On April 15, 2024 the Criminal Division of the US Department of Justice (“DOJ”) launched a pilot program to encourage voluntary self-disclosures by offering mandatory non-prosecution agreements (“NPAs”) to individuals who...more
On March 27, 2024, the Cybersecurity & Infrastructure Security Agency (CISA) within the US Department of Homeland Security released a much-anticipated notice of proposed rulemaking (NPRM) to implement the Cyber Incident...more
4/1/2024
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) ,
Cybersecurity ,
Data Breach ,
Data Preservation ,
Data Protection ,
Data Security ,
Department of Homeland Security (DHS) ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Information Technology ,
NPRM ,
Proposed Rules ,
Ransomware ,
Regulatory Agenda
On March 7, 2024, the US Department of Justice’s National Security Division (NSD) released a revised Voluntary Self-Disclosure (VSD) Policy (the “VSD Policy”). The VSD Policy substantially tracks the language of the previous...more
On March 1, 2024, the US Department of Commerce’s (“Commerce”) Bureau of Industry and Security (“BIS”) published an Advance Notice of Proposed Rulemaking1 (the “Notice”) seeking public comments on potential regulation of the...more
3/19/2024
/ Bureau of Industry and Security (BIS) ,
China ,
Comment Period ,
Connected Cars ,
Data Collection ,
Executive Orders ,
Foreign Adversaries ,
Information Technology ,
Motor Vehicles ,
National Security ,
OEM ,
Proposed Rules ,
Public Comment ,
Regulatory Agenda ,
Rulemaking Process ,
U.S. Commerce Department
On March 6, 2024, the US Departments of Commerce (“Commerce”), Treasury (“Treasury”), and Justice (“DOJ”) released their latest Tri-Seal Compliance Note (“Note”), which focuses on the “Obligations of foreign-based persons to...more
3/14/2024
/ Department of Justice (DOJ) ,
Economic Sanctions ,
Export Controls ,
Extraterritoriality Rules ,
Foreign Relations ,
International Emergency Economic Powers Act (IEEPA) ,
Office of Foreign Assets Control (OFAC) ,
Self-Disclosure Requirements ,
U.S. Commerce Department ,
U.S. Treasury ,
US Trade Policies
On March 7, 2024, the Deputy Attorney General of the US Department of Justice (“DOJ” or “Department”) announced a pilot program to encourage whistleblowers to report evidence of high-priority white collar crimes with the...more
3/12/2024
/ CFTC ,
Corruption ,
Department of Justice (DOJ) ,
Enforcement Actions ,
False Claims Act (FCA) ,
Federal Pilot Programs ,
FinCEN ,
IRS ,
Qui Tam ,
Securities and Exchange Commission (SEC) ,
Voluntary Disclosure ,
Whistleblower Awards ,
Whistleblowers ,
White Collar Crimes
On February 28, 2024, President Joe Biden issued Executive Order (“EO”) 14117, empowering the Department of Justice (DOJ) to regulate the export of certain consumer data, in order to prevent certain countries’ governments...more
3/6/2024
/ Advanced Notice of Proposed Rulemaking (ANPRM) ,
Biden Administration ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Department of Justice (DOJ) ,
Executive Orders ,
International Data Transfers ,
Personal Data ,
Personally Identifiable Information ,
Regulatory Requirements
Following the invasion of Ukraine by Russia on February 24, 2022, the United States ("US"), the European Union ("EU"), and the United Kingdom ("UK") adopted—together with their allies—successive waves of sanctions, in an...more
2/28/2024
/ Critical Infrastructure Sectors ,
Economic Sanctions ,
Entity List ,
EU ,
Export Controls ,
Foreign Policy ,
Foreign Relations ,
Foreign Trade Regulations ,
General Licenses ,
Military Conflict ,
Office of Foreign Assets Control (OFAC) ,
Popular ,
Russia ,
UK ,
Ukraine ,
Vladimir Putin ,
White Collar Crimes
On January 29, 2024, the US Department of Commerce’s Bureau of Industry and Security (the “Department”) issued a notice of proposed rulemaking seeking comment on a proposed regulation in response to the Executive Order (E.O.)...more
2/15/2024
/ Artificial Intelligence ,
Bureau of Industry and Security (BIS) ,
Cloud Computing ,
Comment Period ,
Customer Identification Program (CIP) ,
Cybersecurity ,
Executive Orders ,
Financial Institutions ,
IaaS ,
Machine Learning ,
National Security ,
NPRM ,
Proposed Regulation ,
U.S. Commerce Department
The FTC and DOJ’s Antitrust Division recently announced that they are updating their guidance regarding how parties in enforcement and investigative matters must preserve electronically stored information (“ESI”) from...more
On January 16, the US Department of Commerce’s Bureau of Industry and Security (“BIS”) announced important updates to its Voluntary Self-Disclosure (“VSD”) process in a memorandum addressed to all export enforcement...more
On December 26, 2023, the Department of Defense (“DoD”) published the long-awaited Proposed Final Rule for the Cybersecurity Maturity Model Certification (“CMMC”) program. At a high level, the CMMC program is a mechanism by...more
With recent high-profile prosecutions continuing to draw attention to the Foreign Agents Registration Act (FARA) and related political laws, and a number of notable announcements by Department of Justice (DOJ) officials at a...more
On December 12, 2023, the Department of Justice (DOJ) issued guidelines for companies to follow in requesting that the Attorney General authorize delays of cyber incident disclosures required by the U.S. Securities and...more
12/13/2023
/ Corporate Governance ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Breach ,
Department of Justice (DOJ) ,
Disclosure Requirements ,
FBI ,
Form 8-K ,
New Guidance ,
Publicly-Traded Companies ,
Reporting Requirements ,
Securities and Exchange Commission (SEC) ,
Securities Regulation
Engaging third-party providers for technology transactions involves a certain level of cybersecurity risk. In fact, most companies have been through a third-party incident. In this episode, partners Justin Herring and Adam...more