The study aimed to develop a customized Data Governance Maturity Model (DGMM) for the Ministry of Defence (MoD) in Kenya to address data governance challenges in military settings. Current frameworks lack specific req...The study aimed to develop a customized Data Governance Maturity Model (DGMM) for the Ministry of Defence (MoD) in Kenya to address data governance challenges in military settings. Current frameworks lack specific requirements for the defence industry. The model uses Key Performance Indicators (KPIs) to enhance data governance procedures. Design Science Research guided the study, using qualitative and quantitative methods to gather data from MoD personnel. Major deficiencies were found in data integration, quality control, and adherence to data security regulations. The DGMM helps the MOD improve personnel, procedures, technology, and organizational elements related to data management. The model was tested against ISO/IEC 38500 and recommended for use in other government sectors with similar data governance issues. The DGMM has the potential to enhance data management efficiency, security, and compliance in the MOD and guide further research in military data governance.展开更多
The enactment of China's Data Security Law and Personal Information Protection Law has created an issue for Chinese enterprises.It is subject to evidence production orders in overseas arbitral proceedings.The exis...The enactment of China's Data Security Law and Personal Information Protection Law has created an issue for Chinese enterprises.It is subject to evidence production orders in overseas arbitral proceedings.The existing framework governing cross-border data transfers is procedurally ill-suited to arbitration timelines.Also,it does not address arbitration-specific scenarios.This paper employs doctrinal legal analysis to examine the interpretive scope of Article 36 of the Data Security Law.It draws on comparative references to the European Union and the United States as comparative evidence of the limits.The conflict arises because Article 36 prohibits providing data to foreign judicial or law enforcement authorities.It has not been authoritatively interpreted to exclude or include international commercial arbitral tribunals.This leaves Chinese enterprises exposed to potential administrative penalties if they produce evidence and to adverse consequences if they do not.The solution is a narrow judicial interpretation of Article 36 to exclude privately constituted commercial arbitral tribunals from its scope,accompanied by a targeted tiered classification mechanism for arbitration-specific data export applications and,as a supplementary technical measure,domestically hosted Virtual Data Rooms(VDR)for lower-sensitivity evidence production.These solutions are legally tractable and directly serve the state's interest in international commercial dispute resolution.展开更多
International and U.S.corporations must be well advised regarding specific regulations and laws that affect cybersecurity decisions because the Board of Directors must perform due diligence to avoid regulatory neglige...International and U.S.corporations must be well advised regarding specific regulations and laws that affect cybersecurity decisions because the Board of Directors must perform due diligence to avoid regulatory negligence and lawsuit liability.Depending on the standards and the regulations that do define reasonable care,the corporate director is faced with the challenge of determining how and what cybersecurity laws apply.Then,directors can institute best cybersecurity management practices.This paper provides guidance regarding the application of the law in the areas of cyber security for the international corporations interacting with the European General Data Protection Regulations(GDPR),the California Consumer Privacy Act(CCPA),and recent Federal Trade Commission(FTC)administrative agency rulings.Reading this paper is worth your time because it will inform you of the legal challenges that international and domestic corporations face in making decisions about spending capital to manage cybersecurity and at the same time perform due diligence.In other words,if there is a cybersecurity breach,this paper will provide insights into what law must be followed by the corporation enabling the best management decisions assuring adequate response,compliance,thereby avoiding unnecessary liability risk.The paper also provides reflections about whether the GDPR serves as a better legal comprehensive regulatory model rather than the recently enacted laws in the U.S.展开更多
The U.S.and the international business community is in a crisis regarding ransomware attacks and cybersecurity policing/regulation.Based on recent events,state sponsored cyber hackers have made it their mission to hol...The U.S.and the international business community is in a crisis regarding ransomware attacks and cybersecurity policing/regulation.Based on recent events,state sponsored cyber hackers have made it their mission to hold the information security world hostage extorting money for a returning of data systems to normal functioning.This paper examines the challenges for the global business community regarding the scope of the attacks,the current state of the law in the U.S.intended to provide current information to the international business community,illustrate the challenges for regulators and the courts,illustrate the recent progress of the criminal investigatory aspects of apprehending cybercriminals,report on the non-delegable duties of decision makers in the international community doing business in the U.S.,and demonstrate the potential solutions to this evolving international crisis.It is worth your time to read this paper for the following reasons:1.Understanding the risks and the scope of the problem moving forward with doing business in the U.S.;2.communicating recent developments fostering cooperation and contributing to mediating cybersecurity events for international corporations;and 3.providing information on the current state of the law by the U.S.Supreme Court pointing out the relevant and the consequential outcomes of the legal system leading to potential smart solutions for planning business decisions.展开更多
文摘The study aimed to develop a customized Data Governance Maturity Model (DGMM) for the Ministry of Defence (MoD) in Kenya to address data governance challenges in military settings. Current frameworks lack specific requirements for the defence industry. The model uses Key Performance Indicators (KPIs) to enhance data governance procedures. Design Science Research guided the study, using qualitative and quantitative methods to gather data from MoD personnel. Major deficiencies were found in data integration, quality control, and adherence to data security regulations. The DGMM helps the MOD improve personnel, procedures, technology, and organizational elements related to data management. The model was tested against ISO/IEC 38500 and recommended for use in other government sectors with similar data governance issues. The DGMM has the potential to enhance data management efficiency, security, and compliance in the MOD and guide further research in military data governance.
文摘The enactment of China's Data Security Law and Personal Information Protection Law has created an issue for Chinese enterprises.It is subject to evidence production orders in overseas arbitral proceedings.The existing framework governing cross-border data transfers is procedurally ill-suited to arbitration timelines.Also,it does not address arbitration-specific scenarios.This paper employs doctrinal legal analysis to examine the interpretive scope of Article 36 of the Data Security Law.It draws on comparative references to the European Union and the United States as comparative evidence of the limits.The conflict arises because Article 36 prohibits providing data to foreign judicial or law enforcement authorities.It has not been authoritatively interpreted to exclude or include international commercial arbitral tribunals.This leaves Chinese enterprises exposed to potential administrative penalties if they produce evidence and to adverse consequences if they do not.The solution is a narrow judicial interpretation of Article 36 to exclude privately constituted commercial arbitral tribunals from its scope,accompanied by a targeted tiered classification mechanism for arbitration-specific data export applications and,as a supplementary technical measure,domestically hosted Virtual Data Rooms(VDR)for lower-sensitivity evidence production.These solutions are legally tractable and directly serve the state's interest in international commercial dispute resolution.
文摘International and U.S.corporations must be well advised regarding specific regulations and laws that affect cybersecurity decisions because the Board of Directors must perform due diligence to avoid regulatory negligence and lawsuit liability.Depending on the standards and the regulations that do define reasonable care,the corporate director is faced with the challenge of determining how and what cybersecurity laws apply.Then,directors can institute best cybersecurity management practices.This paper provides guidance regarding the application of the law in the areas of cyber security for the international corporations interacting with the European General Data Protection Regulations(GDPR),the California Consumer Privacy Act(CCPA),and recent Federal Trade Commission(FTC)administrative agency rulings.Reading this paper is worth your time because it will inform you of the legal challenges that international and domestic corporations face in making decisions about spending capital to manage cybersecurity and at the same time perform due diligence.In other words,if there is a cybersecurity breach,this paper will provide insights into what law must be followed by the corporation enabling the best management decisions assuring adequate response,compliance,thereby avoiding unnecessary liability risk.The paper also provides reflections about whether the GDPR serves as a better legal comprehensive regulatory model rather than the recently enacted laws in the U.S.
文摘The U.S.and the international business community is in a crisis regarding ransomware attacks and cybersecurity policing/regulation.Based on recent events,state sponsored cyber hackers have made it their mission to hold the information security world hostage extorting money for a returning of data systems to normal functioning.This paper examines the challenges for the global business community regarding the scope of the attacks,the current state of the law in the U.S.intended to provide current information to the international business community,illustrate the challenges for regulators and the courts,illustrate the recent progress of the criminal investigatory aspects of apprehending cybercriminals,report on the non-delegable duties of decision makers in the international community doing business in the U.S.,and demonstrate the potential solutions to this evolving international crisis.It is worth your time to read this paper for the following reasons:1.Understanding the risks and the scope of the problem moving forward with doing business in the U.S.;2.communicating recent developments fostering cooperation and contributing to mediating cybersecurity events for international corporations;and 3.providing information on the current state of the law by the U.S.Supreme Court pointing out the relevant and the consequential outcomes of the legal system leading to potential smart solutions for planning business decisions.
