Last week, Erik Gerding, Director of the SEC’s Division of Corporation Finance (the Division), issued a statement providing clarification regarding the disclosure of cybersecurity incidents by reporting companies. This...more
6/4/2024
/ Corporate Counsel ,
Cyber Incident Reporting ,
Cybersecurity ,
Disclosure Requirements ,
Foreign Private Issuers ,
Form 8-K ,
Investors ,
New Rules ,
Reporting Requirements ,
Securities and Exchange Commission (SEC) ,
Voluntary Disclosure
2023 was a record-breaking year, with legislators in Delaware, Indiana, Iowa, Montana, Oregon, Tennessee and Texas passing comprehensive data privacy laws, joining California, Colorado, Connecticut, Utah and Virginia. Already...more
4/16/2024
/ Consumer Privacy Rights ,
Data Privacy ,
Data Protection ,
Disclosure Requirements ,
Exemptions ,
GLBA Privacy ,
Health Insurance Portability and Accountability Act (HIPAA) ,
New Jersey ,
New Legislation ,
Opt-Outs ,
Personal Data ,
Personal Information ,
Private Right of Action ,
Reporting Requirements ,
State Privacy Laws
In a narrow 3-2 decision on July 26, the SEC adopted its final rule concerning cybersecurity risk management, strategy, governance, and incident disclosure (the “Final Rule”). Below we highlight some of the principal changes...more
8/2/2023
/ Compliance ,
Cybersecurity ,
Disclosure Requirements ,
Final Rules ,
Form 8-K ,
Incident Response Plans ,
Information Governance ,
National Security ,
Policies and Procedures ,
Public Safety ,
Publicly-Traded Companies ,
Reporting Requirements ,
Risk Management ,
Securities and Exchange Commission (SEC)
Public companies initiating the year-end reporting process will need to consider, and in many cases take steps to address, a number of significant developments and issues. To assist companies in this process, Mintz has...more
12/9/2022
/ Annual Meeting ,
Breach of Duty ,
Clawbacks ,
Climate Change ,
Corporate Governance ,
Cybersecurity ,
Data Protection ,
Disclosure Requirements ,
Diversity and Inclusion Standards (D&I) ,
Filing Deadlines ,
Insider Trading ,
Privacy Laws ,
Proxy Advisors ,
Publicly-Traded Companies ,
Securities and Exchange Commission (SEC) ,
Shareholders ,
Stock Markets ,
Supply Chain ,
Ukraine
State laws that restrict or criminalize abortions will require significant amounts of health information to enforce, putting new pressure on health care providers caught in the middle of competing obligations to their...more
Following closely on its proposal for substantial new cybersecurity requirements for investment advisers and registered investment companies, the Securities and Exchange Commission (SEC) unveiled a new slate of proposed...more
As public companies embark on the year-end reporting process, they will need to consider, and in some cases take steps to address, a number of significant developments and issues. As in past years, Mintz has prepared a...more
1/19/2022
/ Annual Meeting ,
Coronavirus/COVID-19 ,
Corporate Governance ,
Cybersecurity ,
Data Privacy ,
Disclosure Requirements ,
Enforcement ,
Environmental Social & Governance (ESG) ,
Executive Compensation ,
Fiscal Year ,
Nasdaq ,
New Legislation ,
NYSE ,
Popular ,
Publicly-Traded Companies ,
Securities and Exchange Commission (SEC) ,
Shareholder Meetings
As you may recall, the California Privacy Rights Act (“CPRA”) established a new state privacy regulatory agency, the California Privacy Protection Agency Board (“CPPA Board”), and the CPRA vests certain rulemaking authority...more
The NYDFS has announced that it has extended the deadline for compliance with certain cybersecurity requirements due to the coronavirus emergency.
The announcement from the Superintendent of Financial Services of the State...more
4/1/2020
/ Banking Sector ,
Chief Information Security Officer (CISO) ,
Compliance ,
Confidential Information ,
Coronavirus/COVID-19 ,
Cybersecurity ,
Cybersecurity Framework ,
Data Protection ,
Disclosure Requirements ,
Financial Institutions ,
Financial Services Industry ,
Information Technology ,
Insurance Industry ,
Notice Requirements ,
NYDFS ,
Personally Identifiable Information ,
Popular ,
Risk Assessment ,
Risk Management ,
Third-Party Service Provider
Welcome to July. While the California Consumer Protection Act (“CCPA”) is certainly one of the most important pieces of privacy legislation affecting many businesses today, we want to remind our readers of another California...more
7/2/2019
/ Artificial Intelligence ,
Bots ,
Business & Professions Code ,
Disclosure Requirements ,
False Advertising ,
Goods or Services ,
Internet of Things ,
Safe Harbors ,
Telecommunications ,
VoIP ,
Website Owner Liability
Get ready: October 1, 2019 is the new date for many U.S. businesses to begin providing consumers the right to opt-out of the sale of their personal information. While January 1, 2020 was the date upon which many businesses...more
The Securities and Exchange Commission (“SEC”) released expansive interpretive guidance (“2018 Guidance”), posted February 21, 2018, further building upon its far-reaching cybersecurity guidance provided in 2011. Below are...more
3/2/2018
/ Cybersecurity ,
Data Protection ,
Disclosure Requirements ,
Financial Statements ,
Guidance Update ,
Insider Trading ,
Interpretive Opinions ,
Materiality ,
Policies and Procedures ,
Publicly-Traded Companies ,
Regulatory Oversight ,
Risk Management ,
Securities and Exchange Commission (SEC)
“Don’t make promises that you don’t intend to keep” is an admonishment received by every child and delivered by every parent. This pithy maxim is equally applicable to consent orders entered into with regulatory authorities....more
3/22/2017
/ Breach of Contract ,
Civil Monetary Penalty ,
Consent Order ,
Cookies ,
Data Collection ,
Disclosure Requirements ,
Failure to Comply ,
Failure To Disclose ,
Federal Trade Commission (FTC) ,
Privacy Policy ,
Rewards Programs ,
Settlement
What does your TV-watching history say about you? According to a recent lawsuit against VIZIO, Inc., it might be more than you think! One of the world’s largest sellers of “smart” televisions has recently paid a $2.2 million...more
2/14/2017
/ Data Collection ,
Disclosure Requirements ,
Federal Trade Commission (FTC) ,
Personal Data ,
Prior Express Consent ,
Privacy Concerns ,
Smart Devices ,
Technology ,
Technology Sector ,
Television Programming ,
Tracking Systems ,
VIZIO
Last week, the Federal Trade Commission (FTC) announced (press release) that Practice Fusion, the largest cloud-based electronic health company in the United States, has agreed to settle FTC charges over deceptive practices...more
Fitbit, the fitness-tracking company with six wearable devices that track and collect data about things like calories burned, steps logged, “quality” of sleep and sleep patterns, heart rate, etc.) as well as web and mobile...more
In 2013, the California Online Privacy Protection Act (CalOPPA) was amended to require web sites and other online services to make additional privacy policy disclosures related to online tracking transparency. Within the...more
On this Privacy Tuesday:
US Attorney General Puts Pressure on Congress for Data Breach Disclosures -
Today, US Attorney General Eric Holder urged Congress to pass legislation requiring retailers to make...more
Two data privacy bills, Assembly Bill 370 and Senate Bill 568 have been sent to California Governor Jerry Brown for signature. As we previously reported, A.B. 370 would require commercial websites or online services that...more
As we predicted, the California Senate has approved A.B. 370, a bill that would require commercial websites or online services that collect personally identifiable information to disclose how that site or service responds to...more
Happy New Year! We are beginning this week with a series of top Privacy and Security issues for 2013, as we see them. Let’s start with an issue of interest to publicly traded companies, or companies considering going...more