UK Government issues Call for Evidence to help improve cyber security across the UK economy

On 4 November 2019, the UK Government’s Department for Digital, Culture, Media & Sport (“DCMS“) issued the Cyber Security Incentives and Regulation Review 2020: Call for Evidence (the “Review“). The aims of the Review are to: understand the barriers which prevent organisations from improving their cyber security; understand the effectiveness of existing regulations and guidance … Read more

China publishes first law on encryption

The new Encryption Law, China’s first national law on encryption, was published on 26 October 2019 and will come into force on 1 January 2020. It broadens the current regulatory scope of encryption, liberalises commercial encryption at national-law level and proposes a market-oriented regulatory regime for the commercial encryption industry. Foreign and foreign-invested enterprises are given … Read more

The encryption debate is far from ‘going dark’

Shortly after the release of the communiqué from the most recent ministerial meetings of the ‘Five Countries’ security alliance — Australia, Canada, New Zealand, the UK and the US — at the end of July, we warned that the issue of the use of, and access to, encrypted services and technologies ‘remains front of mind for … Read more

EU Regulation on cyber security now in force

As we previously reported, the EU reached political agreement on the new EU Cybersecurity Act (the “Act“) in March 2019. The Act has now been published in the Official Journal and the majority of its provisions came into effect on 27 June 2019. Read more

US Senate confirms Permanent Ombudsman for the EU-US Privacy Shield Agreement

On 20 June 2019, the US Senate confirmed Keith Krach as the Under Secretary of State for Economic Growth, Energy, and the Environment. As part of that role, Krach will serve as the permanent Ombudsman for the EU-US Privacy Shield agreement. The EU-US Privacy Shield is a framework that regulates transatlantic exchanges of personal data … Read more

US Department of Defense recognises cyber security as allowable contractor cost

Reflecting recognition of the critical nature of cybersecurity concerns and precautions, the US Department of Defense (“DoD“) has announced that certain cybersecurity protection measures may qualify as costs that defense contractors may claim in contracts. On 3 June 2019 at the Professional Services Council’s Federal Acquisition Conference, Katie Arrington, Special Assistant to the Assistant DoD … Read more

US DoJ issues white paper addressing CLOUD Act

In April 2019, the US Department of Justice (“DoJ“) published a white paper entitled “Promoting Public Safety, Privacy, and the Rule of Law Around the World: The Purpose and Impact of the CLOUD Act” (the “White Paper“). The White Paper is the DoJ’s first official statement about the Clarifying Lawful Overseas Use of Data Act … Read more