Show: results per page
|Shellshock, the Perfect 10 Exploit: Easy to Use, Devastating Impact|
Richard J. Johnson, Todd S. McClelland, Mauricio F. Paez; Jones Day;
October 7, 2014, previously published on September 2014A new bug, dubbed "Shellshock," which affects software used in computer systems worldwide, came to light last week. According to the U.S. Department of Homeland Security's United States Computer Emergency Readiness Team ("US-CERT"), "[t]his vulnerability is classified by...
|Backoff Point-of-Sale Malware: Here We Go Again|
Richard J. Johnson, Mauricio F. Paez; Jones Day;
August 5, 2014, previously published on August 2014The Secret Service, the National Cybersecurity and Communications Integration Center, and others announced yesterday in a US-CERT Alert (available at www.us-cert.gov/ncas/alerts/TA14-212A) that recent investigations have revealed the use by malicious actors of malware—dubbed Backoff...
|Federal Communications Commission Requests Comments on Effectiveness of Cybersecurity Recommendations|
Richard J. Johnson, Bruce A. Olcott, Mauricio F. Paez, Preston N. Thomas; Jones Day;
August 1, 2014, previously published on July 2014The Federal Communications Commission ("FCC") is seeking industry and public comment on whether it should take further steps to ensure that the U.S. communications industry is sufficiently prepared for cybersecurity threats.
|Russia Adopts Restrictive Changes to its Data Privacy Law Data Location Requirement Will Adversely Affect Data Flows|
Veronica Fridman, Anita Leung, Mauricio F. Paez, Sergei Volfson, Undine von Diemar; Jones Day;
July 22, 2014, previously published on July 2014During the first week of July 2014, the State Duma (lower chamber of the Russian Parliament) adopted a set of amendments to the Federal Law "On Information, Information Technologies, and Information Protection" ("Information Law") and to the Federal Law "On Personal...
|Attorney General's Office Issues "Do Not Track" Disclosure Guidelines|
Richard J. Johnson, Ka-on Li, Mauricio F. Paez, Katherine S. Ritchey, Gregory P. Silberman; Jones Day;
June 11, 2014, previously published on June 2014The California Attorney General's Office recently issued a set of guidelines, titled "Making Your Privacy Practices Public" ("Guidelines"), designed to help companies develop "meaningful" privacy policies that provide transparency, accountability, and choice for online...
|CFTC and SEC Announce Focus on Cybersecurity|
Robert W. Gaffey, Bart Green, Joan E. McKown, Stephen J. Obie, Mauricio F. Paez; Jones Day;
April 29, 2014, previously published on April 2014Recent steps by the Commodity Futures Trading Commission ("CFTC") and the Securities and Exchange Commission ("SEC") show that both agencies will increase their focus on cybersecurity issues going forward. The CFTC's Division of Swap Dealer and Intermediary Oversight...
|The Heartbleed Bug: Data Breach and Liability Risks|
Richard J. Johnson, Mauricio F. Paez, Gregory P. Silberman; Jones Day;
April 24, 2014, previously published on April 2014It seems that every other day we learn about a new data security threat or compromise. The so-called "heartbleed bug," or CVE-2014-0160 for those technically inclined, is the latest reported data security vulnerability, and it requires an immediate and swift response. The bug was recently...
|Landmark Decision Confirms FTC Authority to Regulate Privacy and Data Security|
Richard J. Johnson, Mark Mansour, Mauricio F. Paez, Katherine S. Ritchey, Gregory P. Silberman; Jones Day;
April 15, 2014, previously published on April 2014In FTC v. Wyndham Worldwide Corp., No 13-1887, 2014 U.S. Dist. LEXIS 47622 (D.N.J. Apr. 7, 2014)—a case closely watched by privacy and data security professionals across the United States—a federal district court held that the Federal Trade Commission ("FTC") has authority...
|European Parliament Votes in Favor of General Data Protection Regulation and Threatens Suspension of Data Transfers to U.S.: A New Milestone Toward Adopting Enhanced Data Protection Rules in the EU|
Laurent De Muyter, Jonathon R. Little, Mauricio F. Paez, Katherine S. Ritchey, Undine von Diemar; Jones Day;
March 24, 2014, previously published on March 2014On March 12, 2014, the European Parliament resoundingly voted for the EU General Data Protection Regulation ("Regulation") proposed by the EU Commission on January 25, 2012. The Parliament largely backed the report on and proposed amendments to the Regulation that the Committee for...
|U.S. Congress Ready to Enact Data Security and Breach Notification Rules After Recent Consumer Data Breaches|
Steven G. Gersten, Richard J. Johnson, Mauricio F. Paez, Mina R. Saifi; Jones Day;
February 18, 2014, previously published on February 2014In December 2013, a U.S. national retail store announced that credit and debit card data for more than 40 million consumers may have been compromised. On January 10, it further disclosed that cyber criminals had accessed a wide range of personal information belonging to 70 million people through...