Topics Internet Law Update

New York Updates Proposed Cybersecurity Regulation for Financial Institutions

Following more than 150 public comments to the original proposal for cybersecurity regulation for financial institutions, the New York State Department of Financial Services (NYDFS) has updated its proposed regulation, with what is generally speaking a more lenient approach for covered entities.
 
The updated regulation adopts a risk-based approach that gives covered entities greater flexibility in determining the cybersecurity ...

Ninth Circuit Refines the Meaning of “Without Authorization” under the Computer Fraud and Abuse Act

The United States Court of Appeals for the Ninth Circuit has recently tweaked two of its decisions from this past summer which held that access to another person’s online account, even with their permission, may in certain cases give rise to liability under the U.S. federal Computer Fraud and Abuse Act (CFAA).

The first case, United States v. Nosal, revolved ...

CJEU Restricts Retention of Communication Meta-Data by Telecom Providers

The Court of Justice of the European Union (CJEU) has held that EU law prohibits a general and indiscriminate retention of telecommunication meta-data. The court nevertheless held that EU states can require that telecom providers engage in targeted and limited retention of meta-data solely for the purpose of facilitating the fight against serious crime. 
 
The CJEU’s judgment was based ...

Biometric Database will Transition to Permanent Full-Scale Operation

The Israeli Minister of Interior, Mr. Aryeh Deri, has announced that the biometric database, nowadays nearing the end of its pilot phase, will transition to permanent, full-scale operation. The database, in its permanent phase, will include a facial photo and two fingerprints for each recorded individual.
 
Israelis applying to obtain or renew their government-issued ID or passports during ...

Israel State Comptroller Criticizes Ill-Prepared Cyber Defense

The Israeli State Comptroller recently issued a summary of its comprehensive report, in which he dispraises Israel’s ill-preparedness against cyber threats. The summary raises, among others, the following points:

  • The process of developing a regime for allocating responsibilities in the field of cyber-defense has been dragging on for years and the process of formulating Israel’s overall cyber-defense doctrine has overrun ...

EU Regulators Issue First GDPR Guidance

The panel of European national privacy regulators, known as the ‘Article 29 Working Party’, has issued its first set of substantive guidance addressing issues under the EU General Data Protection Regulation (GDPR). The GDPR, scheduled to enter into force in May 2018, constitutes a sweeping reform in the areas of data protection and data privacy. The GDPR applies not only ...

US FDA Issues Guidance on Postmarket Management of Cybersecurity in Medical Devices

The US Food and Drug Administration (FDA) has published guidance informing of the FDA’s recommendations for managing postmarket cybersecurity vulnerabilities for marketed and distributed medical devices. The guidance emphasizes that manufacturers of medical devices should monitor, identify, and address cybersecurity vulnerabilities and exploits as part of their postmarket management. It urges manufacturers to implement comprehensive cybersecurity risk management programs and ...

The WordPress-Wix Dispute

The open source community is engaged in a heated dispute between Automatic (the company behind WordPress) and Wix, two of the most prominent developers of content management systems. Reading carefully through the posts of both companies, it seems that they may strike on a fundamental dispute within the Free Software community and legal professionals counseling on Open Source Software: just ...
More from Internet Law Update