On January 8, 2025, the U.S. Department of Justice (DOJ) published final rules (the Final Rules) to prohibit or restrict transactions by U.S. persons that could result in access to sensitive data by persons associated with...more
On January 14, 2025, the UK government unveiled a proposed framework aimed at combating the rise of ransomware attacks by implementing a payment prevention and reporting regime. This would require companies to not only report...more
On January 15, 2025, the Federal Acquisition Regulatory (FAR) Council issued a proposed rule that, if adopted, would uniformly define and protect Controlled Unclassified Information (CUI) across the government. The proposed...more
The U.S. Department of Health and Human Services Office for Civil Rights (HHS-OCR) has announced proposed modifications to the Health Insurance Portability and Accountability Act (HIPAA) Security Rule (the Proposed Rule). The...more
With Inauguration Day just around the corner, we are likely to see a host of new legislative and enforcement initiatives at the federal level. The Federal Trade Commission (FTC) will shift certain priorities under incoming...more
As cyberattacks become more sophisticated, cybersecurity remains a top concern for regulators, consumers, business partners, and investors. Weak security can cause substantial harm to a company and lead to litigation,...more
On May 16, 2024, the U.S. Securities and Exchange Commission (SEC) announced that it had adopted final amendments to its Regulation S-P (the Rule or Amended Rule), which governs “covered financial institutions’” treatment of...more
Despite national efforts over the past decades, child sexual abuse material (CSAM) and online child sexual exploitation are still unfortunately prevalent. In 2023, the National Center for Missing and Exploited Children...more
We are pleased to share the March 2024 issue of Wilson Sonsini’s Sustainability and ESG Advisory Practice Update. Each issue combines news, key legal developments, and resources related to sustainability and environmental,...more
3/29/2024
/ China ,
Climate Change ,
Cross-Border Transactions ,
Disclosure Requirements ,
Environmental Protection Agency (EPA) ,
Environmental Social & Governance (ESG) ,
EU ,
Executive Orders ,
Greenwashing ,
PFAS ,
Popular ,
Securities and Exchange Commission (SEC) ,
Singapore ,
Sustainability
On February 28, 2024, President Biden signed Executive Order 14117 (the Order) aimed at protecting Americans’ sensitive personal data and U.S. Government-related data from exploitation by “countries of concern.” This move...more
In 2024, businesses will continue to face an evolving landscape of cyber threats, along with an increasingly complex regulatory environment. With heightened scrutiny from regulators, consumers, and investors, the need to...more
1/4/2024
/ Artificial Intelligence ,
Biden Administration ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
EU ,
Federal Contractors ,
Financial Institutions ,
Hackers ,
Popular ,
Reporting Requirements ,
Securities and Exchange Commission (SEC)
As discussed in a previous alert, on July 26, 2023, the U.S. Securities and Exchange Commission (SEC) approved final rules requiring that public companies report information regarding cybersecurity incidents within four...more
On October 27, 2023, the Federal Trade Commission (FTC) announced it is amending the Safeguards Rule of the Gramm-Leach-Bliley Act (GLBA) to include a requirement for non-bank financial institutions to report certain data...more
Reflective of the Government’s increasing focus on cybersecurity, on October 3, 2023, the Federal Acquisition Regulation Council (FAR Council) released two new proposed rules that will have major impacts on federal...more
On July 26, 2023, the U.S. Securities and Exchange Commission (SEC) approved final rules requiring that public companies report material cybersecurity incidents as well as disclose their cybersecurity risk management,...more
On June 9, 2023, the White House Office of Management and Budget (OMB) issued Memorandum M-23-16, which delays implementation of a key secure software attestation requirement. The delay was necessary because the Cybersecurity...more
Earlier this month, the U.S. Securities and Exchange Commission’s (SEC) 2023 Spring Unified Agenda of Regulatory and Deregulatory Actions was released. The agenda identifies the rules that the agency expects to consider in...more
On March 2, 2023, the White House released its National Cybersecurity Strategy (the Strategy). The Strategy sets out ambitious goals for the federal government to hold countries accountable for irresponsible behavior in...more
On May 19, 2022, the U.S. Department of Justice (DOJ) revised its policy regarding charging decisions under the Computer Fraud and Abuse Act (CFAA). The new policy makes clear, "for the first time," that the DOJ "should...more