At a glance.
- Cyber fines increase data breach costs.
- New California bills focus on privacy for minors.
- US expected to expand restrictions on chip exports to China.
Cyber fines increase data breach costs.
The Hiscox 2022 Cyber Readiness Report, published annually for the past six years by the Bermuda-based insurance firm, shows that the median cost of a cyberattack is approximately $17,000, a 29% increase over last year. And as Open Access Government notes, the cost of an attack has doubled for UK businesses, largely due to fines incurred as a result of the incident. Indeed, after surveying over five thousand professionals across a range of industries, Hiscox says the number of firms that received a fine following a cyberattack nearly doubled from 11% in 2021, to 20% in this year. The General Data Protection Regulation states that EU authorities can fine a company up to €20 million or 4% of worldwide turnover, whichever figure is higher, which has resulted in multi-million pound penalties for some firms. The report shows that companies who suffered a breach over the past year have experienced an increase in negative repercussions including costs of notifying customers, adverse impact on brand reputation, and loss of customers. The survey also found that more medium and small sized firms are being targeted by attacks. Gareth Wharton, Cyber CEO at Hiscox stated, “While the cybercriminals have long targeted high-value companies, it is clear they are now moving down the food chain.”
New California bills focus on privacy for minors.
This summer lawmakers in the US state of California passed two children’s privacy bills which are now awaiting the governor’s signature. The California Age-Appropriate Design Code Act, which was passed unanimously, applies to any business “that provides an online service, product, or feature likely to be accessed by children,” cyber/data/privacy insights explains. The law would require companies to complete a data protection impact assessment (DPIA) for any public online product likely to be accessed by children (in this case, individuals aged eighteen or below), and create a plan for mitigating any risks identified in the DPIA. Businesses will also be required to implement privacy settings that offer a high level of default privacy and, when writing privacy policies, use language easily understood by children. The law prohibits firms from using children’s personal data in a way that could hurt the child’s physical or mental health; collecting, selling, sharing, or retaining any child’s data that is not necessary to provide the online service; or using dark patterns to encourage children to provide personal data beyond what is necessary. The Student Test Taker Privacy Protection Act is aimed at addressing privacy concerns connected to online exam proctoring services, the use of which has surged since the COVID-19 pandemic. The law would prohibit proctoring services from collecting, retaining, using, or disclosing personal information except to the extent strictly necessary to provide those proctoring services or in other specified instances.
US expected to expand restrictions on chip exports to China.
Reuters reports that the White House is planning to further restrict US shipments of semiconductors to China. Sources say the Commerce Department will be publishing new regulations based on restrictions communicated in letters to US companies KLA Corp, Lam Research Corp, and Applied Materials, Inc. that prohibited the firms from exporting chipmaking equipment to Chinese factories that produce advanced semiconductors with sub-14 nanometer processes, unless the companies acquire licenses from the Commerce Department. The new regulations could potentially impact smaller companies attempting to compete with leading artificial intelligence chipmakers Nvidia and AMD, as well as firms like Hewlett Packard, Dell, and Super Micro Computer who produce data center servers containing Nvidia's A100 chip. If implemented, these laws would be the latest step in the Biden administration’s efforts to decrease China’s influence over global tech manufacturing. American business lobbying group the Chamber of Commerce last week predicted that such restrictions on AI chips and chipmaking tools could be on the horizon. "We are now hearing that members should expect a series of rules or perhaps an overarching rule prior to the mid-term election to codify the guidance in recently issued (Commerce Department) 'is-informed' letters to chip equipment and chip design companies," the Chamber said.