Late last month the Securities and Exchange Commission (“SEC”) charged JP Morgan, UBS and Trade Station with violations of Regulation S-ID based on a range of inadequacies in their identity theft red flag policies and...more
8/9/2022
/ Anti-Fraud Provisions ,
Business Development Companies ,
Cybersecurity ,
Data Protection ,
Disclosure Requirements ,
Investment Adviser ,
Investor Protection ,
Policies and Procedures ,
Popular ,
Proposed Rules ,
Registered Investment Companies (RICs) ,
Regulatory Agenda ,
Risk Management ,
Securities and Exchange Commission (SEC)
The Employee Benefits Security Administration of the United States Department of Labor (“EBSA”) recently published guidance regarding cybersecurity best practices for recordkeepers and service providers responsible for plan...more
4/15/2021
/ 401k ,
Audits ,
Benefit Plan Sponsors ,
Cybersecurity ,
Data Security ,
Department of Labor (DOL) ,
EBSA ,
Employee Retirement Income Security Act (ERISA) ,
New Guidance ,
Pensions ,
Popular ,
Retirement Plan ,
Risk Assessment
Facebook is at the center of the “Schrems” case, which exposed contradictions between U.S. and EU data privacy rules and toppled the U.S./EU Safe Harbor (Schrems I). In Schrems II, Austrian Max Schrems challenges the adequacy...more
The California Consumer Privacy Act (CCPA) imposes significant protections for California residents covered by the law, and significant burdens for companies required to comply with it. One area of concern is whether the CCPA...more
10/4/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Security ,
Disclosure Requirements ,
Employer Liability Issues ,
Employment Records ,
Exceptions ,
Job Applicants ,
Opt-Outs ,
Personal Data
On April 16, 2019, Representatives Saine, Jones and Reives introduced House Bill 904, the long anticipated amendments to the North Carolina Identity Theft Protection Act, N.C. Gen. Stat. § 75-61 et seq.. We first wrote about...more
4/17/2019
/ Amended Legislation ,
Consumer Reporting Agencies ,
Credit Reporting Agencies ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Protection ,
Identity Theft ,
Notification Requirements ,
Popular ,
State Data Breach Notification Statutes ,
Unfair or Deceptive Trade Practices
Following in the footsteps of California, and the European Union’s General Data Protection Regulation, the State of Washington is taking steps to adopt a comprehensive privacy law focused on protecting consumer information....more
4/11/2019
/ Consumer Privacy Rights ,
Corporate Counsel ,
Cybersecurity ,
Data Collection ,
Data Protection ,
Fair Credit Reporting Act (FCRA) ,
Gramm-Leach-Blilely Act ,
Personal Data ,
Personally Identifiable Information ,
Proposed Legislation ,
State and Local Government
With major consumer data breaches making headlines on a semi-regular basis, legislators around the country are starting to hold businesses more accountable for cybersecurity compliance. Industry-specific laws such as HIPAA...more
2/7/2018
/ Cyber Attacks ,
Cybersecurity ,
Data Protection ,
Data Security ,
FTC Act ,
Gramm-Leach-Blilely Act ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Personally Identifiable Information ,
Popular ,
Proposed Legislation ,
State and Local Government ,
State Data Breach Notification Statutes ,
Unfair or Deceptive Trade Practices
Recently the state of New Mexico enacted the Data Breach Notification Act, making it the 48th state in the United States to enact a statute requiring notice to individuals impacted by a data breach. In doing so, New Mexico...more
A common and understandable concern of companies that suffer a data breach is whether the victims can sue the company. It is tempting to assume that the victims won’t sue if they do not suffer identity theft or monetary loss...more
1/18/2017
/ Article III ,
Clapper v. Amnesty International ,
Cybersecurity ,
Data Breach ,
FACTA ,
Injury-in-Fact ,
SCOTUS ,
Split of Authority ,
Spokeo v Robins ,
Standing ,
Statutory Damages ,
Statutory Violations ,
Substantial Risk of Harm