What should privacy and cybersecurity practitioners and specialists consider after the 2025 inauguration? There are a few notable issues that may shape how businesses think about their privacy and cybersecurity programs:...more
11/11/2024
/ Artificial Intelligence ,
California Consumer Privacy Act (CCPA) ,
Cybersecurity ,
Data Protection ,
Election Results ,
EU ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Intellectual Property Protection ,
Legislative Agendas ,
Members of Congress ,
Online Safety for Children ,
Presidential Elections ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Requirements ,
Risk Management ,
State Privacy Laws
This is the fourth in our 2024 Year in Preview series examining important trends in white collar law and investigations in the coming year. We will be posting further installments in the series throughout the next several...more
2/27/2024
/ Board of Directors ,
Corporate Counsel ,
Corporate Governance ,
Cybersecurity ,
Disclosure Requirements ,
Enforcement Actions ,
Final Rules ,
Insider Trading ,
Popular ,
Publicly-Traded Companies ,
Recordkeeping Requirements ,
Regulatory Agenda ,
Regulatory Requirements ,
Securities and Exchange Commission (SEC) ,
Securities Fraud ,
Securities Regulation ,
Shareholders ,
Special Purpose Acquisition Companies (SPACs) ,
White Collar Crimes
Large companies holding sensitive data – including financial services, telecommunications, business process outsourcing, hospitality, and cryptocurrency firms – as well as their IT helpdesks, are increasingly being targeted...more
11/28/2023
/ Cyber Attacks ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Breach ,
Data Collection ,
FBI ,
NIST ,
Popular ,
Publicly-Traded Companies ,
Ransomware ,
Reporting Requirements ,
Securities and Exchange Commission (SEC) ,
Sensitive Business Information
On July 26, 2023, the Securities and Exchange Commission (SEC) adopted rules requiring disclosure of material cybersecurity incidents as well as periodic disclosure of cybersecurity risk, management, strategy, and governance...more
7/28/2023
/ Compliance ,
Corporate Governance ,
Cyber Incident Reporting ,
Cybersecurity ,
Disclosure Requirements ,
New Rules ,
Proposed Rules ,
Publicly-Traded Companies ,
Regulation S-K ,
Reporting Requirements ,
Required Forms ,
Risk Management ,
Securities and Exchange Commission (SEC)
With the adoption of new technology, including the quick and unexpected shift to virtual learning because of the COVID-19 pandemic, K-12 institutions are at an increased risk of cyberattacks and threats thereof. The rise in...more
Editors’ Note: How does ChatGPT fare in writing a law firm blog post? We asked ChatGPT to write one . . .
PROMPT: Write a 500 word blog post, in the style of a law firm blog post, on ChatGPT, focusing in particular on...more
In a move that further executes upon the SEC’s increasingly tough rhetoric on cryptocurrency and cybersecurity, SEC Enforcement recently announced that it will nearly double the size of its newly-renamed Crypto Assets and...more
6/16/2022
/ Corporate Counsel ,
Cryptoassets ,
Cryptocurrency ,
Cybersecurity ,
Disclosure Requirements ,
Enforcement Actions ,
Financial Services Industry ,
Investment Adviser ,
Publicly-Traded Companies ,
Regulatory Requirements ,
Securities and Exchange Commission (SEC)
Please join us for a discussion and Q&A regarding the growing threat of business email compromises (a.k.a. man-in-the-middle attacks). Attorneys Chris Hart and Yoni Bard, litigators with experience in privacy matters and...more
On 12 March 2021, the United Nations Open-ended Working Group (“OEWG”), established by General Assembly Resolution 73/27 and consisting of all United Nations Member States, adopted by consensus its Final Substantive Report on...more
What do businesses need to do to comply with privacy and data security laws? The first place to look is to relevant statutes. If you store or process the personal information of Massachusetts residents, then you will at...more
5/4/2020
/ Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Security ,
Enforcement ,
Equifax ,
Personal Information ,
Popular ,
Privacy Laws ,
State and Local Government ,
WISP
The new decade has barely begun, and the world of privacy already seems set to change quickly. Here is a brief overview:
New Laws In Effect as of January 1 -
On January 1, 2020, new data breach notification requirements...more
1/14/2020
/ Biometric Information Privacy Act ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Corporate Counsel ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
General Data Protection Regulation (GDPR) ,
New Legislation ,
Opt-Outs ,
State Data Breach Notification Statutes
Shifting how businesses think about privacy.
Let’s stop thinking about privacy policies alone, and let’s start thinking about data governance plans.
For the ordinary business trying to generate revenue and minimize risk,...more
8/27/2019
/ Cybersecurity ,
Data Management ,
Data Privacy ,
Data Protection ,
Data Security ,
Information Governance ,
Personal Data ,
Popular ,
Privacy Laws ,
Privacy Policy ,
Risk Management
If you are doing business in California, the way you handle personal data could soon change in significant ways. The California Consumer Privacy Act (“CCPA”) goes into effect on January 1, 2020, and the time to start...more
Imagine this scenario: you’ve had a productive and mutually advantageous ongoing contractual relationship of several years with another party. You have built up quite a bit of trust over the years, and communicate regularly...more
4/29/2019
/ Best Practices ,
Corporate Liability ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Cybertheft ,
Data Privacy ,
Data Protection ,
Data Security ,
Hackers ,
Incident Response Plans ,
Phishing Scams ,
Risk Mitigation ,
Wire Fraud ,
Wire Transfers
In 2018, privacy and data security crossed a number of thresholds. In the public mind, through high-profile data breaches and revelations about unexpected uses of personal information, questions of privacy became much more...more
4/26/2019
/ Attorney General ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
COPPA ,
Cryptocurrency ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Energy Sector ,
Enforcement Actions ,
FCC ,
FERC ,
General Data Protection Regulation (GDPR) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Privacy Rule ,
Political Advertising ,
Popular ,
Privacy Concerns ,
Securities and Exchange Commission (SEC)
The California Consumer Privacy Act of 2018 (the “CCPA”) was signed into law on June 28, 2018. Although it is a state law, it has national and international ramifications. ...more
The worldwide WannaCry attack from May 2017 has been officially blamed on North Korea. In a press briefing publicly announcing the Administration’s declaration of North Korean culpability, the Department of Homeland Security...more
The end of net neutrality — for now — is big news, because it’s a big deal; there’s just no getting around the fact that the way consumers experience the internet is going to change. What are some of the practical...more
After repeated requests from various states, the Department of Homeland Security informed state governments which states had their election systems hacked or otherwise compromised during the 2016 general election. According...more
Kaspersky Lab, a Russian-owned cybersecurity company that sells anti-virus software and other kinds of IT systems security products, has been banned from use by the federal government. This latest development comes by way of...more
Unmanned aerial vehicles, or “drones,” as they’re commonly called, touch on numerous hot-button cybersecurity issues. As devices connected to networks, they are important when considering the “internet of things.” As used...more
Recently, the ABA Standing Committee on Ethics and Professional Responsibility issued Formal Opinion 477, which aims to provide guidance and clarity to lawyers as they consider what level of security to give communications...more
The Computer Fraud and Abuse Act, or CFAA, is the federal “anti-hacking” statute (or sometimes referred to as a “computer trespass” statute). In essence, the CFAA prohibits intentional unauthorized access into another...more
Plaintiffs presenting a claim in federal court must have standing to sue, under Article III of the Constitution (as we have written about in the past). The Second Circuit recently entered an order reminding plaintiffs,...more
(First in a continuing series.)
Active Cyber Defense, or ACD, is a broad category encompassing different kinds of actions that organizations can take to defend against breaches and cyberattacks. The operative word is...more