Devices security measures legislation passed in Oregon

  On May 30, 2019, Oregon Governor signed HB 2395 containing security measures required for devices that connect to the Internet and that are assigned an Internet Protocol address or another number that identifies the connected device. The manufacturer shall equip the connected device with “reasonable security features”, which may consist of means for authentication from outside a local area network and compliance with federal law requirements that apply to security measures for Read more [...]

Update: oral hearing before the ECJ on Model Clauses preliminary ruling

On July 9, 2019, the European Court of Justice (CJEU) heard oral arguments on a landmark case concerning Facebook's transfer of personal data from the EU to the US on the basis of the currently utilized “standard contractual clauses” (SCCs) mechanism. The CJEU's decision -- will have tangible consequences for businesses performing data transfers from the EU to the US -- is expected in December 2019. Background By way of background. In 2013 Mr. Schrems demanded the suspension of data flow Read more [...]

Maine adopts what is considered the strictest privacy law in the US for internet service providers

  On June 6, 2019 Maine’s governor signed into law LD 946, “An Act To Protect the Privacy of Online Customer Information.” The Act applies to broadband internet service providers (ISPs) defined as any “mass-market retail service by wire or radio that provides the capability to transmit data to and receive data from all or substantially all Internet endpoints.” ISPs are prohibited from using, disclosing, or selling their customers personal information, which includes the Read more [...]

NY A.G. settles with online retailer Bombas which failed to notify data breach involving credit cards details

On June 6, 2019 Attorney General Letitia James, announced settlement with online retailer Bombas LLC for failing to provide notice of payment cards consumers’ data breach occurred to 39,561 consumers. In 2014 unauthorized intruders inserted malicious software code to steal payment card information into the ecommerce platform supporting Bombas’ website. Intruders accessed customer information (such as names, addresses, and credit card information) of 39,561 payment card holders. Bombas started Read more [...]

Blockchain law passed in San Marino contains some interesting aspects

  On June 6, 2019, the Republic of San Marino approved the Blockchain Decree of the Republic of San Marino (Delegate Decree n. 86, dated May 23, 2019). No official press statement has been released yet, but this source revealed the news. The Blockchain Decree provides a regulatory framework formulating specific rules for two different applications of Distributed Register Technology (Distributed Ledger Technology or – more commonly – Blockchain): investment tokens (digital Read more [...]