Eversheds Sutherland Cybersecurity and Privacy Insights Blog
content top

Biometrics beware – Compliance and the Biometric Information Privacy Act

In light of the rising tide of costly class action lawsuits brought under the Illinois Biometric Information Privacy Act (BIPA), companies that use biometrics—even, in some cases, companies outside of Illinois that do not themselves collect biometric information—should be become familiar with this statute’s strict requirements. • Even photographs, when used for security purposes like...

The New Vendor Management World Under NYDFS’ New Cyber Regulation

As of March 1, 2019, the New York State Department of Financial Services’ (NYDFS) cybersecurity regulation, 23 NYCRR Part 500, requires financial services institutions regulated by NYDFS to implement policies and procedures to address the cybersecurity risks posed by third-party service providers to the institutions’ nonpublic information (NPI). Learn...

Cybersecurity and Data Privacy review and update: Looking back on 2018 and planning ahead for 2019

From the implementation of the GDPR to the passage of the CCPA, the year 2018 proved to be a monumental one for cybersecurity and data privacy. Regulators from around the world responded to devastating, large-scale cyber-attacks, and a desire for their citizens to have more control over their data, by passing a wide range of regulations aimed at protecting consumer information. These...

Updata – Your quarterly privacy & cybersecurity update

Welcome to the second edition of Updata – the international quarterly update from Eversheds Sutherland’s dedicated Privacy and Cybersecurity team. Updata provides you with a compilation of privacy and cybersecurity regulatory and legal updates from our contributors around the globe over the past quarter. You can find previous editions on our dedicated webpage....

Vietnam sheds light on impending cybersecurity law

Vietnam recently issued a draft decree that clarifies the scope of its impending cybersecurity law and its impact on foreign businesses. The law is set to go into effect on January 1, 2019, though the implementation of certain requirements that impact foreign companies the most will likely be delayed. Unlike other cybersecurity and data privacy laws passed this year, which were...

India’s highest court defends data privacy

India’s Supreme Court recently issued a holding that increases the data privacy protection that businesses operating in India must provide. The holding strikes down the portion of Section 57 of the Aadhaar Act that had previously allowed businesses to require national ID numbers, known as Aadhaar numbers, for “any purpose.” The industries most impacted by this ruling will likely be...

« Older Entries