U.S. Court Axes Most of SEC's SolarWinds Data Breach Suit -
The U.S. District Court for the Southern District of New York recently dismissed much of the U.S. Securities and Exchange Commission’s (“SEC”) suit against...more
8/2/2024
/ Artificial Intelligence ,
Audits ,
Automated Decision Systems (ADS) ,
COPPA ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Dismissals ,
EU ,
EU-US Privacy Shield ,
European Economic Area (EEA) ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Instant Messaging Apps ,
Misleading Statements ,
Regulation Technical Standards (RTS) ,
Risk Assessment ,
ROSCA ,
Securities and Exchange Commission (SEC) ,
Settlement ,
SolarWinds
Incident Response Plans and Written Information Security Programs Continue to be Essential and Will Need to Be Reviewed. Most sophisticated organizations currently have in place incident response plans. Those organizations...more
7/2/2024
/ Covered Entities ,
Data Breach ,
Gramm-Leach-Blilely Act ,
Incident Response Plans ,
Notification Requirements ,
Personal Information ,
Policies and Procedures ,
Proposed Amendments ,
Recordkeeping Requirements ,
Regulation S-P ,
Securities and Exchange Commission (SEC)
CFPB Director Chopra Emphasizes “Pressing Need” for Data Protections -
On June 12, 2024 and June 13, 2024, Consumer Financial Protection Bureau Director Rohit Chopra appeared before the Senate Banking Committee and the...more
7/1/2024
/ Breach Notification Rule ,
Consumer Financial Protection Bureau (CFPB) ,
Court of Justice of the European Union (CJEU) ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
Multi-Factor Authentication ,
Personal Data ,
Securities and Exchange Commission (SEC) ,
Settlement ,
State Privacy Laws ,
UK GDPR ,
Vermont
SEC Fines the New York Stock Exchange’s Parent Company $10 million for Failure to Promptly Notify Its Subsidiaries of Cybersecurity Breach -
On May 22, 2024, the Securities and Exchange Commission (“SEC”) imposed a $10...more
6/14/2024
/ Annual Reports ,
Artificial Intelligence ,
Breach Notification Rule ,
Colorado ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Protection ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Information Commissioner's Office (ICO) ,
Machine Learning ,
New Legislation ,
NYSE ,
Popular ,
Securities and Exchange Commission (SEC) ,
UK
The Biden Administration Issues Executive Order on Artificial Intelligence -
On October 30, 2023, President Biden signed an Executive Order on Safe, Secure, and Trustworthy Artificial Intelligence (the “Order”)...more
11/17/2023
/ Artificial Intelligence ,
Biden Administration ,
Chief Information Security Officer (CISO) ,
Cyber Crimes ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Breach ,
Executive Orders ,
Federal Trade Commission (FTC) ,
Financial Institutions ,
NYDFS ,
Ransomware ,
Regulatory Agenda ,
Securities and Exchange Commission (SEC) ,
SolarWinds
At an open meeting on March 15, 2023, the U.S. Securities and Exchange Commission voted unanimously to propose rule amendments to Regulation S-P (Proposed Rule) and published an accompanying release (Release). The Proposed...more
4/18/2023
/ Cybersecurity ,
Data Breach ,
Financial Institutions ,
Fixing America’s Surface Transportation Act (FAST Act) ,
Gramm-Leach-Blilely Act ,
Investment Adviser ,
Investment Company Act of 1940 ,
Personal Information ,
Popular ,
Proposed Amendments ,
Recordkeeping Requirements ,
Regulation S-P ,
Risk Management ,
Safeguards Rule ,
Securities and Exchange Commission (SEC)
SEC Division of Examinations Issues Risk Alert on Regulation S-ID and Identity Theft Prevention Programs -
On December 5, 2022, the Securities and Exchange Commission (“SEC”) Division of Examinations (“EXAMS”) issued a...more
12/16/2022
/ Advanced Notice of Proposed Rulemaking (ANPRM) ,
American Civil Liberties Union (ACLU) ,
Artificial Intelligence ,
Broker-Dealer ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Transfers ,
EDPS ,
EU ,
European Data Protection Board (EDPB) ,
European Economic Area (EEA) ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Investment Adviser ,
Minors ,
Online Safety for Children ,
Personal Data ,
Policies and Procedures ,
Proposed Legislation ,
Regulation S-ID ,
Risk Alert ,
Securities and Exchange Commission (SEC) ,
SolarWinds
SEC Chair Gensler Indicates Commission is Looking to Update SEC’s Regulation S-P -
On September 28, 2022, Securities and Exchange Commission (“SEC” or the “Commission”) Chairman Gary Gensler appeared via video at the...more
10/14/2022
/ Advanced Notice of Proposed Rulemaking (ANPRM) ,
Algorithms ,
Anti-Discrimination Policies ,
Artificial Intelligence ,
Biden Administration ,
Broker-Dealer ,
Cloud Service Providers (CSPs) ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
EU ,
EU-US Privacy Shield ,
Federal Trade Commission (FTC) ,
Foreign Trade Regulations ,
Gramm-Leach-Blilely Act ,
Hackers ,
Information Commissioner's Office (ICO) ,
International Data Transfers ,
Investment Adviser ,
Investment Companies ,
Privacy Framework ,
Regulation S-P ,
Request For Information ,
Right of Access ,
Securities and Exchange Commission (SEC) ,
Subject Access Request (SAR) ,
Title V ,
U.S. Commerce Department ,
Uber ,
UK ,
UK GDPR
Federal Privacy Bill (ADPPA) is Sent to the House Floor but Obstacles to its Passage Remain -
On July 20, 2022, the House Committee on Energy and Commerce (“the Committee”) voted 53-2 in favor of advancing The American Data...more
8/5/2022
/ Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Department of Homeland Security (DHS) ,
FCC ,
Geolocation ,
Popular ,
Proposed Legislation ,
Regulatory Agenda ,
Regulatory Reform ,
T-Mobile ,
Vulnerability Assessments
WARNING: U.S. Federal Government Continues to Warn the Private Sector to Prepare Itself for Russian Cyberattacks -
The White House, the Cybersecurity and Infrastructure Security Agency (“CISA”), and other federal agencies...more
4/8/2022
/ Consumer Privacy Rights ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
General Data Protection Regulation (GDPR) ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Personal Data ,
Popular ,
Social Media ,
State Privacy Laws
FTC Announces Regulatory Priorities for 2022 -
On December 10, 2021, the Federal Trade Commission (“FTC”) published its Statement of Regulatory Priorities (“Announcement”) for 2022. The FTC’s priorities for the coming year...more
1/14/2022
/ Breach Notification Rule ,
COPPA ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Enforcement Priorities ,
Federal Trade Commission (FTC) ,
Gramm-Leach-Blilely Act ,
Hackers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Identity Theft ,
Location Data ,
Popular ,
Ransomware ,
Regulatory Violations ,
Threat Management ,
Vulnerability Assessments
We are delighted to welcome you to the second issue of Dechert Cyber Bits, brought to you by members of our top-ranked, global Privacy & Cybersecurity practice. This second issue of Cyber Bits discusses key developments from...more
11/5/2021
/ Artificial Intelligence ,
Biometric Information ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Federal Trade Commission (FTC) ,
Gramm-Leach-Blilely Act ,
Notification Requirements ,
Popular ,
Ransomware ,
Risk Management
The California legislature unanimously approved and California Governor Jerry Brown signed into law the California Consumer Privacy Act of 2018 (CCPA) on June 28, 2018. The CCPA is arguably the most far-reaching data...more
9/19/2018
/ California Consumer Privacy Act (CCPA) ,
Consent ,
Consumer Privacy Rights ,
Covered Entities ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Protection ,
Disclosure Requirements ,
General Data Protection Regulation (GDPR) ,
New Legislation ,
Opt-Outs ,
Personally Identifiable Information ,
Privacy Laws ,
Privacy Policy ,
Private Right of Action ,
Right to Be Forgotten ,
Right to Delete ,
Right To Know ,
State Attorneys General ,
State Data Breach Notification Statutes
While companies may be aware of the threats posed to their businesses by a data breach, they should also have a concrete plan in place so that they can respond effectively should one occur. In a recent webinar, attorneys from...more
Following a year of high-profile data breaches, the Securities and Exchange Commission (SEC) announced on January 13, 2015 that, for the second consecutive year, its Office of Compliance Inspections and Examinations (OCIE)...more