The National Information Technology Development Agency (NITDA) has extended the timeline for filing the 2021 data audit report from 15 March 2021 till 30 June 2021. In 2019, the National Information Technology and Development Agency (‘NITDA’) issued the Nigerian Data Protection Regulation (‘NDPR’) ...
On February 26, 2013, the National Institute of Standards and Technology ("NIST") issued a Request for Information ("RFI") to gather comments regarding the development of a framework to reduce cybersecurity risks to critical infrastructure. As we previously reported, the Obama Administration’s executive order, Improving Critical Infrastructure Cybersecurity (the "Executive Order"), released on February 12, 2013, directs NIST to coordinate development of this framework ...
On October 22, 2013, the National Institute of Standards and Technology (“NIST”) issued the Preliminary Cybersecurity Framework (the “Preliminary Framework”), as required under Section 7 of the Obama Administration’s February 2013 executive order, Improving Critical Infrastructure Cybersecurity (the “Executive Order”). The Preliminary Framework includes standards, procedures and processes for reducing cyber risks to critical infrastructure ...
In recent years, Russia has focused on regulating its IT area. In particular, this has been needed due to the increasing number of cases, when prohibited information has been distributed on various large Internet resources, such as a social network. However, according to Russian government agencies, despite the risks of possible sanctions, many foreign companies still do not respond quickly enough to government requests, or ignore the demands to remove prohibited information ...
In this newsletter you will find a selection of the main legal news related to the fintech and digital banking market in Argentina. 3.0 transfers New open and interoperable model for instant payments As we anticipated in previous bulletins, the Central Bank (BCRA) completely updated the system of immediate electronic payments existing until now, taking it to a much more ambitious, interoperable and open model, which aims to interconnect bank accounts and accounts on an equal footing ...
In recent months, the Knesset Constitution, Law and Justice Committee approved the Protection of Privacy Regulations (Information Security) 5777-2017 (hereinafter: the "Regulations"). The Regulations mark a landmark change in the field of information security in Israel and they impose substantial obligations on database owners ...
Cybersecurity is one of the most critical challenges facing our nation and our economy. U.S. regulators on both the state and federal level are working to keep pace with the challenges and risks posed by cybercrime. On March 1, 2017, the New York State Department of Financial Services (DFS) issued a new cybersecurity regulation designed to protect financial institutions, their information technology systems, and their customers from cybercrime1 ...
In November 2021, the New York City Council passed a bill requiring that artificial intelligence (“AI”) tools used by employers to make or assist in hiring decisions or internal promotions undergo bias audits to screen for discriminatory effects. Under the City Charter, the bill became law a month later after it was returned unsigned to the Council by then-mayor Bill DeBlasio ...
Effective Jan. 1, 2021, Florida law will require all public employers, as well as some private employers, to enroll in and use the E-Verify system. What is E-Verify? E-Verify is a free federal electronic database that allows employers to quickly validate documentation presented by new hires to establish that a new employee is lawfully eligible for employment in the United States ...
Within the agricultural and food supply chain, significant imbalances in bargaining power between suppliers and buyers of agri-food products are frequent. Those imbalances in bargaining power are likely to lead to unfair trading practices. The Directive 2019/633 (the “Directive”) aims to ensure that agri-food companies are protected against these unfair practices. Scope of the Directive The Directive’s scope is very limited ...
The UK’s new safeguard mechanism for international transfers of personal data came into force on 21 March 2022. Organisations that make restricted transfers of personal data should review their data transfer processes now ...
Along with the prediction that the continued growth of the Internet of Things (IoT) will transform our everyday lives and how we do business, we can also anticipate that the increased number of connected devices will bring about additional challenges, including greater security and privacy-related risks ...
The Finnish Criminal Code has been recently amended to combat cybercrime more effectively. The Criminal Code now takes a tougher stance against cybercrime by amending certain provisions, introducing completely new provisions and more severe penalties. The amendments entered into force 4 September 2015. From now on, cybercrime offences, such as illegal data interference and identity theft, can be found under their own titles in the Criminal Code ...
We would like to inform you of several draft laws in the TMT area, that were adopted by the Russian Parliament, and finally signed by the President. We have prepared a short description for you below ...
Introduction On 16 October 2020 the government reinforced the urgent measures to limit the further spread of COVID-19. Teleworking is no longer highly recommended, but has become the standard for all employees whose roles allow for telework. Yet, the new rule is less far-reaching than that in place during the first lockdown in March 2020, as an exception now applies when the continuity of business operations, activities and services does not allow for teleworking ...
On 25 September 2020 Parliament approved new regulations for Blockchain and Distributed Ledger Technology (DLT).(1) The goal of this new legal framework is to further establish and increase Switzerland's reputation as a leading, innovative and sustainable location for fintech and DLT companies. DLT framework DLT allows shared data management and, in particular, shared accounting among participants that do not know or do not trust each other's identity ...
On 4 June, the European Commission adopted new standard contractual clauses («SCC»), which replaces previous standard clauses for the transfer of personal data to countries outside the EEA (third countries). In addition, the Commission has for the first time adopted a standard data processor agreement governing the data processor’s processing of personal data on behalf of the data controller ...
We would like to inform you of the new rules of audits/inspections of companies processing personal data approved by the Decree of the Russian Government dated February 13, 2019 No. 146 «On Approving the Rules on Arranging and Exercising Control over Compliance of Personal Data Processing» («Decree»). The Russian Data Protection Authority (DPA) is entitled to investigate companies’ compliance with data protection laws ...
On September 6th, 2020, “Rules for the Consideration and Resolution of Administrative Disputes by the Federal Service for Intellectual Property”, approved by the order of the Russian Ministry of Education and Science and the Ministry of Economic Development (“Rules”) came into force. The Rules were developed jointly with the Federal Service for Intellectual Property (Rospatent) ...
The Government finally issued Government Regulation No. 82 of 2012 9regarding the Implementation of Electronic Systems and Electronic Transactions (“Regulation 82”) for Law No. 11 of 2008 regarding Electronic Information and Electronic Transactions (“Law No.11”). Regulation 82 sets out significant requirements in relation to electronic registration/certification, electronic systems, electronic transactions, electronics agents, electronic signatures and domain names ...