Information Commissioner’s Office issues new guidelines on data protection fines

On 18 March 2024, the Information Commissioner’s Office (the “ICO“), issued its Data Protection Fining Guidance (the “Guidance“) on issuing fines under the UK General Data Protection Regulation (the “UK GDPR“) and the Data Protection Act 2018 (the “DPA 2018“). The guidance replaces the sections about penalty notices in the ICO’s Regulatory Action Policy which was published … Read more

Cyber Monthly Wrap-up (UK, EMEA and the US) – November 2023

Welcome to HSF's November wrap up; our top picks for cyber-related news in the UK, EMEA and US. Our short summary and commentary is aimed at giving you the awareness and insights you need, with minimum time investment. Below you will find:
  • Developments in regulatory requirements and guidance;
  • Wider cyber industry news; and
  • Particularly noteworthy (reported) cyber incidents.
Read more

German Minister of Interior considers amendment of Constitution to defend against cyber attacks

In Germany, the Federal Minister of the Interior, Nancy Faeser, considered two amendments to the Constitution as part of an ambitious plan to strengthen cybersecurity across the nation. This followed from calls to strengthen cyber resilience for federal authorities, critical infrastructure and to modernise and expand cybersecurity architecture in Germany. Ms. Faeser noted that cybersecurity threats remained high. German authorities and businesses have been the target of cyberattacks since Russia's war in Ukraine. Disinformation, sabotage and espionage were also identified as critical issues. Read more

Building Cyber Security Resilience: NIS 2 enters into force

The NIS 2 Directive (Directive 2022/2555) on measures for a high common level of cyber security across the EU has now entered into force. Member states must now incorporate the provisions into their national law by October 2024. NIS 2 will replace its predecessor – NIS (Directive 2016/1148), which was the first cross-sector cyber security law in the EU. NIS 2 has been necessary because the speed at which network and information systems have developed into a central feature of everyday life has led to greater interconnectedness, including in cross-border exchanges and, with this, has come an expansion of the cyber threat landscape. The number, magnitude, sophistication, frequency and impact of incidents are increasing, and can impede the pursuit of economic activities in the internal market, generating financial loss, undermining user confidence and causing major damage to the Union’s economy and society. Cyber security preparedness and effectiveness are therefore now more essential than ever to the proper functioning of the internal market; "adapted, coordinated and innovative responses" are required in all member states, says the EU. NIS was not implemented consistently across member states with, for example, some services being categorised as "essential" in some countries but not in others. Read more

China Cyber Security and Data Protection Update – August 2020

In this bulletin we summarise recent updates relating to cybersecurity and data protection in China to keep you updated on developments. We focus on four areas: regulatory developments, enforcement developments, industry developments and international developments. For further detail, please see our update here.   Read more

China Cyber Security and Data Protection Update – July 2020

In this bulletin we summarise recent updates relating to cybersecurity and data protection in China to keep you updated on developments. We focus on four areas: regulatory developments, enforcement developments, industry developments and international developments. For further detail, please see our update here.   Read more

China Cyber Security and Data Protection Update – June 2020

In this bulletin we summarise recent updates relating to cybersecurity and data protection in China to keep you updated on developments. We focus on four areas: regulatory developments, enforcement developments, industry developments and international developments. For further detail, please see our update here.   Read more

GROWING BODY OF COMMON LAW DECISIONS THAT CRYPTOCURRENCIES CAN AMOUNT TO PROPERTY: RUSCOE v CRYPTOPIA LIMITED (IN LIQUIDATION) CIV-2019-409-000544 [2020] NZHC 728

Cryptocurrency exchanges are a significant target for hackers, and there are numerous well-documented examples of significant amounts of cryptocurrency being taken in attacks.  This frequently gives rise to issues of liability and recovery for the individuals who were holding their cryptocurrency with the exchange in question, and the precise basis on which the exchange is … Read more