Photo of Kate M. Growley, CIPP/G, CIPP/US

As the U.S. government continues to ratchet up sanctions in response to the Russian invasion of Ukraine, public reporting suggests there may be a new target in the sites of U.S. sanctions authorities: Kaspersky Labs (Kaspersky), the popular Russian cybersecurity and antivirus company. Any sanctions imposed by the Department of Treasury’s Office of Foreign Assets

On January 12, 2022 the U.S. Department of Commerce’s Bureau of Industry and Security (BIS) issued a federal register notice delaying the effective date of new controls on cybersecurity items and an accompanying new license exception. The rules are now set to take effect on March 7, 2022.

The new controls were published in an 

On June 9, the President issued an Executive Order on Protecting Americans’ Sensitive Data from Foreign Adversaries (EO 14034), rescinding three executive orders issued in the previous administration that prohibited transactions with the mobile applications TikTok and WeChat and eight other Chinese-developed and -controlled applications.  At the same time, the EO makes clear that the

Late last month, New York enacted the Stop Hacks and Improve Electronic Data Security Act (SHIELD Act). In doing so, it has become the latest state to impose additional data security and breach notification obligations on businesses handling private data. The breach notification amendments take effect on October 23, 2019, while the data security requirements

On August 13, 2019, the FAR Council will publish in the Federal Register an interim rule, FAR Subpart 4.21, effective immediately, which implements a portion of section 889 of the FY 2019 National Defense Authorization Act, specifically, the ban on government procurement of any equipment, system or service that uses covered telecommunications equipment or

On May 15, 2019, President Trump executed a new Executive Order (EO) likely to inject increased levels of scrutiny and uncertainty throughout the vast and interconnected web of government contract supply chains. The new EO, entitled “Securing the Information and Communications Technology and Services Supply Chain,” comes during a period of escalating trade tensions