I work for a public company that recently experienced a ransomware attack. Fortunately, we were able to restore our business operations quickly by obtaining a decryption key from the threat actor. Given that we managed to get...more
9/11/2024
/ Cyber Attacks ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Protection ,
Disclosure Requirements ,
Incident Response Plans ,
Publicly-Traded Companies ,
Ransomware ,
Reporting Requirements ,
Reputational Injury ,
Securities and Exchange Commission (SEC) ,
Securities Regulation
“Dear Mary” is Troutman Pepper’s Incidents + Investigations team’s advice column. Here, you will find Mary’s answers to questions about anything and everything cyber-related — data breaches, forensic investigations, how to...more
“Dear Mary” is Troutman Pepper’s Incidents + Investigations team’s advice column. Here, you will find Mary’s answers to questions about anything and everything cyber-related — data breaches, forensic investigations, how to...more
“Dear Mary” is Troutman Pepper’s Incidents + Investigations team’s advice column. Here, you will find Mary’s answers to questions about anything and everything cyber-related — data breaches, forensic investigations, how to...more
Each of the 50 states has its own definition of what constitutes a reportable data breach. For some, it requires “unauthorized access” to personal information. For others, it requires “unauthorized acquisition.” And then,...more
7/25/2024
/ Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Data Theft ,
Identity Theft ,
Personal Data ,
Personally Identifiable Information ,
Unauthorized Access
In an unusual move, attorneys general (AG) from 30 states and the District of Columbia filed a bipartisan amicus brief in the Ninth Circuit supporting efforts to revive a proposed class action against payment processor...more
7/25/2024
/ Amicus Briefs ,
Class Action ,
Data Collection ,
Data Privacy ,
Data Protection ,
Financial Services Industry ,
Internet Retailers ,
Payment Processors ,
Personal Jurisdiction ,
Personally Identifiable Information ,
Shopify ,
State Attorneys General ,
Unfair Competition Law (UCL)
‘Dear Mary,’ is Troutman Pepper’s Incidents + Investigations team’s advice column. Here, you will find Mary’s answers to questions about anything and everything cyber-related – data breaches, forensic investigations, how to...more
‘Dear Mary,’ is Troutman Pepper’s Incidents + Investigations team’s advice column. Here, you will find Mary’s answers to questions about anything and everything cyber-related – data breaches, forensic investigations, how to...more
‘Dear Mary,’ is Troutman Pepper’s Incidents + Investigations team’s advice column. Here, you will find Mary’s answers to questions about anything and everything cyber-related – data breaches, forensic investigations, how to...more
‘Dear Mary,’ is Troutman Pepper’s Incidents + Investigations team’s advice column. Here, you will find Mary’s answers to questions about anything and everything cyber-related – data breaches, forensic investigations, how to...more
‘Dear Mary,’ is Troutman Pepper’s Incidents + Investigations team’s advice column. Here, you will find Mary’s answers to questions about anything and everything cyber-related – data breaches, forensic investigations, how to...more
‘Dear Mary,’ is Troutman Pepper’s Incidents + Investigations team’s advice column. Here, you will find Mary’s answers to questions about anything and everything cyber-related – data breaches, forensic investigations, how to...more
‘Dear Mary,’ is Troutman Pepper’s Incidents + Investigations team’s advice column. Here, you will find Mary’s answers to questions about anything and everything cyber-related – data breaches, forensic investigations, how to...more
Similar to other state consumer data protection acts enacted over the past two years, the Colorado Privacy Act (CPA) allows Colorado consumers to opt out of the sale of personal data and the processing of such data for...more
12/5/2023
/ Artificial Intelligence ,
California Consumer Privacy Act (CCPA) ,
Colorado ,
Comment Period ,
Data Collection ,
Data Protection ,
Opt-Outs ,
Personal Data ,
Public Comment ,
State Attorneys General ,
State Data Privacy Laws
Rutters, a prominent grocery chain in Pennsylvania with 80 locations statewide, settled a data breach investigation with Attorney General (AG) Michelle Henry’s office by agreeing to pay $1 million and to implement certain...more
10/19/2023
/ Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Grocery Stores ,
Pennsylvania ,
Personal Information ,
Regulatory Oversight ,
State Data Breach Notification Statutes ,
State Data Privacy Laws
On June 12, a bipartisan group of 23 attorneys general wrote a letter to the chief counsel for the National Telecommunications and Information Administration (NTIA), recommending a risk-based approach to a regulatory...more
Drawing from her experience investigating and prosecuting businesses in the aftermath of cybersecurity breaches, New York Attorney General Letitia James released a guide to help companies implement effective data security...more
On March 15, Colorado Attorney General Phil Weiser recorded the final version of the Colorado Privacy Act (CPA) Rules, granting Coloradans rights over their own personal data. Effective July 1, the CPA marks the third state...more
On January 27, California Attorney General Rob Bonta announced an “investigative sweep” of businesses with mobile applications for allegedly failing to comply with the California Consumer Privacy Act (CCPA). This ongoing...more
In January 2023, New York Attorney General Letitia James sent a letter to Madison Square Garden Entertainment Corporation (MSG), seeking information about its use of facial recognitional technology to prohibit ticketholders...more
In addition to a night of revelry, the 2023 new year will trigger the many new privacy mandates in the Virginia Consumer Data Protection Act (VCDPA) for businesses operating in Virginia — only the second state with active...more
Editor’s Note: This past month featured increased activity in privacy and data protection. U.S. Legislation and Regulation. Connecticut’s governor signed a comprehensive privacy bill, and President Biden has before him a bill...more
Editor’s Note: It may be the shortest month of the year, but February 2022 saw a flurry of privacy — especially biometric — legislation move closer to enactment. Kentucky, California, Maryland, and New York state introduced...more
On February 25, the Utah Senate passed the Utah Consumer Privacy Act (the UCPA), which closely resembles both the Virginia Consumer Data Protection Act (the VCDPA) and the Colorado Privacy Act (the CPA). The House unanimously...more
Do you want a simple way to keep current on important privacy changes? Avoid sleepless nights wondering whether you missed a privacy speed bump or pothole between annual updates? Worry no longer. Troutman Pepper is pleased to...more
11/11/2021
/ Biometric Information Privacy Act ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Homeland Security (DHS) ,
Department of Justice (DOJ) ,
Fraud ,
Popular ,
TikTok