On September 26, 2018, a record settlement was reached between Uber and the attorneys general of all 50 states and the District of Columbia over the company’s 2016 data breach. While this case presents an extreme example of...more
...On June 28, 2018, California passed AB 375, the California Consumer Privacy Act of 2018 (CCPA), which will become effective January 1, 2020. Introduced just a week earlier in an effort to defeat a much stricter...more
7/3/2018
/ Consumer Protection Laws ,
Cybersecurity ,
Data Collection ,
General Data Protection Regulation (GDPR) ,
Governor Brown ,
New Legislation ,
Notice Requirements ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Portability ,
Right to Be Forgotten ,
State and Local Government
Foley’s Automotive Industry Team has prepared this report examining what the litigation, enforcement and regulatory landscape is likely to look like in 2018 and beyond. Inside, you will learn about:
Managing warranty,...more
1/23/2018
/ Acquisitions ,
Auto Warranties ,
Automotive Industry ,
Connected Cars ,
Contract Terms ,
Cybersecurity ,
Driverless Cars ,
Emerging Technology Companies ,
Employer Liability Issues ,
Equal Pay ,
Merger Controls ,
Mergers ,
Motor Vehicles ,
NHTSA ,
Sexual Harassment ,
Suppliers
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
Businesses have been scrambling since Friday evening when news spread that a ransomware attack named WannaCry is compromising organizations at an alarming rate. In less than 48 hours, it has compromised more than 130,000...more
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
Since President Trump’s inauguration, cybersecurity has been in the news almost daily – often on the front page. The U.S. Government is facing a wide array of challenges in cybersecurity, impacting both domestic and foreign...more
5/2/2017
/ Chief Information Security Officer (CISO) ,
Corporate Counsel ,
Critical Infrastructure Sectors ,
Cyber Attacks ,
Cybersecurity ,
Data Privacy ,
EU-US Privacy Shield ,
Federal Trade Commission (FTC) ,
National Security ,
Obama Administration ,
Popular ,
Public Private Partnerships (P3s) ,
Securities and Exchange Commission (SEC) ,
Trump Administration
As a life sciences or medical device company, it is mission critical to protect lab books, drug and clinical test data, product formulas and production processes that underlie your patents, trade secrets and know-how from...more
4/4/2017
/ Biotechnology ,
Confidential Information ,
Corporate Officers ,
Cybersecurity ,
Data Breach Plans ,
Federal Trade Commission (FTC) ,
Food and Drug Administration (FDA) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Incident Response Plans ,
Intellectual Property Protection ,
Life Sciences ,
Medical Devices ,
Non-Disclosure Agreement ,
Pharmaceutical Industry ,
Policies and Procedures ,
Popular ,
Trade Secrets
As cars continue to rely more and more on systems that closely resemble those that run mobile phones and personal computers, it’s no surprise that the original equipment manufacturers (OEMs) and suppliers of car parts need to...more
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
Foley’s Automotive Industry Team has prepared this report that examines what the litigation, enforcement, and regulatory landscape will look like in 2017. Inside, you will learn about:
- Managing warranty, recall, and...more
1/13/2017
/ Antitrust Violations ,
Automobile Recall ,
Automotive Industry ,
Compliance ,
Connected Cars ,
Contract Disputes ,
Cybersecurity ,
Employer Liability Issues ,
Federal Contractors ,
NHTSA ,
Safety Standards ,
Small Business ,
Trump Administration ,
Warranties
It’s a fact: today’s marketplace has given connected cars the green light. As an OEM or supplier accelerating to create products to meet industry demand, what challenges can you anticipate in 2017? Here is the second...more
It’s a fact: today’s marketplace has given connected cars the green light. As an OEM or supplier accelerating to create products to meet industry demand, what challenges can you anticipate in 2017? Here’s one area we think...more
On July 8, 2016, the Article 31 Committee, comprised of representatives of the European Union (EU) member states, voted to approve a revised Privacy Shield framework that is intended to replace the Safe Harbor framework...more
7/14/2016
/ Binding Corporate Rules ,
Data Protection Authority ,
EU ,
EU-US Privacy Shield ,
European Commission ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Ombudsman ,
Personal Data ,
Registration Requirement ,
Self-Certification ,
Standard Contractual Clauses ,
Surveillance ,
Third-Party ,
U.S. Commerce Department ,
UK ,
UK Brexit ,
US-EU Safe Harbor Framework
A recent study by a well-known information security company captures one of the most common information security fallacies: that information security is a technology problem. Most businesses view mitigating information...more
As recent noteworthy attacks have shown, no health care organization or provider is safe from ransomware threats, and the results of an attack can be devastating. Ransomware is a virus which limits or eliminates access to...more
5/26/2016
/ Cyber Attacks ,
Data Protection ,
Data Security ,
Email ,
Employee Training ,
Hackers ,
Health Care Providers ,
Hospitals ,
Phishing Scams ,
Popular ,
Ransomware ,
Social Media ,
Websites
The European Union Article 29 Working Party (Article 29) issued an opinion on the proposed EU-U.S. Privacy Shield framework agreement (Privacy Shield) last week, stating that although the Privacy Shield was a “great step...more
4/18/2016
/ Article 29 Working Party (WP29) ,
Binding Corporate Rules ,
Consent ,
Cyber Incident Reporting ,
Data Breach Plans ,
Data Retention ,
EU ,
EU-US Privacy Shield ,
European Commission ,
European Court of Justice (ECJ) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Ombudsman ,
Personal Data ,
Privacy Policy ,
Sarbanes-Oxley ,
Standard Contractual Clauses ,
Surveillance ,
US-EU Safe Harbor Framework
On February 29, 2016, the European Commission released the full text of the new EU-U.S. Privacy Shield framework that will govern the transfer of personal data between the European Union and the United States. The EU and U.S....more
3/3/2016
/ Article 29 Working Party (WP29) ,
Data Protection Authority ,
EU ,
EU-US Privacy Shield ,
European Commission ,
Federal Trade Commission (FTC) ,
International Data Transfers ,
Personal Data ,
Surveillance ,
U.S. Commerce Department ,
US-EU Safe Harbor Framework
On February 2, the United States and the European Commission reached tentative agreement on a new framework for the transfer of personal data between the European Union and the United States called the EU-U.S. Privacy Shield....more
2/4/2016
/ Data Protection Authority ,
EU ,
EU-US Privacy Shield ,
European Commission ,
European Court of Justice (ECJ) ,
Federal Trade Commission (FTC) ,
International Data Transfers ,
Ombudsman ,
Personal Data ,
Surveillance ,
U.S. Commerce Department ,
US-EU Safe Harbor Framework
This past Friday the 13th was not a lucky day for the Federal Trade Commission (FTC). An Administrative Law Judge (ALJ) dismissed the FTC’s data security enforcement proceeding against LabMD on the grounds that the FTC failed...more
Highlights Areas of High Risk and Examination Priorities for Financial Industry Firms -
On September 15, the U.S. Securities and Exchange Commission’s (SEC’s) Office of Compliance, Inspections and Examinations (OCIE),...more
10/8/2015
/ Broker-Dealer ,
Cease and Desist Orders ,
Corporate Governance ,
Cyber Crimes ,
Cyber Incident Reporting ,
Cyber Insurance ,
Cybersecurity ,
Data Breach ,
Data Breach Plans ,
Data Loss Prevention ,
Data Privacy ,
Data Protection ,
Data Security ,
Encryption ,
Enforcement Actions ,
Hackers ,
Identity Theft ,
Neither Admit Nor Deny Settlements ,
OCIE ,
Personally Identifiable Information ,
Policies and Procedures ,
Registered Investment Advisors ,
Risk Alert ,
Sanctions ,
SEC Examination Priorities ,
Securities and Exchange Commission (SEC) ,
Security Risk Assessments ,
Training ,
Unauthorized Access ,
Vendors
On October 6, 2015, the European Court of Justice — Europe’s highest court — invalidated the Safe Harbor agreement and framework that has permitted more than 4,000 companies to transfer personal data from the EU to the U.S....more
10/7/2015
/ Binding Corporate Rules ,
Data Privacy ,
Data Protection Authority ,
Data Security ,
EU ,
EU Data Protection Laws ,
European Commission ,
European Court of Justice (ECJ) ,
Facebook ,
International Data Transfers ,
National Security Agency (NSA) ,
Personal Data ,
Prior Express Consent ,
PRISM Program ,
SCC ,
Schrems I & Schrems II ,
US-EU Safe Harbor Framework
Not coincidentally, on July 21, 2015, Wired Magazine published an article with groundbreaking evidence of hacking a car wirelessly, and Senators Edward Markey (D-Mass.) and Richard Blumenthal (D-Conn.) introduced legislation...more
7/24/2015
/ Automotive Industry ,
Cloud Computing ,
Cyber Attacks ,
Cybersecurity ,
Dashboard ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Retention ,
Data Security ,
Federal Trade Commission (FTC) ,
Hackers ,
Internet of Things ,
NHTSA ,
Personally Identifiable Information ,
Proposed Legislation ,
Safety Standards ,
Transparency ,
Wireless Technology
The FCC is ready to rule on long-standing petitions seeking clarifications of the Telephone Consumer Protection Act and related FCC regulations. On May 27, 2015, FCC Chairman Tom Wheeler circulated a proposed regulatory...more
Trying to understand how a hacker thinks can twist your brain around – while you normally think about how to make something work or why something is not working, hackers think how to get something to work in ways that it is...more