The year 2022 saw a groundswell of interest in privacy rights and related legislation. Five states enacted new laws or regulations aimed at protecting a general right to privacy, while the U.S. government came closer than...more
1/24/2023
/ Corporate Counsel ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
FinCEN ,
NYDFS ,
Popular ,
Risk Management ,
Russia ,
Securities and Exchange Commission (SEC)
Join us for our Advertising Litigation Quarterly Highlights webinar series. Our Editorial Team will conduct a deep dive on key decisions of interest covered in our recent Advertising Litigation Reports....more
Join us for our Advertising Litigation Quarterly Highlights webinar series. Our Editorial Team will conduct a deep dive on key decisions of interest covered in our recent Advertising Litigation Reports....more
On March 9, the SEC, by a 3-1 vote, proposed new rules in its most far-reaching effort to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance and incident reporting by public...more
On March 15, 2022, President Joe Biden signed the Cyber Incident Reporting for Critical Infrastructure Act (the Act) into law as part of the $1.5 trillion fiscal 2022 omnibus spending package. The Act will create a mandatory...more
On Feb. 9, 2022, the Securities and Exchange Commission (SEC or Commission) proposed a suite of new rules and amendments concerning cybersecurity risk management for registered investment advisers (advisers) and registered...more
2/14/2022
/ Broker-Dealer ,
Comment Period ,
Cybersecurity ,
Form ADV ,
Investment Adviser ,
Investment Advisers Act of 1940 ,
New Rules ,
Popular ,
Proposed Rules ,
Public Comment ,
Recordkeeping Requirements ,
Registered Investment Advisors ,
Securities and Exchange Commission (SEC)
On Nov. 18, 2021, federal bank regulatory agencies approved a final rule requiring banking organizations to notify regulators of “any significant computer-security incident” as soon as possible and no later than 36 hours...more
On Oct. 6, 2021, Deputy Attorney General Lisa O. Monaco announced the creation of a Department of Justice (DOJ) Civil Cyber-Fraud Initiative (the Initiative). According to the announcement, the Initiative combines the DOJ’s...more
On June 4, the European Commission (EC) adopted two sets of standard contractual clauses (SCCs) for use between controllers and processers in the European Economic Area (EEA) and for the transfer of data between EEA and...more
6/17/2021
/ Cybersecurity ,
Data Controller ,
Data Processors ,
Data Protection ,
EU ,
European Economic Area (EEA) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Personally Identifiable Information ,
Schrems I & Schrems II ,
Standard Contractual Clauses
In a prior alert, we noted that a number of shareholder lawsuits were brought during 2020 in which large corporations and their directors were accused of fiduciary breaches and securities law violations tied to the alleged...more
3/26/2021
/ Board of Directors ,
Breach of Duty ,
Corporate Governance ,
Derivative Complaint ,
Diversity ,
Diversity and Inclusion Standards (D&I) ,
Facebook ,
Fiduciary Duty ,
Pleading Standards ,
Publicly-Traded Companies ,
Securities Violations ,
Shareholders
Funds — through their portfolio companies — may have a significant antitrust opportunity against the major U.S. railroad companies. ...more
8/3/2020
/ Antitrust Litigation ,
Antitrust Provisions ,
Antitrust Violations ,
BNSF Railway ,
Competition ,
Damages ,
Enforcement Actions ,
Freight Forwarding ,
Portfolio Protections ,
Price-Fixing ,
Putative Class Actions ,
Railroads
On July 16, the European Court of Justice (ECJ or the Court) struck down the EU-U.S. Privacy Shield program. The ruling invalidated an earlier European Commission (Commission) decision (Privacy Shield adequacy determination)...more
On June 28, 2018, the California Consumer Privacy Act of 2018 (CCPA) was signed into law. The bill was drafted and passed quickly, just prior to a deadline for removing a similar initiative from the ballot that would have...more
Dans moins de quatre mois, le 25 mai 2018, le règlement général de l'Union européenne sur la protection des données (« RGPD ») entrera en vigueur et la loi française, actuellement en discussion devant le parlement, qui tient...more
2/5/2018
/ Data Processors ,
Data Protection ,
EU ,
EU Data Protection Laws ,
France ,
General Data Protection Regulation (GDPR) ,
Information Technology ,
International Data Transfers ,
Personal Data ,
Personally Identifiable Information ,
Risk Management
In less than four months, on May 25, 2018, the European Union’s General Data Protection Regulation (GDPR) will enter into full effect, bringing with it an array of new individual rights and regulatory requirements....more