Recent Rulings Could Signal Expansion of California Consumer Privacy Right of Action -
Judges in two separate cases in the U.S. Northern District of California (“N.D. Cal.”) recently ruled that class actions brought by...more
5/2/2025
/ California Consumer Privacy Act (CCPA) ,
Class Action ,
Compliance ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Protection ,
Department of Justice (DOJ) ,
Enforcement Actions ,
EU ,
European Data Protection Board (EDPB) ,
New Legislation ,
Privacy Laws ,
State Privacy Laws ,
UK
English High Court Rules that "Relatively High" Consent to Cookies and Profiling is Required Where Individual is Vulnerable -
In a dispute between an individual claimant who was a recovering gambling addict and two...more
2/28/2025
/ Artificial Intelligence ,
Compliance ,
Consent ,
Cookies ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Protection ,
EU ,
Gambling ,
OECD ,
Personal Data ,
Privacy Laws ,
UK
U.S. Court Axes Most of SEC's SolarWinds Data Breach Suit -
The U.S. District Court for the Southern District of New York recently dismissed much of the U.S. Securities and Exchange Commission’s (“SEC”) suit against...more
8/2/2024
/ Artificial Intelligence ,
Audits ,
Automated Decision Systems (ADS) ,
COPPA ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Dismissals ,
EU ,
EU-US Privacy Shield ,
European Economic Area (EEA) ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Instant Messaging Apps ,
Misleading Statements ,
Regulation Technical Standards (RTS) ,
Risk Assessment ,
ROSCA ,
Securities and Exchange Commission (SEC) ,
Settlement ,
SolarWinds
Incident Response Plans and Written Information Security Programs Continue to be Essential and Will Need to Be Reviewed. Most sophisticated organizations currently have in place incident response plans. Those organizations...more
7/2/2024
/ Covered Entities ,
Data Breach ,
Gramm-Leach-Blilely Act ,
Incident Response Plans ,
Notification Requirements ,
Personal Information ,
Policies and Procedures ,
Proposed Amendments ,
Recordkeeping Requirements ,
Regulation S-P ,
Securities and Exchange Commission (SEC)
CFPB Director Chopra Emphasizes “Pressing Need” for Data Protections -
On June 12, 2024 and June 13, 2024, Consumer Financial Protection Bureau Director Rohit Chopra appeared before the Senate Banking Committee and the...more
7/1/2024
/ Breach Notification Rule ,
Consumer Financial Protection Bureau (CFPB) ,
Court of Justice of the European Union (CJEU) ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
Multi-Factor Authentication ,
Personal Data ,
Securities and Exchange Commission (SEC) ,
Settlement ,
State Privacy Laws ,
UK GDPR ,
Vermont
U.S. Government Releases Guide of ‘Minimum Baseline’ Cybersecurity Practices for Protecting Critical Infrastructure -
The Cybersecurity & Infrastructure Security Agency (“CISA”) has released a guide to help organizations...more
11/11/2022
/ Advisory Board ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
European Commission ,
European Court of Justice (ECJ) ,
European Data Protection Board (EDPB) ,
European Economic Area (EEA) ,
General Data Protection Regulation (GDPR) ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
International Data Transfers ,
Internet of Things ,
Joint Control ,
New Guidance ,
Popular ,
Transatlantic Trade and Investment Partnership ,
TTP
US Federal Appellate Court Issues Opinion on Proof of Injury in Data Breach Cases -
On September 2, 2022, the U.S. Court of Appeals for the Third Circuit reinstated a class action lawsuit that had previously been dismissed...more
9/30/2022
/ Advanced Notice of Proposed Rulemaking (ANPRM) ,
Advisory Opinions ,
Appellate Courts ,
Automation Systems ,
Breach of Confidence ,
Breach of Contract ,
Breach of Duty ,
Breach of Implied Contract ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Class Action ,
Cyber Attacks ,
Cybersecurity ,
Dark Web ,
Data Breach ,
Data Collection ,
Data Security ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Fiduciary Duty ,
Fraud ,
General Data Protection Regulation (GDPR) ,
Hackers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Identity Theft ,
Negligence ,
Popular ,
Putative Class Actions ,
Request For Information ,
Risk Assessment ,
Surveillance ,
UK
On March 9, 2022, the Securities and Exchange Commission (“SEC”) voted three-to-one to propose new and amended rules for public companies that are subject to the reporting requirements of the Securities Exchange Act of 1934...more
3/18/2022
/ Corporate Governance ,
Cybersecurity ,
Data Breach ,
Disclosure Requirements ,
Form 8-K ,
Proposed Amendments ,
Publicly-Traded Companies ,
Regulatory Agenda ,
Regulatory Reform ,
Securities and Exchange Commission (SEC) ,
Securities Regulation