My Content
Insights

China Enacts New Data Security Law

After two rounds of public comments, the Data Security Law (DSL) of the People’s Republic of China was formally issued on June 10, 2021. The DSL, effective September 1, 2021, establishes a series of principles and policies designed to ensure the protected and effective use of data. It governs both data activities conducted in China, and data activities conducted outside ...

U.S. Supreme Court: Misusing Authorized Access to Information Does not Violate the Federal Computer Law

A majority opinion of the Supreme Court of the United States has narrowed the scope of the federal Computer Fraud and Abuse Act (CFAA), holding that the prohibition on unauthorized access to information does not cover instances of misusing authorized access rights to information for “improper motives”.

At issue was the conviction of a former police officer who allegedly misused ...

Washington D.C. Files Anti-Trust Lawsuit Against Amazon.com

The Attorney General of the District of Columbia (DC) in the United States is taking legal action against Amazon.com alleging violation of DC’s local anti-trust law. The action was filed in a local court in DC, alleging that “Amazon dominates the online retail sales market, controlling between 50-70% of all online retail sales in the U.S.”. It also alleges that ...

President Biden Issues Executive Order on Protecting Sensitive Data from Foreign Adversaries

U.S. President Joe Biden issued an Executive Order aimed at addressing threats arising from the use of connected software applications designed, developed, manufactured, or supplied by foreign adversaries. Connected software applications are software programs that include the ability to collect, process, or transmit data through the Internet.

According to the Executive Order’s explanatory notes, connected software applications can provide foreign ...

EU Commission Issues New Standard Contractual Clauses

The European Commission issued two new sets of standard contractual clauses (SCC) which can be used to legalize the transfer and processing of personal data that is subject to the GDPR. The first set is SCCs for international transfers, which may be used when transferring personal data to destinations that are outside the European Economic Area (EEA) in countries that ...

Newly Approved GDPR Code of Conduct for SaaS and Cloud Service Providers

The Belgium Data Protection Authority has approved a first-of-a-kind GDPR Code of Conduct for cloud services providers acting as data processors. The Code of Conduct will be administered by Scope Europe, a Belgium company. It is aimed at companies providing cloud-based Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), or Software-as-a-Service (SaaS) who wish to be accredited to the code of conduct as a ...

More of My Content
Insights