The Federal Financial Institutions Examination Council (FFIEC) has issued two joint statements warning of specific cyber risks. The warnings, which were issued on March 30, 2015, address risks arising from destructive malware, which can destroy sensitive data, and cyber-attacks that compromise user credentials. In both statements, the FFIEC also provides guidance on how to mitigate […]
Wyoming Broadens Definition of Personal Information In Amended Data Breach Notification Law
Wyoming has updated its data breach notification statute to widen the definition of “personal identifying information” that will trigger notification to individuals. In addition, the amendments prescribe the information to be contained in the notice and provide a safe harbor to entities that provide notice in compliance with and under the requirements of the Health […]
Court Finds Hulu Did Not “Knowingly” Disclose PII in Violation of VPPA, Grants Summary Judgment
Ending a four-year battle that has helped define the parameters of the Video Privacy Protection Act’s (VPPA) application to new technologies, on March 31, 2015, Northern District of California Magistrate Judge Laurel Beeler dismissed with prejudice the In re: Hulu Privacy Litigation. In doing so, Judge Beeler found that there was simply no evidence that […]
President Obama Signs Executive Order Authorizing Sanctions for Cyber Attacks, Use of Stolen Data
On April 1, 2015, the White House unveiled Executive Order 13694, which authorizes the Treasury Department to sanction entities outside of the United States that engage in “cyber-enabled activities” that are “reasonably likely to result in, or have materially contributed to, a significant threat to the national security, foreign policy, or economic health or financial […]
FCC Advisory Group Issues Cyber Risk Management Report
On March 18, the Federal Communications Commission (“FCC”) approved the Final Report on cybersecurity risk management and best practices issued by Working Group 4 (“WG4”) of its Communications, Security, Reliability, and Interoperability Council (“CSRIC”). The CSRIC, currently in its fourth assembly, is an advisory committee tasked with providing recommendations to the FCC to achieve “among […]