My Content
Insights

Israeli Government Advances "Spyware Law" Without Anti-Bribery Clause

The Israeli Ministerial Committee for Legislation approved the Bill on Police Access to Computer Material. The bill seeks to authorize courts to issue warrants allowing the police to covertly access computer material without the computer owner's knowledge or presence of witnesses. The bill restricts the warrants only to the investigation and prevention of offenses punishable by more than 10 years ...

U.S. Federal Court Decision Highlights Duty of Care in Software Security

A recent U.S. federal district court decision in California has underscored the duty of care software developers owe to individuals whose data is exposed in cyberattacks, even if they are not direct software users. The case involved Accellion, whose legacy file transfer software (FTA) was breached twice between late 2020 and early 2021. The breach led to the disclosure of ...

GDPR Guidance on a Controller's Oversight Responsibilities and Legitimate Interests

Two new instructive documents published by the European Data Protection Board (EDPB) clarify the responsibilities of controllers in verifying processers’ ability to provide adequate data protection, and when “legitimate interests” can be relied on as the legal basis for processing.

According to the EDPB's opinion on the controller's oversight responsibilities, controllers must actively verify sufficient compliance by processors and sub-processors, ...

Australia Enacts Ban on Social Media for Children Under 16

The Australian parliament has enacted “'world-leading” legislation introduced by the government which bans children under the age of 16 from using social media platforms such as Facebook, TikTok, and others. According to lawmakers in Australia, the law will mitigate the harm social media poses to children.

The law will introduce the ban in late 2025. Social media platforms will be ...

Europe Introduces Legislation for Security of Digital Products

The European Union has enacted the Cyber Resilience Act (Regulation (EU) 2024/2847), establishing comprehensive cybersecurity requirements for products with digital elements, including those utilizing artificial intelligence (AI).

The Cyber Resilience Act applies to all products with digital components, whether hardware or software and requires adherence to uniform cybersecurity standards. For example, manufacturers are obligated to design and develop products that ...

Two new instructive documents published by the European Data Protection Board (EDPB) clarify the responsibilities of controllers in verifying processers’ ability to provide adequate data protectio

Two new instructive documents published by the European Data Protection Board (EDPB) clarify the responsibilities of controllers in verifying processers’ ability to provide adequate data protection, and when “legitimate interests” can be relied on as the legal basis for processing.

According to the EDPB's opinion on the controller's oversight responsibilities, controllers must actively verify sufficient compliance by processors and sub-processors, ...

Insights