In this month’s Privacy & Cybersecurity Update, we analyze the Biden administration’s proposed cybersecurity labeling program for smart devices, NIST’s extensive overhaul of its cybersecurity framework, and data privacy law...more
9/6/2023
/ Biden Administration ,
California ,
California Privacy Rights Act (CPRA) ,
Colorado ,
Compliance ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Labeling ,
NIST ,
Popular ,
Privacy Laws ,
Smart Devices ,
State Privacy Laws
The rapid adoption of artificial intelligence (AI) technology into corporate environments has left many organizations understandably struggling with how to identify, measure and manage the unique risks of these nascent...more
In this month’s Privacy & Cybersecurity Update, we examine the Illinois Supreme Court’s decision in a case involving workers compensation and the state’s Biometric Information Privacy Act, U.K. data transfer regimes before...more
3/2/2022
/ Biometric Information ,
Biometric Information Privacy Act ,
COPPA ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection Authority ,
EU ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
IL Supreme Court ,
International Data Transfers ,
Internet of Things ,
NIST ,
Personal Data ,
Popular ,
Standard Contractual Clauses
In this month's edition of our Privacy & Cybersecurity Update, we examine the New York Department of Financial Services' issuance of the first-ever cyber insurance risk guidance framework, the Eleventh Circuit's ruling...more
In this month's edition, we examine the European Commission's Digital Services Act and its potential regulatory impact, the National Institute of Standards and Technology's draft guidance on internet-of-things devices'...more
2/4/2021
/ Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Retention ,
Data Security ,
Digital Services ,
Draft Guidance ,
European Commission ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Internet of Things ,
NIST ,
Popular ,
Privacy Policy
In this month's edition of our Privacy & Cybersecurity Update, we examine the National Institute of Standards and Technology's four principles of the "explainability" of artificial intelligence and the U.K. Information...more
9/1/2020
/ Anti-Drone Technology ,
Artificial Intelligence ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Compliance ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Protection Impact Assessments (DPIAs) ,
Department of Homeland Security (DHS) ,
Department of Justice (DOJ) ,
Drones ,
EU-US Privacy Shield ,
FCC ,
Federal Aviation Administration (FAA) ,
Federal Trade Commission (FTC) ,
Final Rules ,
International Data Transfers ,
NIST ,
Office of Administrative Law ,
Personal Information ,
Popular ,
Privacy Laws ,
Risk Mitigation ,
UK ,
UK ICO
In this month's edition of our Privacy & Cybersecurity Update, we examine the EU advocate general's decision in Schrems II, a federal court's ruling that an insurer owed coverage for a social engineering loss, the Chinese...more
2/6/2020
/ Advocate General ,
China ,
Cybersecurity ,
Cybersecurity Framework ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
EU ,
EU-US Privacy Shield ,
Federal Trade Commission (FTC) ,
GA Supreme Court ,
Hackers ,
Mobile Apps ,
Negligence ,
NIST ,
Personal Data ,
Popular ,
Ransomware ,
Schrems I & Schrems II
In this edition of our Privacy & Cybersecurity Update, we discuss how the prospect of a new chair and three new commissioners at the FTC may impact the agency's approach to cybersecurity regulation, a new Massachusetts...more
2/4/2017
/ Administrative Appointments ,
Breach Notification Rule ,
Cyber Insurance ,
Cybersecurity ,
Cybersecurity Framework ,
Data Breach ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Internet of Things ,
NIST ,
OCR ,
Popular ,
Privacy Policy ,
Public Disclosure ,
Software ,
Swiss Privacy Shield ,
Trump Administration
In this month's Privacy & Cybersecurity Update, we review an 11th Circuit case involving the longstanding battle between the FTC and medical company LabMD, recent NIST guidelines for securing devices connected to the...more
12/2/2016
/ Administrative Appeals ,
Appeals ,
China ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Data Breach ,
Data Security ,
Federal Trade Commission (FTC) ,
FTC Act ,
Geo-Blocking ,
LabMD ,
LinkedIn ,
NIST ,
Russia ,
Section 5 ,
Third-Party Service Provider ,
Unfair or Deceptive Trade Practices
In this edition of our Privacy & Cybersecurity Update, we examine the Sixth Circuit's decision to allow injury-in-fact to be established by alleging a "substantial risk of harm" in a data breach case, New York state's...more
10/3/2016
/ Article III ,
CFTC ,
Class Action ,
Commodities ,
Corporate Counsel ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Protection Authority ,
EU ,
EU-US Privacy Shield ,
Federal Trade Commission (FTC) ,
Financial Institutions ,
Financial Markets ,
Germany ,
International Data Transfers ,
NIST ,
NYDFS ,
Personal Data ,
Popular ,
Standing ,
UK ,
Young Lawyers
In This Issue:
- The Critical Takeaway for Every Company From the Sony Cyber Attack
- Sony Data Breach Class Action Complaint Provides Insight Into Cybersecurity Issues
- Reminder: New California Data...more
1/2/2015
/ Class Action ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Department of Financial Services ,
Examination Procedures ,
New Legislation ,
NIST ,
PF Chang's ,
Sony ,
Standing ,
Target
In This Issue:
- EU Issues Guidelines on ‘Right to be Forgotten’
- FFIEC Observations on Bank Cybersecurity Provides Important Guidelines for Every Industry
- Remarks by Comptroller Curry Highlight OCC...more
12/1/2014
/ Automotive Industry ,
Banks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
EU ,
Federal Trade Commission (FTC) ,
FFIEC ,
FTC v Wyndham ,
Google ,
NIST ,
OCC ,
Privacy Laws ,
Retailers ,
Right to Be Forgotten ,
Securities and Exchange Commission (SEC)
In This Issue:
- NIST Announces October Workshop and Releases Framewok Update
- Insurance Company Succeeds in Cybersecurity Litigation
- Safe Harbor Under Attack — This Time From a US Group
-...more
In This Issue:
- NIST Releases Final Framework Document
..Key Changes From The Preliminary Framework
..The Framework Roadmap
..The DHS “C-Cubed” Program
..Next Steps
- California Suggests Upper...more
2013 likely will be considered a watershed period in the role of cybersecurity in corporate strategy and management. While there were few significant legislative developments, a marked increase in cybersecurity attacks...more
1/29/2014
/ Cyber Insurance ,
Cyber Threats ,
Cybersecurity ,
Cybersecurity Framework ,
Data Breach ,
Data Protection ,
Data Theft ,
Federal Trade Commission (FTC) ,
Hackers ,
NIST ,
Target
On October 22, the National Institute of Standards and Technology (NIST) issued its Preliminary Cybersecurity Framework (the Preliminary Framework). The Preliminary Framework represents the first full draft of the...more
On September 11-13, the National Institute of Standards and Technology (NIST) hosted its fourth Cybersecurity Framework Workshop to solicit feedback on its recently released partial draft (Discussion Draft) of the NIST...more
In recent months, federal and state governments have taken an increasingly active role in reviewing cybersecurity issues within the private sector. There has been a flurry of activity as different government bodies discuss...more
On February 26, following close on the heels of the recent executive order setting forth the administration’s approach to the regulation of critical infrastructure network security, the National Institute of Standards and...more
On February 12, 2013, President Obama signed both an executive order and a presidential directive that together set forth the administration’s approach to two key cybersecurity related issues: (i) regulating critical...more