Data Protection

News & Analysis as of

Cybersecurity: SEC Is Starting to Scrutinize Registrants’ Practices

The SEC plans to examine the cybersecurity practices of over 50 registered broker-dealers and investment advisers. The SEC announced its plan in an April 15, 2014 Risk Alert, which closely follows the March 26 Cybersecurity...more

Privacy Laws in Asia

Privacy rules in Asia are changing at a rapid pace. In the past three years alone, five countries have enacted brand new laws, and three countries or jurisdictions have amended existing laws to address emerging issues such as...more

Orrick's Financial Industry Week in Review

European Banking Authority Publishes Opinion on European Commission's Proposed Amendments to ITS - On April 16, the European Banking Authority (EBA) published via its website an opinion dated April 4, 2014 on...more

SEC Staff to Conduct Broker-Dealer and Investment Adviser Examinations Focused on Cybersecurity

The Securities and Exchange Commission’s (the “SEC” or the “Commission”) Office of Compliance Inspections and Examinations (“OCIE”) announced in an April 15, 2014 Risk Alert (the “Alert”) that it will be conducting...more

FTC Seeks Further Public Comment On Mobile Security

On April 17, the FTC announced it is seeking additional public comments on issues explored during a 2013 forum on mobile security. The announcement includes a series of specific questions within the following categories: (i)...more

SEC Issues Cybersecurity Risk Alert

On April 15th, the SEC's Office of Compliance Inspections and Examinations ("OCIE") issued a Risk Alert concerning its initiative to assess the cybersecurity preparedness of the securities industry. The Risk Alert states that...more

The Cybersecurity Race: Executive Branch Takes The Lead While Congress Watches From The Bleachers

The federal government sector has been abuzz lately with whispers and shouts about pending cybersecurity regulations, frameworks, and requirements. This attention is not particularly surprising, especially given the recent...more

SEC Cybersecurity Roundtable Addresses Broker-Dealer and Investment Adviser Risks

On March 26, 2014, the Securities and Exchange Commission (SEC) hosted a roundtable to discuss cybersecurity issues facing public companies, broker-dealers, investment advisers and other market participants. The roundtable...more

Europe Under Review: Part 3 Of 8 – Accuracy And Proportionality

As the next in our series of “back to privacy basics”, we look at the rules regarding accuracy and proportionality in the processing of personal data. As we will do throughout this series, we take a look at the current...more

New Jersey Federal Court First To Uphold FTC’s UDAP Authority To Enforce Data Security

On April 7, the U.S. District Court for the District of New Jersey denied a hotel company’s motion to dismiss the FTC’s claims that the company engaged in unfair and deceptive practices in violation of Section 5 of the FTC...more

FTC Enforces Facebook Policies to Stop Jerk

The Federal Trade Commission (FTC) recently accused the operator of www.Jerk.com (Jerk) of misrepresenting to users the source of the personal content that Jerk used for its purported social networking website and the...more

A Brief Survey of Current and Future Developments in Privacy, Data Protection and Cyber Security Law

The challenges confronting corporate counsel regarding privacy, data protection and cyber security have never been more daunting: dealing with the threat of increasingly sophisticated cybercriminals, responding to data breach...more

Target Becomes a Target: Proposed California Bill Aims to Make Retailers Liable for Data Breach Incidents

Following a string of high-profile data breaches and new data suggesting that approximately 21.3 million customer accounts have been exposed by data breach incidents over the past two years, the California legislature has...more

Part III: Has Congress Spoken and Does It Really Matter? The Wyndham Worldwide Case and the Expanding Power of the FTC to Police...

In the first and second parts of this series, we provided a summary of the District Court of New Jersey’s recent decision in FTC v. Wyndham Worldwide Corp. and then focused on whether the FTC has given “fair notice” to...more

Week in Review

Employers and their IT departments are always looking for ways to protect their data in this age of constantly changing technology. One new form of protection that may become available to employers is a "kill switch" on...more

Corporate acquisitions involving government contractors: DOD codifies significant security clearance-related risk

The US Department of Defense has published an Interim Final Rule assigning responsibilities and establishing requirements related to the National Industrial Security Program (NISP). See 79 Fed. Reg. 19467....more

SEC Says the Cyber Police Are Coming

Pretty soon we’ll all be data privacy lawyers. The SEC is certainly doing its part to ensure that comes to pass. Earlier this year the SEC’s Office of Compliance, Inspections, and Examinations announced that its 2014...more

BYOD: Where the Employee and the Enterprise Intersect

The proliferation of bring your own device programs – or “BYOD” as it is commonly referred – has drastically changed today’s corporate workplace environment. Employees are availing themselves of smart phones, tablets, and...more

Federal Court Refuses to Dismiss FTC Data Security Authority

On April 7, 2014, in a landmark decision with broad implications for American businesses, the U.S. District Court for the District of New Jersey upheld the U.S. Federal Trade Commission’s authority to regulate data security...more

Iowa Adds AG Data Breach Notice Requirement

On April 3, Iowa Governor Terry Branstad signed SF 2259, which amends the state’s data breach notice law to add a requirement that businesses that experience a data breach notify the state attorney general’s office within...more

FTC Still In Charge Of Privacy Enforcement: Ten Lessons From Wyndham

The Federal Trade Commission (FTC ) is the most active and aggressive federal government agency to investigate and enforce data privacy and security laws against businesses. Section 5 of the FTC Act empowers the agency to...more

Cyberliability Developments in the Offshore Jursidictions

The offshore jurisdictions are catching up fast with legal issues relating to cybercrime, cyberliability, and the use and discovery of electronic documents. In the wake of the embarrassing leak in April 2013 of about...more

Tax Developments Affecting Health Care Organizations (Presentation)

In this Issue: •Income recognition issues associated with bundled payment arrangements •Income recognition related to electronic health records •Developments involving the nonaccrual experience method of...more

U.S. and U.K. Sign Memorandum of Understanding for Collaboration on Data Privacy Enforcement

Citing the increasing frequency with which consumer information crosses international borders and the need for coordinated monitoring and enforcement strategies related to consumer privacy, the U.S. Federal Trade Commission...more

Heartbleed Won’t Bring Cardiac Arrest for Ediscovery

How do you stop a security professional’s heart from beating? Two words: security breach. In today’s “Internet of Everything” environment, the impact of a security breach can be felt around the world and back again…in...more

1,162 Results
|
View per page
Page: of 47