On February 10, 2025, President Donald J. Trump signed an Executive Order pausing enforcement of the Foreign Corrupt Practices Act ("FCPA") by the U.S. Department of Justice ("DOJ") for 180 days and ordering Attorney General...more
The final rule establishes prohibitions and restrictions on the transfer of certain data due to national security risks from specified countries of concern....more
1/16/2025
/ Data Brokers ,
Data Privacy ,
Data Protection ,
Data Transfers ,
Department of Justice (DOJ) ,
Export Controls ,
Final Rules ,
International Data Transfers ,
National Security ,
Personal Data ,
Regulatory Requirements ,
Reporting Requirements
The Transportation Security Administration's ("TSA") proposed rule would require owners and operators of certain pipeline, freight railroad, passenger railroad, rail transit, and over-the-road bus ("OTRB") systems to...more
12/2/2024
/ Comment Period ,
Cybersecurity ,
Infrastructure ,
Oil & Gas ,
Pipelines ,
Proposed Rules ,
Railroads ,
Regulatory Agenda ,
Risk Management ,
Rulemaking Process ,
Surface Transportation ,
Transportation Security Administration
On August 9, 2024, Illinois Governor J.B. Pritzker signed into law H.B. 3773 (the "Act"), making Illinois the second state to pass broad legislation on the use of artificial intelligence ("AI") in employment decisions....more
10/30/2024
/ Artificial Intelligence ,
Automated Decision Systems (ADS) ,
Bias ,
Employer Liability Issues ,
Employment Discrimination ,
Employment Policies ,
Hiring & Firing ,
Illinois ,
Job Applicants ,
Labor Reform ,
Machine Learning ,
New Legislation ,
State Labor Laws
On September 4, 2024, U.S. Securities and Exchange Commission ("SEC") Chair Gary Gensler reiterated concerns about artificial intelligence-related ("AI") disclosures and the need for companies to communicate accurately about...more
10/24/2024
/ Artificial Intelligence ,
Boilerplate Language ,
Broker-Dealer ,
Class Action ,
Disclosure Requirements ,
Investment Adviser ,
Machine Learning ,
Misrepresentation ,
Publicly-Traded Companies ,
Regulatory Requirements ,
Securities and Exchange Commission (SEC) ,
Securities Regulation ,
Securities Violations ,
Shareholder Litigation
Rhode Island is the latest state to adopt a comprehensive data privacy law, titled the Data Transparency and Privacy Protection Act....more
On May 17, 2024, Colorado enacted S.B. 24-205 (the "Act"), which imposes a duty of reasonable care on developers and deployers of high-risk artificial intelligence ("AI") systems to protect consumers from risks of algorithmic...more
California's privacy enforcement agency has published crucial data minimization guidance for businesses....more
With the bipartisan, bicameral proposed American Privacy Rights Act of 2024, the U.S. Congress seeks to adopt the first national personal data privacy and security law that would preempt comprehensive state privacy laws....more
4/30/2024
/ Algorithms ,
Artificial Intelligence ,
Covered Entities ,
Data Protection ,
Federal Data Privacy ,
Federal Trade Commission (FTC) ,
FTC Act ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Personal Data ,
Personal Information ,
Preemption ,
Proposed Legislation ,
Regulatory Agenda ,
Regulatory Reform ,
State Privacy Laws
Chinese authorities issued new regulations and guidance governing cross-border transfers of data and personal information, which will significantly reduce procedural and compliance burdens for many multinationals....more
In two back-to-back announcements, California and the FTC reemphasized their enforcement efforts related to the sale of personal information....more
3/14/2024
/ California ,
California Consumer Privacy Act (CCPA) ,
CalOPPA ,
Data Privacy ,
Data Selling ,
DoorDash ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Mobile Apps ,
Personal Information ,
Privacy Concerns ,
State and Local Government ,
State Attorneys General
Proposed amendments to the California Consumer Privacy Act would require businesses to obtain opt-in consent prior to collecting, selling, sharing, using, or disclosing a minor's personal information....more
The California Privacy Protection Agency ("CPPA") will be able to immediately enforce regulations issued under the California Consumer Privacy Act ("CCPA"), as amended, after a recent California appeals court decision...more
The Situation: California has enacted a groundbreaking new privacy law aimed at data brokers—entities that sell information about consumers with whom they do not have a direct relationship. Under the Delete Act (SB 362), data...more
11/7/2023
/ California ,
California Privacy Protection Agency (CPPA) ,
Consumer Privacy Rights ,
Data Brokers ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Sellers ,
New Regulations ,
Personal Information ,
Privacy Laws ,
Regulatory Requirements
In light of the DOJ’s most recent guidance on the use of personal devices and third-party messaging applications by corporate personnel, this White Paper addresses issues and challenges that companies are facing in this area...more
10/18/2023
/ CFTC ,
Compliance ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Department of Justice (DOJ) ,
Electronic Communications ,
Financial Industry Regulatory Authority (FINRA) ,
Guidance Update ,
Instant Messaging Apps ,
Mobile Devices ,
Policies and Procedures ,
Securities and Exchange Commission (SEC) ,
White Collar Crimes ,
Workplace Communication
In Short -
The Situation: On July 26, 2023, the U.S. Securities and Exchange Commission ("SEC") adopted final rules that significantly alter cybersecurity disclosure obligations for companies. The SEC's final rules adopt...more
8/2/2023
/ Corporate Governance ,
Cyber Attacks ,
Cyber Incident Reporting ,
Cybersecurity ,
Disclosure Requirements ,
Final Rules ,
Form 10-K ,
Form 8-K ,
Publicly-Traded Companies ,
Regulation S-K ,
Reporting Requirements ,
Risk Management ,
Securities and Exchange Commission (SEC) ,
Securities Regulation
On May 30, 2023, the Cyberspace Administration of China ("CAC") issued the "Guidance on Filing the Standard Contract for the Cross-Border Transfer of Personal Information" ("Guidance"), which took effect on June 1, 2023....more
On February 24, 2023, the Cyberspace Administration of China ("CAC") issued the long-awaited Measures on the Standard Contract for Outbound Cross-Border Transfer of Personal Information ("Measures")....more
In Short -
The Situation: China’s antitrust enforcer, State Administration for Market Regulation ("SAMR"), published draft amendments to the Anti-Unfair Competition Law ("Amendments") for public comment that target the...more
In Short -
The Situation: The California Privacy Protection Agency ("CPPA" or "Agency") has modified its proposed regulations implementing many key California Privacy Rights Act ("CPRA") requirements....more
The OMB has issued memorandum M-22-18 with new security requirements (the "Rules") requiring federal agencies to ensure that all third-party software they use complies with secure software development standards and guidance...more
In Short -
The Situation: China released new regulations and guidelines to clarify the procedural requirements companies must satisfy for the cross-border transfer of personal information under the Personal Information...more
The U.S. Department of Justice will decline to prosecute cyber intrusions based solely on exceeding contractual authorization or which occur pursuant to "good-faith security research."
On May 19, 2022, the Department of...more
The Cyberspace Administration of China has issued draft guidance on applying for and conducting security assessments for cross-border data transfers for public comment. On October 29, 2021, the Cyberspace Administration of...more
11/10/2021
/ China ,
Comment Period ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Extraterritoriality Rules ,
International Data Transfers ,
Personal Information ,
Personal Information Protection Law (PIPL) ,
Popular ,
Public Comment ,
Regulatory Reform ,
Regulatory Requirements
The U.S. Department of Justice announces an initiative targeting cybersecurity-related fraud by government contractors and grant recipients.
On October 6, 2021, the U.S. Department of Justice ("DOJ") announced a new Civil...more