Contractual theories may include claims for breach of contract if there is a written agreement between the plaintiff and the defendant that contains an explicit promise of appropriate security measures to protect personal data. Even if such a clause is not included in the contract, many plaintiffs will assert a claim for an implied contract, arguing that obtaining a requester`s personal information implies a promise to adequately protect the information. Theories of tort liability may include negligence or other common law theories such as invasion of privacy, bail, trespass, misrepresentation, or unjust enrichment. Each of these theories can be difficult to adapt to the context of the data breach. 23. In June 2021, following the adoption of the revised FADP, the Federal Council also published the revised draft ordinance of the Federal Data Protection Act for public consultation. In particular, the Council stressed that the amendments to the Regulation include minimum data security requirements, the modalities of the obligation to inform data subjects, the right of access, the obligation to notify data breaches and derogations from the obligation to record data processing activities for companies with fewer than 250 employees. In addition, the draft Regulation establishes the criteria to be taken into account by the Council in its assessment of the adequacy of transfers of personal data to third countries and contains a draft list of 34 countries considered to offer an adequate level of protection. [35] The plaintiffs may also allege securities fraud. To do so, applicants must claim that the Company made materially false or misleading statements, generally regarding the state of its cybersecurity position, and that the Company was aware of the falsity of those statements. Many federal and state laws include cybersecurity requirements. The Federal Trade Commission (“FTC”) has been particularly active in this area and has interpreted its enforcement power under Section 5(a) of the FTC Act, which deals with unfair and deceptive practices, as a means of requiring companies to implement security measures.

The FTC has taken numerous enforcement actions against companies that allegedly failed to take adequate security measures. However, the U.S. Supreme Court recently limited the FTC`s ability to seek fines for possible FTC Act violations without first enforcing its administrative procedures. It systematizes and generalizes countries` experiences on issues of state policy development and implementation to ensure cybersecurity based on research on the experience of national policies to ensure cybersecurity, there is a proven need to apply administrative influence to processes to ensure cybersecurity and identified opportunities for adaptation to national circumstances. According to the results of a study conducted among the leaders of companies and organizations in different countries, it is noted that the rating indicator presents a cyberattack as an immediate threat, among the leaders: the United States, Australia and Germany. It notes that over the past decade, action plans and strategies to address cybersecurity have been disseminated across Europe. It should be noted that in an environment where cyber threats are constantly emerging and evolving, countries` public policies are based on flexible and operational cybersecurity strategies. The cross-border nature of threats requires countries to engage in close international cooperation, which requires not only an effective operation against cyberattacks, but also the feasibility of rapid responses and coordinated prevention mechanisms. Attention is focused on the fact that the formation of the nation-state cybersecurity strategy is the basis for the development of an effective state policy. The Coast Guard is a founding partner of the Global Marine Transportation System Cyber Security Initiative. The symposium, which was launched in 2019 with White House support and hosted for the first time by the Netherlands, has since expanded to more than 20 international partners. The Coast Guard works to enhance collaboration between the public sector, the private sector, and our international partners, including discussions and presentations from non-governmental organizations (NGOs), academia, private shipping, U.S.

ports, and private sector cybersecurity companies.