The National Association of Insurance Commissioners (NAIC) Privacy Protections Working Group (the “Working Group”) released Insurance Consumer Privacy Protection Model Law #674 (“Model 674”) for comment on February 1, 2023. Model 674 is intended to modernize and replace the Insurance Information and Privacy Protection Model Act #670 (“Model 670”) and the Privacy of Consumer Financial […]
FCC Proposes to Change Data Breach Reporting Rules for Telecommunication Companies
On January 6, 2023, the FCC released a Notice of Proposed Rulemaking (the “Notice”) proposing to “modernize the Commission’s data breach rules,” and thereby launching a formal effort to gather information from the industry on the issue of data breach reporting. The Notice, adopted on December 28, 2022, seeks to strengthen its rules with the […]
NYDFS Releases Significant Enhancements to its Cybersecurity Regulation in the Proposed Second Amendment
The New York Department of Financial Services (“DFS”) released their proposed second amendment to the Cybersecurity Regulation, 23 NYCRR Part 500 (“Proposed Second Amendment”) on October 9, 2022. DFS issued a minor amendment on April 2, 2020, revising the certification of compliance date (from February to April). The Proposed Second Amendment follows DFS’s “pre-proposed” draft […]
UK’s National Cyber Security Centre Releases 2022 Annual Review
The United Kingdom’s National Cyber Security Centre (NCSC) recently released its 2022 Annual Review, which reports on the state of cyber security threats in the country. As the UK’s technical authority for cyber security, the NCSC releases an annual report covering the cyber threats from the prior 12 months as well as analysis of potential […]
FTC Takes Action Against Ed Tech Provider for Failure to Secure Student’s Personal Information
On October 31, 2022, the Federal Trade Commission (FTC) announced it has taken action against education technology provider Chegg Inc. (“Chegg”) for its “careless” cybersecurity practices that exposed sensitive personal information of millions of its customers and employees. This action highlights the FTC’s continued efforts to aggressively protect consumer personal data. The FTC’s complaint alleges […]