2024 saw continued expansion of laws, regulations and enforcement actions concerning privacy and data security. With no overarching federal privacy law, states continue to expand their enforcement. Four new comprehensive...more
For users and developers of artificial intelligence (AI), keeping abreast of the evolving legal landscape is challenging but critical. This update highlights notable recent developments in global AI regulation....more
On Oct. 22, 2024, the Securities and Exchange Commission announced that it charged four technology companies with making materially misleading disclosures about the effect the SolarWinds cyberattack had on these issuers. To...more
In this quarterly update, we review the latest developments in three subjects salient to corporate use of artificial intelligence (AI). First, we discuss the risks associated with AI, the case for board oversight and how the...more
9/27/2024
/ Algorithms ,
Artificial Intelligence ,
Board of Directors ,
Copyright ,
Copyright Infringement ,
Federal Trade Commission (FTC) ,
Innovative Technology ,
Intellectual Property Protection ,
Machine Learning ,
Patents ,
Popular ,
Technology Sector ,
Trademarks
On July 18, 2024, U.S. District Judge Paul A. Engelmayer of the Southern District of New York dismissed most of the charges that the Securities and Exchange Commission brought against SolarWinds and its chief information...more
On May 16, 2024, the Securities and Exchange Commission (SEC) adopted final amendments to Regulation S-P, one year after issuing the proposed amendments (discussed here). Regulation S-P is a set of privacy rules that govern...more
On April 5, 2024, a federal jury in San Francisco returned a verdict in favor of the Securities and Exchange Commission (SEC) in Securities and Exchange Commission v. Panuwat. The jury found that a corporate executive had...more
The year 2023 saw continued expansion of public interest in privacy rights, data security and related legislation. Comprehensive privacy laws took effect in five states, while 12 more states enacted similar laws that will...more
Some of the world’s earliest and most detailed governmental regulations for generative artificial intelligence (AI) just went into effect in China on Aug. 15. These “Generative AI Measures” are intended to balance state...more
The public and private focus on corporate governance continued apace in the first half of 2023. In recent months, there were notable developments in jurisprudence potentially impacting corporate diversity initiatives and in...more
7/12/2023
/ 10b5-1 Plans ,
Civil Rights Act ,
Corporate Governance ,
Cybersecurity ,
Data Breach ,
Department of Justice (DOJ) ,
Export Administration Regulations (EAR) ,
Fourteenth Amendment ,
Popular ,
Sanction Violations ,
Section 11 ,
Securities Act of 1933 ,
Securities and Exchange Commission (SEC) ,
Title VI ,
Wells Fargo
On April 14, 2023, the Supreme Court issued a unanimous decision in two related cases, Axon Enterprise, Inc. v. FTC (No. 21-86) and SEC v. Cochran (No. 21-1239), holding that respondents may challenge the constitutionality of...more
On March 30, federal regulators announced that Wells Fargo Bank had entered into settlements in which it agreed to pay $97.8 million in fines for enabling sanctions violations between 2010 and 2015. In two separate...more
In a recent post-trial decision, Delaware Chancellor Kathaleen St. J. McCormick found a CEO personally liable for breaching his fiduciary duties for tilting the company’s sale to his preferred acquiror. The court further held...more
The Securities and Exchange Commission (SEC) recently entered into a consent order with IT services company DXC Technology (DXC) with respect to DXC’s alleged violations of the Securities Act and the Exchange Act. The SEC...more
On March 15, 2023, the Securities and Exchange Commission (SEC) proposed three rule changes that demonstrate its continued focus on cybersecurity. One of these proposals, and the only one to be unanimously approved (the...more
On March 9, software company Blackbaud agreed to pay $3 million to the SEC as a result of alleged misleading disclosures arising out of a 2020 data breach that involved customer bank account information and Social Security...more
In an era of increasing cyberattacks by varying threat actors, the board's oversight of cybersecurity risks remains a key responsibility. In two recent cases, the Delaware Court of Chancery (Chancery Court) dismissed Caremark...more
The year 2022 saw a groundswell of interest in privacy rights and related legislation. Five states enacted new laws or regulations aimed at protecting a general right to privacy, while the U.S. government came closer than...more
1/24/2023
/ Corporate Counsel ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
FinCEN ,
NYDFS ,
Popular ,
Risk Management ,
Russia ,
Securities and Exchange Commission (SEC)
Since Kramer Levin issued its Corporate Governance: 2022 Midyear Review, a wave of enforcement actions by the Department of Justice (DOJ) and Securities and Exchange Commission (SEC) has underscored the continued importance...more
On Dec. 8, 2022, the Securities and Exchange Commission’s (SEC) Division of Corporate Finance (the Division) posted a sample comment letter (the Letter) on its website that provides guidance to public companies regarding the...more
On July 20, 2022, the House Committee on Energy and Commerce advanced a new federal privacy bill titled the American Data Privacy and Protection Act (ADPPA) to the House floor. Although it is not yet law, many commentators...more
On April 28, the Securities and Exchange Commission (SEC) filed a complaint against the Brazilian mining company Vale S.A., alleging that the company made false and misleading statements to investors about the company’s...more
On March 15, 2022, President Joe Biden signed the Cyber Incident Reporting for Critical Infrastructure Act (the Act) into law as part of the $1.5 trillion fiscal 2022 omnibus spending package. The Act will create a mandatory...more
On Feb. 9, 2022, the Securities and Exchange Commission (SEC or Commission) proposed a suite of new rules and amendments concerning cybersecurity risk management for registered investment advisers (advisers) and registered...more
2/14/2022
/ Broker-Dealer ,
Comment Period ,
Cybersecurity ,
Form ADV ,
Investment Adviser ,
Investment Advisers Act of 1940 ,
New Rules ,
Popular ,
Proposed Rules ,
Public Comment ,
Recordkeeping Requirements ,
Registered Investment Advisors ,
Securities and Exchange Commission (SEC)
Over the course of the year — and even dating back to his time on the campaign trail — President Biden and senior officials in his administration, including Department of Justice (DOJ) and Security and Exchange Commission...more
12/21/2021
/ Anti-Corruption ,
Biden Administration ,
Bribery ,
Compliance ,
Corporate Counsel ,
Corporate Governance ,
Corruption ,
Department of Justice (DOJ) ,
Enforcement Actions ,
Foreign Corrupt Practices Act (FCPA) ,
Popular ,
Regulatory Agenda ,
Securities and Exchange Commission (SEC) ,
White Collar Crimes