Cybersecurity

Subscribe to Cybersecurity

Brexit is finally here. The United Kingdom leaves the European Union on 31 January 2020. The EU and the UK will now enter a transition period which is scheduled to last until 31 December 2020. During this time, the UK will continue to abide by the EU laws, be subject to the rulings of EU courts, and contribute to the EU budget. Hence, the status quo will essentially remain unchanged during the transition period. The aim of the transition period is to provide enough time for the final wave of negotiations between the UK and EU to
Continue Reading Brexit – What Does it Mean for Businesses from an IP, Tech and Privacy Perspective?

On 2 January 2018, the Standardization Administration of China (“SAC”) released the final draft of “Information Technology – Personal Information Security Specification” (National Standard GB/T 35273-2017) (GB/T 35273-2017 信息安全技 术个人信息安全规范) (“Specification”). The Specification came into effect on 1 May 2018. The Specification sets out the recommended practices on personal information protection. Although the Specification is not legally binding, compliance is expected by the PRC authorities and may be taken into account when assessing a company’s compliance with related laws (e.g. China’s Cybersecurity Law).
Continue Reading Safe As Houses – The PRC Issues Revised Draft of the Personal Information Security Specification

A political agreement was reached between the European Parliament, the Council of the European Union (EU) and the European Commission on the EU Cybersecurity Act (Act) and announced on December 10, 2018. The pace of the adoption of the Act (with less than three months of discussions among the EU institutions) confirms that cybersecurity is high on the EU political agenda.
Continue Reading The EU Cybersecurity Act is (Almost) There

On 7 November 2018, the data protection authority of the Free State of Bavaria, Germany, issued a press release that, now that the European General Data Protection Regulation (GDPR) has been in effect for six months, the authority will intensify its GDPR compliance monitoring. The Bavarian data protection authority is responsible for monitoring GDPR compliance in the state of
Continue Reading Data Protection Authority of Bavaria, Germany, Intensifies GDPR Compliance Monitoring

On 13 September 2018, institutions in the European Union (EU) started negotiations to reach a final agreement on the EU Cybersecurity Act (Act). When adopted, the Act will create EU cybersecurity certification schemes for ICT products (i.e., hardware and software elements of network and information systems); services (i.e., services involved in transmitting, storing, retrieving or processing information via network and information systems); and processes (i.e.,
Continue Reading The Clock Is Ticking: Negotiating an Enhanced EU Cybersecurity Framework

An increasing number of financial institutions and fintech companies are coming together to create consortia or shared utility service providers that will identify, design, build and provide emerging technologies like blockchain and the possibility of using decentralized, distributed ledger technology that can be accessed and used by market participants to record information.
Continue Reading Challenges with the Evolution of Blockchain

On 7 November 2016, the Standing Committee of the National People’s Congress has formally passed China’s first comprehensive privacy and security regulation for cyberspace. Since the new Cyber Security Law (CSL) will come into effect on 1 June 2017, technology companies that are operating in or planning to expand to the Peoples Republic of China (PRC) are well advised to adapt their IT infrastructure and data architecture to the new law. Violations of the law may, at worst, lead to high fines, website shutdowns or license revocations. Some of the most significant changes brought about by the new law are briefly outlined below.
Continue Reading China Adopts New Law on Cybersecurity

On 12 August 2016, the Cyberspace Administration of China (“CAC”), the General Administration of Quality Supervision, the Inspection and Quarantine of China (“GAQSIQ”), and the Standardisation Administration of China (“SAC”) jointly released Several Guidelines to Strengthen National Cybersecurity Standardisation (the “Guidelines”). Under the Guidelines, mandatory national standards will be introduced to regulate critical fields such as major information technology infrastructure and classified networks in an effort to harmonise the current divergent local practice.
Continue Reading China Releases Guidelines to Strengthen Cybersecurity Standardisation

Efforts to coordinate and enhance cybersecurity across the European Union (“EU”) have taken a step forward with the publication on 19 July 2016 of the new Network and Information Security Directive (2016/1148/EU) (the “Directive”) in the Official Journal of the European Union. Member States will have until 9 May 2018 to transpose the Directive into their national laws.
Continue Reading A new EU Framework on Cybersecurity: The Network and Information Security Directive