The Australian parliament has enacted “'world-leading” legislation introduced by the government which bans children under the age of 16 from using social media platforms such as Facebook, TikTok, and others. According to lawmakers in Australia, the law will mitigate the harm social media poses to children.
The law will introduce the ban in late 2025. Social media platforms will be ...
Two new instructive documents published by the European Data Protection Board (EDPB) clarify the responsibilities of controllers in verifying processers’ ability to provide adequate data protection, and when “legitimate interests” can be relied on as the legal basis for processing.
According to the EDPB's opinion on the controller's oversight responsibilities, controllers must actively verify sufficient compliance by processors and sub-processors, ...
The European Union has enacted the Cyber Resilience Act (Regulation (EU) 2024/2847), establishing comprehensive cybersecurity requirements for products with digital elements, including those utilizing artificial intelligence (AI).
The Cyber Resilience Act applies to all products with digital components, whether hardware or software and requires adherence to uniform cybersecurity standards. For example, manufacturers are obligated to design and develop products that ...
In an appeal by the Texan internet service provider (ISP) Grande Communication Networks LLC (“Grande”), a U.S. federal court of appeals upheld the lower court's decision finding the ISP liable for copyright infringements and pirating practices committed by its subscribers. However, the court of appeals dismissed the nearly $47 million dollar jury verdict of the lower court.
In the lower ...
The U.S. Securities and Exchange Commission (SEC) charged four companies with making materially misleading disclosures regarding cybersecurity risks and intrusions. The companies have settled the SEC’s charges, paying a total of $7 million in civil penalties.
The companies, Unisys Corp., Avaya Holdings Corp., Check Point Software Technologies Ltd, and Mimecast Limited, were victims of breaches resulting from the SolarWinds Cyber-attack ...
A recent U.S. federal district court decision in California has underscored the duty of care software developers owe to individuals whose data is exposed in cyberattacks, even if they are not direct software users. The case involved Accellion, whose legacy file transfer software (FTA) was breached twice between late 2020 and early 2021. The breach led to the disclosure of ...
Two new instructive documents published by the European Data Protection Board (EDPB) clarify the responsibilities of controllers in verifying processers’ ability to provide adequate data protection, and when “legitimate interests” can be relied on as the legal basis for processing.
According to the EDPB's opinion on the controller's oversight responsibilities, controllers must actively verify sufficient compliance by processors and sub-processors, ...
The Israeli Privacy Protection Authority (the “PPA”) published the final version of its position paper regarding international transfers of personal information. Like the draft paper in 2022, the final version recognizes the significant practical difficulties that regulations on international data transfers raise, given Regulation 3 of the Privacy Protection Regulations (Transfer of Information to Databases Outside the State’s Boards), 5761-2001 ...
New user? Click here to register