On July 18, 2024, a New York federal judge dismissed most of the US Securities and Exchange Commission’s ("SEC") claims against SolarWinds Corp. ("SolarWinds" or the "Company") and its Chief Information Security Officer...more
With the 2023 annual report season upon us, it is time for companies to take stock of risk factors for 10-Ks and 20-Fs, and consider whether recent economic, political, technological, and regulatory developments have had (or...more
12/22/2023
/ Annual Reports ,
Artificial Intelligence ,
Climate Change ,
Cybersecurity ,
Disclosure Requirements ,
Geopolitical Risks ,
Internal Controls ,
Popular ,
Publicly-Traded Companies ,
Risk Factors ,
Securities and Exchange Commission (SEC)
On October 30, 2023, the US Securities and Exchange Commission ("SEC") announced that it filed charges against SolarWinds Corp. ("SolarWinds" or the "Company") and its Chief Information Security Officer ("CISO") in connection...more
11/15/2023
/ Breach Notification Rule ,
Chief Information Security Officer (CISO) ,
Civil Monetary Penalty ,
Cyber Attacks ,
Cybersecurity ,
Disclosure Requirements ,
Enforcement ,
Fraud ,
Information Technology ,
Initial Public Offering (IPO) ,
Injunctive Relief ,
Insurance Industry ,
Internal Controls ,
Investors ,
Material Misstatements ,
Misleading Statements ,
NIST ,
Omissions ,
Popular ,
Publicly-Traded Companies ,
Reporting Requirements ,
Sarbanes-Oxley ,
Securities Act of 1933 ,
Securities and Exchange Commission (SEC) ,
Securities Exchange Act of 1934 ,
Software ,
Vulnerability Assessments
After a delay of eight months, the California Privacy Rights Act Regulations (CPRA) (the "Regulations") were finalized in late March of this year. The Regulations remain unchanged from the final modified version of the draft...more
For most large companies, a frictionless flow of information and the ability to transfer customer data, employee files, financial records and other information around the world quickly and cost-effectively is a critical...more
3/22/2023
/ Biometric Information ,
Board of Directors ,
Corporate Governance ,
Corporate Officers ,
Cybersecurity ,
Data Protection ,
Data Security ,
Data Transfers ,
Disclosure Requirements ,
Environmental Social & Governance (ESG) ,
EU ,
International Data Transfers ,
Personal Data ,
Popular ,
Risk Assessment ,
Risk Management ,
Technology ,
UK
California employers' reprieve from obligations to employees to disclose data privacy practices and provide access rights to employees appears to be coming to an end as the California Privacy Rights Act (CPRA) becomes...more
10/12/2022
/ California ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Compliance ,
Confidential Communications ,
Data Collection ,
Data Privacy ,
Disclosure Requirements ,
Notice Requirements ,
Opt-Outs ,
Personal Information ,
Policies and Procedures ,
Privacy Laws
On March 9, 2022, the Securities and Exchange Commission ("SEC") proposed rules that would require public companies to make prescribed cybersecurity disclosures. The proposed rules would "strengthen investors' ability to...more
3/15/2022
/ Broker-Dealer ,
Corporate Governance ,
Cyber Incident Reporting ,
Cybersecurity ,
Disclosure Requirements ,
Investment Adviser ,
Investment Companies ,
Investors ,
Proposed Rules ,
Publicly-Traded Companies ,
Risk Management ,
Securities and Exchange Commission (SEC)
Ninth Circuit Decision Highlights Importance of Updating Risk Factors to Address Material Developments, including those relating to Cybersecurity Risks.
As companies prepare their periodic reports with the SEC, a recent...more
The Securities and Exchange Commission (“SEC”) Office of Compliance Inspections and Examinations (“OCIE”) recently released a report summarizing best practices for securities market participants, including public companies,...more
Your business complies with the General Data Protection Regulation ("GDPR") and/or Turkish Personal Data Protection Law numbered 6698 and its secondary legislation ("PDPL"); but does it comply with the California Consumer...more
1/8/2020
/ California Consumer Privacy Act (CCPA) ,
Compliance ,
Consumer Protection Laws ,
Covered Entities ,
Cross-Border Transactions ,
Data Buyers ,
Data Collection ,
Data Processors ,
Data Sellers ,
Disclosure Requirements ,
E-Commerce ,
Electronic Payment Transactions ,
General Data Protection Regulation (GDPR) ,
Internet Streaming ,
Online Gaming ,
Opt-Outs ,
Personal Information ,
Portability ,
Privacy Laws ,
Right of Access ,
Right to Be Forgotten ,
Risk Assessment ,
Risk Mitigation ,
Transparency ,
Turkey ,
Turkish Personal Data Protection Law (PDPL)
White & Case Technology Newsflash -
Fulfilling a company's data breach and cybersecurity incident notification and disclosure requirements is an increasing challenge. Companies operating across industry sectors and around...more
11/6/2019
/ Cyber Incident Reporting ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Disclosure Requirements ,
Notification Requirements ,
Popular ,
Privacy Laws ,
Risk Management ,
State Data Breach Notification Statutes