Select Page

Below are snapshots of recent global updates courtesy of Nymity Research

Cybersecurity: NIST Draft Guidance for Federal System Security Assessments
Special publication 800-53A forms part of the guidance to federal systems implementing NIST’s Risk Management Framework, addressing the assessment and monitoring steps; the proposed revision advises on creating and implementing an organization-wide assessment plan, and includes a comprehensive set of assessment methods that can be selected, arranged, and modified based on the organization and scope of assessment. Read more here.

Legislation: Mongolia Drafts Protection of Personal Data Law
If passed, data controllers and processors in Mongolia will be prohibited from processing data without data subject consent unless certain conditions are met (i.e., legally required, contractual obligation or research purposes); the law also prohibits the processing of biometric data by private entities and requires them to conduct PIAs for any automated processing technology and to authenticate an individual’s identity before providing them with information about data processing activities. Read more here.

Artificial Intelligence: China Draft Security Specification for Machine Learning Algorithms
Feedback is sought on proposed requirements for developers and operators to ensure machine learning algorithms and their models adhere to common privacy requirements (e.g., de-identify or anonymise PI, obtain consent for the use of sensitive data), include confidentiality, integrity and availability attributes (e.g., address security vulnerabilities, set access controls, simulate attacks through testing), and are subject to comprehensive security assessments conducted by both internal departments and third-party auditors. Read more here.

Legislation: Ukraine Drafts New Personal Data Protection Law
If passed, the draft law will replace the existing data protection law and is modelled after the GDPR, but will include additional provisions related to the use of CCTV, online tracking and data processing registration requirements; non-residents who process personal data will be expected to comply with the law and violators may be subject to fines up to 150 Million UAH or 8% of annual turnover from the previous year. Read more here

Stay informed with daily comprehensive regulatory updates using Nymity Research. Minimize the need for time consuming searches for accurate analysis with easy to understand alerts on the latest privacy laws. Start a free trial today.

Share This

Share This

Share this post with your friends!