Penalties and Enforcement Archives

Australia Increases Penalties With New Privacy Bill

November 30, 2022
Editorial Team
Australia, Data Breach, Data Privacy, Penalties and Enforcement
0 Comments

On October 26, Australian Attorney General Mark Dreyfus presented the Australian parliament with the Privacy Legislation Amendment (Enforcement and Other Measures) Bill 2022, (Bill). If approved, the Bill will implement significant amendments to the Australian Privacy Act 1988. According to…

CPRA Amended and Updates Regarding the CDPA

November 16, 2021
Editorial Team
California, CDPA, CPRA, Data Protection Agency, Penalties and Enforcement

State governments in California and Virginia are making efforts to improve their respective data privacy and protection laws. Last month, California passed a suite of new privacy laws that will affect CPRA. Meanwhile, Virginia’s CDPA Work Group issued its final report, which will be presented during the upcoming legislative session. Updates: California Privacy Rights Act…

Become a member to access this content.

Cyber Ransoms: To Pay or Not to Pay?

November 5, 2021
Editorial Team
Cybercrime, Cybersecurity, OFAC, Penalties and Enforcement, Ransomware, Sanctions

Ransomware attacks are an increasingly prevalent form of cyber threat. COVID-19 has contributed to the increase in ransomware attacks, as remote workforces are increasingly dependent on email and therefore susceptible to phishing attacks. In a typical ransomware attack, the hacker encrypts key files and systems at the target organization to cripple its operations and demands…

Become a member to access this content.

Courts Rule on When a Data Breach of PII is Actionable

October 29, 2021
Editorial Team
Breach response, Courts, Data Breach, Penalties and Enforcement, Personal Information, Personally Identifiable Information (PII)

The Second Circuit recently joined a growing number of federal courts to decide when a data breach of personally identifiable information (“PII”) is actionable. According to the Second Circuit, plaintiffs do not have standing to bring a lawsuit when there is no allegation their PII was targeted or misused. The Second Circuit’s decision To bring…

Become a member to access this content.

China’s Personal Information Protection Law: Key Takeaways

October 27, 2021
Editorial Team
Breach Notification, China, Cross-Border Data Transfers, Data Governance, Data Privacy, GDPR, Governance, Legislation, Penalties and Enforcement, Personal Information, PIPL

On August 20, 2021, China’s first comprehensive Personal Information Protection Law (“PIPL”) was passed into law. The Cybersecurity Law, the Data Security Law, and the PIPL of China are the three pillars of China’s data protection framework, which govern cybersecurity, data security, and personal information protection respectively. The Cybersecurity Law largely governs cybersecurity requirements for…

Become a member to access this content.

Initial Defenses Under the CCPA and CPRA: 8 Key Takeaways

October 19, 2021
Editorial Team
Business, CCPA, Class Actions, Consumer Privacy, CPRA, Penalties and Enforcement

Since the Jan. 1, 2020 kickoff for private enforcement under the California Consumer Privacy Act (CCPA), plaintiffs have filed scores of class actions invoking the CCPA. Such claims, when properly made, present substantial risk to companies including statutory damages up to $750 per consumer. Early key takeaways can help companies limit risk under the CCPA…

Become a member to access this content.

DOJ Announces National Cryptocurrency Enforcement Team

October 12, 2021
Editorial Team
AML, Blockchain, Cryptocurrency, Cybercrime, Department of Justice, Federal Agencies, Financial Services, Penalties and Enforcement, US Regulatory

On October 6, the Department of Justice (“DOJ”) announced the creation of a National Cryptocurrency Enforcement Team (“NCET”). The DOJ press release is set forth in part below, without further commentary, other than to observe that the NCET’s stated goals are to address issues on which we repeatedly have blogged: crypto exchangers and their AML…

Become a member to access this content.

UK Ranks Second Highest in GDPR Fines

September 28, 2021
Tim Crino
Compliance, European Union, GDPR, Penalties and Enforcement, United Kingdom

A new report from cybersecurity company ESET found that the UK ranks second highest in average GDPR fine value ($10 million), despite issuing the lowest number (five) of GDPR fines in the EU. Spain issued the highest number of fines (273), while Luxembourg issued the highest value fines. The report found that more than 650…

Become a member to access this content.

New Ransomware Guidance Issued

September 25, 2021
Michael Reinhardt
Breach response, Cybercrime, Cybersecurity, Federal Agencies, OFAC, Penalties and Enforcement, Ransomware, US Regulatory

On September 21, 2021, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) issued new ransomware guidance, discouraging companies and citizens from paying ransoms. The Updated Advisory on Potential Sanctions Risks for Facilitating Ransomware Payments is the latest step taken by the Biden Administration to curb the increase in ransomware attacks. In…

Become a member to access this content.

How Cybersecurity Frameworks Can Protect Your Organization (Even in the Event of a Breach)

September 10, 2021
Editorial Team
Breach Notification, Breach prevention, Breach response, Compliance, Consumer Privacy, Cybersecurity, Data Privacy, Data Protection, Federal Trade Commission (FTC), NIST, Penalties and Enforcement, Privacy, State Laws

It’s certainly no secret how damaging data breaches can be for organizations today. And if lost revenue and a tarnished reputation aren’t enough to make you want to act, your organization could face punitive damages if you fail to protect your customers’ private information. Yes, that’s right—steep fines imposed by regulatory agencies can await those…

Become a member to access this content.

Page 1
Page 2
Next