Standard Post with Image

US SEC publishes cybersecurity interpretive guidance

The US Securities and Exchange Commission (SEC) has published long-awaited cybersecurity interpretive guidance. The document will assist public companies in their disclosure activities on cybersecurity risks and incidents. The SEC is now reinforcing and expanding the 2011 guidance with two additional topics: the importance of cybersecurity policies and procedures and the application of insider trading prohibitions in the cybersecurity context.

The Commission Statement and Guidance on Public Company Cybersecurity Disclosures is available here
Standard Post with Image

The ECtHR defends the employer in a right to privacy case

The European Court of Human Rights (ECtHR) has agreed with a French rail operator in a case related to the right to privacy of an employee. The court established that the employer has not violated the employee’s privacy by opening his personal files when he was not present as the opened files were not labelled as private. The court also clarified that the employer has a right to ensure the proper use of its computer systems.

The ECHR ruling is available here
Standard Post with Image

FTC: Small business web hosting services are not sufficiently protected

The US Federal Trade Commission has conducted a study on web-hosting services for small businesses. The results demonstrate that most of these services do not offer easy access to safeguarding technologies, such as tools that authenticate emails and would avoid phishing attacks. Therefore, small businesses should be aware of the safety instruments provided by the services, while the services must increase their efforts to offer reliable security systems.

The FTC study is available here
Standard Post with Image

Italian Member R&P Legal publishes WP29 guidelines on data breaches

PrivacyRules Italian Member R&P Legal law firm, one of the leading law firms in the country, publishes a brief commentary on the WP29 guidelines on data breaches.

The commentary is available, in Italian language, here
Standard Post with Image

Italian Member R&P Legal publishes on the WP29 draft guidelines on the accreditation of certification bodies

PrivacyRules Italian Member R&P Legal law firm, one of the leading law firms in the country, publishes a brief commentary on the WP29 draft guidelines on the accreditation of certification bodies.

The commentary is available, in Italian language, here