Dechert Cyber Bits - Special Edition: 2023 Predictions

Timothy Blank, Alec Burnside, Kevin Cahill, Dr. Olaf Fasshauer, Vernon Francis, Paul Kavanagh, Karen Neuman, Brenda Sharton
Dechert LLP
Contact
LinkedIn
Facebook
X
Send
Embed

Dechert LLP

What is in store for Privacy and Cybersecurity in 2023

As the year ends, we offer this special edition with predictions for 2023 from each member of the Cyber Bits Partner Committee. Regardless of what happens in 2023, we renew our commitment to keep you informed of the latest developments to help you navigate this complex environment.

We wish you a happy new year and great things for the year to come.

Brenda and Karen

Brenda Sharton

Partner and Global Co-Chair | Boston

brenda.sharton@dechert.com

Every year for decades, we’ve seen the number of cyberattacks increase, in both frequency and sophistication, and 2023 promises to be no different. As they grapple with how to fend off this criminal onslaught, we’ll see governments across the globe try to create new regulations (and modify existing ones) around company responses. This is a trend that started in 2022 and will continue into 2023.

Karen Neuman

Partner and Global Co-Chair | Washington,D.C.

Karen.neuman@dechert.com

The window for passage of comprehensive privacy legislation will effectively close. As a result, the FTC will step up its assertion of broad Federal privacy rulemaking authority and more states will consider CCPA-like legislation, and state and Federal lawmakers will focus on personal data driven, ethical AI.

Timothy Blank

Partner | Boston

timothy.blank@dechert.com

As companies develop better overall network security and increasingly arrange for quality offline data backups to thwart the impact of ransomware encryption, cyber criminals will continue to develop new attack vectors, tactics and strategies to maintain or increase their negotiating leverage. We will see an increase in the attackers’ use of data exfiltration and “data shaming” as a leverage point, as well as an increase in the attackers‘ deletion of data and the destruction or impairment of a company’s IT infrastructure. It will be critical for companies to have in place sophisticated response teams to quickly minimize the damage and disruption from an attack and to reduce the attackers’ negotiation leverage.

Alec Burnside

Partner | Brussels

alec.burnside@dechert.com

The passage of the Digital Markets Act in the EU is the precursor for new ex ante controls around the globe, complementing ex post antitrust enforcement. The privacy/antitrust nexus much in mind. Meanwhile, identifying and preventing ”killer acquisitions” is one of the talking points of the antitrust circuit – deals below filing thresholds where incumbents pay over the odds to acquire tomorrow’s challenger. Digital (and pharma) are center-stage here.

Kevin Cahill

Partner | Los Angeles

kevin.cahill@dechert.com

We expect the Securities and Exchange Commission to adopt new rules for registered funds and investment advisers regarding cybersecurity risk management, cyber incident reporting and cyber risk disclosure. These rules will represent the most significant update to federal privacy law as applied to registered funds and advisers in nearly 20 years and will have a substantial impact on the asset management industry.

Dr. Olaf Fasshauer

National Partner | Munich

olaf.fasshauer@dechert.com

I think these developments in the EU will be among the most important to follow in 2023:

  • the implementation of the Digital Services Act, the Digital Markets Act, the NIS2 Directive and the AI Act, and continued focus on the regulation of non-personal data.
  • the Austrian post case of the ECJ, which asks the Court to decide whether a data subject can prevail on a damage claim under GDPR without proving a real or actual damage. The Advocate General suggests in his opinion that the data subject would have to make such a showing. If the Court were to follow the Advocate General's opinion it will have a considerable impact on the enforcement of GDPR by civil law courts.
  • the implementation of the Whistleblower Directive in the various EU member states.

Paul Kavanagh

Partner | London

paul.kavanagh@dechert.com

After a year of high drama (and some farce) in UK public life, it seems inevitable the current UK government will reform data privacy regulation. Some in Westminster see the GDPR as a paradigm of EU over-regulation that Brexit sought to break away from. Divergence between the UK and EU is likely to become more marked and in the UK there is likely to be a tendency towards data liberalisation.

Vernon Francis

Partner | Philadelphia

vernon.francis@dechert.com

As the Senior Editor of Cyber Bits, I can attest to the volume of stories we cull through to select the items that are of most practical interest to our readers. From following regulatory proposals made in the U.S. and abroad, to developments on specific issues like the continued quest for a workable post-Schrems agreement on cross-Atlantic data transfers, we’ve done our very best this year to keep you informed. The only thing I’d claim to be sure of is that privacy and cybersecurity will continue to be in the news and on the minds of regulators and our clients in 2023 and for years to come.

 

Send Print Report

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Dechert LLP | Attorney Advertising

Written by:

Dechert LLP
Dechert LLP
Contact
more
less

Dechert LLP on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide