On July 18, a New York federal judge threw out most of the SEC’s claims brought against both SolarWinds Corp. and the company’s chief information security officer (CISO), Timothy Brown....more
7/25/2024
/ Board of Directors ,
Chief Information Security Officer (CISO) ,
Corporate Governance ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Disclosure Requirements ,
Enforcement Actions ,
Fraud ,
Incident Response Plans ,
Misleading Statements ,
Publicly-Traded Companies ,
Risk Mitigation ,
Securities and Exchange Commission (SEC) ,
Securities Fraud ,
SolarWinds ,
Supply Chain
Last month, the Securities and Exchange Commission (SEC) reemphasized just how serious companies must be about maintaining a vigilant cybersecurity posture and procedures to report cyber incidents in a timely manner....more
6/21/2024
/ Corporate Governance ,
Cyber Attacks ,
Cyber Incident Reporting ,
Cybersecurity ,
Disclosure Requirements ,
Enforcement Actions ,
Form 8-K ,
Materiality ,
Publicly-Traded Companies ,
Regulation SCI ,
Securities and Exchange Commission (SEC) ,
Settlement
By now, companies that collect, process, and store the personal data of consumers are used to a fast pace of state privacy and cybersecurity legal activity. This year, companies should also expect increased activity from...more
5/1/2024
/ Comment Period ,
Critical Infrastructure Sectors ,
Cyber Incident Reporting ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Collection ,
Data Privacy ,
General Data Protection Regulation (GDPR) ,
Personal Data ,
Proposed Legislation ,
Proposed Rules ,
State Privacy Laws
The Federal Trade Commission (FTC) on Tuesday, April 23, issued its final rule that prevents most employers from enforcing noncompetes against workers. The 3-2 vote by commissioners comes nearly a year and a half after the...more
In today's evolving world of security and data privacy, K-12 schools, universities, local governments, and hospitals are increasingly finding themselves on the same list: vulnerable to the threat of a cyberattack....more
The legal significance of President Joe Biden's "Executive Order on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence" is immense, marking a pivotal moment in the governance of AI technologies...more
Compliance assessments can be a valuable tool during the mergers and acquisitions process, but the Department of Justice (DOJ) is incentivizing due diligence reviews under a newly announced policy.
Deputy Attorney...more
10/27/2023
/ Acquisitions ,
Compliance ,
Cooperation ,
Corporate Governance ,
Corporate Misconduct ,
Department of Justice (DOJ) ,
Due Diligence ,
Mergers ,
Policy Statement ,
Safe Harbors ,
Voluntary Disclosure
In less than three months, public companies and certain foreign private companies will have to take additional steps after cybersecurity breaches: deciding whether an incident meets the materiality threshold that requires...more
9/29/2023
/ Compliance ,
Compliance Dates ,
Corporate Governance ,
Customer Proprietary Network Information (CPNI) ,
Cyber Incident Reporting ,
Cybersecurity ,
Disclosure Requirements ,
FCC ,
Final Rules ,
Foreign Private Issuers ,
Form 8-K ,
Materiality ,
Publicly-Traded Companies ,
Regulation S-K ,
Risk Management ,
Securities and Exchange Commission (SEC) ,
Securities Regulation
Previously relegated to purely civil enforcement, in the last year the U.S. Department of Justice (DOJ) has increased its focus on pursuing criminal charges for anti-poach agreements between companies that attempt to...more
5/5/2023
/ Acquittals ,
Antitrust Violations ,
Competition ,
Criminal Prosecution ,
Department of Justice (DOJ) ,
Health Care Providers ,
Home Health Agencies ,
No-Poaching ,
Price-Fixing ,
Restraint of Trade ,
Wage-Fixing
The Washington state My Health My Data Act (MHMDA) casts a wide net of business and data it intends to regulate. Passed on April 17, the law places restrictions on the collection, sharing, and selling of “consumer health...more
Iowa became the sixth state with a comprehensive privacy law after passing the Act Relating to Consumer Data Protection (ICDPA), with Indiana’s Senate Bill 5 set to cause Indiana to become the seventh, following Governor...more
The Seventh Circuit Court of Appeals requested that the Illinois Supreme Court (ILSC) weigh in on how claims accrue under the Illinois Biometric Information Privacy Act (BIPA). BIPA requires companies, often employers, to get...more
In a few months, certain businesses with California-based employees may face new data privacy requirements as an exemption to the Golden State’s comprehensive privacy and security statute sunsets. In recent years,...more
It is becoming increasingly difficult for businesses to keep up with the growing patchwork of privacy laws. A fifth state is added to the list of those with comprehensive privacy laws, Virginia passed multiple amendments to...more
On March 24, 2022, Utah Governor Spencer Cox signed the Utah Consumer Privacy Act (“UCPA”) into law, making it the fourth state to pass a comprehensive data privacy law - joining California, Virginia, and Colorado. The UCPA...more
Beyond causing long lines and shortages at the gas pump, the cyberattack on the Colonial Pipeline this month may have important implications for federal contractors. As part of the federal government’s response, President Joe...more
5/28/2021
/ Biden Administration ,
Cloud Computing ,
Critical Infrastructure Sectors ,
Cyber Attacks ,
Cybersecurity ,
Data Management ,
Department of Homeland Security (DHS) ,
Executive Orders ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
Government Agencies ,
National Security ,
Pipelines ,
Software ,
TSA
The Economic Growth, Regulatory Relief, and Consumer Protection Act takes effect on Friday, September 21. The act modifies the Dodd-Frank Wall Street Reform and Consumer Protection Act in a variety of ways, including with...more
California is implementing a law that has major implications for companies that deal in personal data as well as large to medium sized companies that have an internet presence in California. The California Consumer Privacy...more
The U.S. Justice Department, the Federal Trade Commission, and other federal agencies recently announced their 2018 increases for civil penalties. As the costs of violations continue rising, it is imperative that companies...more
5/1/2018
/ Civil Monetary Penalty ,
Compliance ,
Corporate Counsel ,
Department of Homeland Security (DHS) ,
Department of Justice (DOJ) ,
Department of Labor (DOL) ,
Enforcement Actions ,
Environmental Protection Agency (EPA) ,
Equal Employment Opportunity Commission (EEOC) ,
Federal Trade Commission (FTC) ,
Nuclear Regulatory Commission ,
Office of Foreign Assets Control (OFAC) ,
Securities and Exchange Commission (SEC)
As the global focus on data protection increases, so expands the liability exposure for data holders following a breach. Employers collect significant amounts of sensitive personal information about their employees over the...more
In late May, the European Union’s new General Data Protection Regulation (GDPR) takes effect, changing the manner in which companies all over the world – not just those in the EU – store and use Europeans’ personal data. GDPR...more
Congress has passed – and the Trump administration has signaled that the president will sign – a bill to roll back the Consumer Financial Protection Bureau’s sweeping arbitration rule, which the White House has called...more
On July 10, 2017, the Consumer Financial Protection Bureau (CFPB) announced a new rule that may have significant ramifications for the financial industry. The rule aims to stop a now common feature in financial services...more
In 2016, we let you know about the redundantly titled “Federal Civil Penalties Inflation Adjustment Act Improvements Act of 2015,” which required that heads of government agencies adjust civil penalties yearly to account for...more
6/15/2017
/ Chief Compliance Officers ,
Department of Homeland Security (DHS) ,
Department of Justice (DOJ) ,
Department of Labor (DOL) ,
Directorate of Defense Trade Controls (DDTC) ,
Environmental Protection Agency (EPA) ,
Equal Employment Opportunity Commission (EEOC) ,
False Claims Act (FCA) ,
Federal Civil Penalties Inflation Adjustment Act Improvements Act of 2015 ,
Federal Trade Commission (FTC) ,
Office of Foreign Assets Control (OFAC) ,
Risk Management
In the world of cyber-espionage, ransomware is playing a huge and growing role....more