,它为消费者提供了了解企业收集的个人信息的权利;知道企业与该信息有什么关系;如果商业销售个人信息,则右侧选择退出某些个人信息。反过来,加利福尼亚州的企业的合格企业必须在某些允许消费者实现这些权利的某些政策,做法和方法。188asia.com

一个跨境机制无效,另一个坚持:在CJEU的Schrems II决定之后的想法

2020年7月16日,欧盟司法法院(CJEU)无效Decision 2016/1250 on the adequacy of the protection provided by the欧盟 - 美国隐私盾牌那ruling, among other things, that U.S. domestic law governing law enforcement access to transferred data does not satisfy the GDPR’s requirements because, as the Court stated, U.S. surveillance programs are not limited to “what is strictly necessary to achieve the legitimate objective in question”. In a separate portion of the opinion, however, the CJEU upheld as valid Commission Decision 2010/87 on standard contractual clauses (SCCs) for the transfer of personal data to processors established in third countries. This is the second ruling (known commonly as “Schrems II“)被CJEU推翻了一项既定机制,将个人数据从欧盟转移到美国,实际上只有五年前1888BET 使长期欧盟 - 美国无效。安全港,这是一种在大西洋转移数据的方法,而不运行欧盟数据保护指令,是GDP的前身。金博宝188登录

CCPA:加利福尼亚州律师将军释放最终提出的法规

On June 1, 2020, the California Attorney General’s office released the third and final set of CCPA proposed regulations (available这里)。下面,我们提供有关最终拟议法规和执法行动的信息。金博宝188登录

网络安全: SEC and Other Regulators

在当今世界,网络安全漏洞和threats are pervasive concerns for any business entity, without exception. Working from home arrangements due to COVID-19 constraints only magnify the risk and create further vulnerabilities for companies. Companies should be aware of (1) the key cyber threats they face, (2) the consequences of a breach, and (3) the statutory and regulatory framework governing cybersecurity.网络安全漏洞是独一无二的,因为实体可以成为违约的受害者,仍然被发现有一定程度的责任。幸运的是,公司可以实施的预防措施,以帮助防止违约并减轻违约的范围和损坏。我们将详细说明采取违反行动的步骤以及如何在即将到来的职位中有效地应对违约。

阅读Proskauer的全部帖子,您的业务博客

* * *

Proskauer’s cross-disciplinary, cross-jurisdictional Coronavirus Response Team is focused on supporting and addressing client concerns. Visit our冠状病毒资源中心for guidance on risk management measures, practical steps businesses can take and resources to help manage ongoing operations.

法国DPA发出指导围绕Web刮的习俗实践

On April 30, 2020, the French data protection authority, theCNIL,出版A.guidance围绕其所谓的“商业勘探”背后的考虑因素,意思是缩短公开可用的网站数据,以获取个人联系信息,以便向第三方出售以进行直接营销目的。这两方面的指导是显着的。首先,在GDPR和隐私问题的背景下,它就在CNIL对此活动的看法说。其次,除了直接营销相关隐私问题的背景下,指导为开展筛选活动或雇用外部供应商收集和包装此类数据的公司制定了一些指导原则。金博宝188登录

lexblog.