The Transportation Security Administration's ("TSA") proposed rule would require owners and operators of certain pipeline, freight railroad, passenger railroad, rail transit, and over-the-road bus ("OTRB") systems to...more
12/2/2024
/ Comment Period ,
Cybersecurity ,
Infrastructure ,
Oil & Gas ,
Pipelines ,
Proposed Rules ,
Railroads ,
Regulatory Agenda ,
Risk Management ,
Rulemaking Process ,
Surface Transportation ,
Transportation Security Administration
California's privacy enforcement agency has published crucial data minimization guidance for businesses....more
Chinese authorities issued new regulations and guidance governing cross-border transfers of data and personal information, which will significantly reduce procedural and compliance burdens for many multinationals....more
Proposed amendments to the California Consumer Privacy Act would require businesses to obtain opt-in consent prior to collecting, selling, sharing, using, or disclosing a minor's personal information....more
In light of the DOJ’s most recent guidance on the use of personal devices and third-party messaging applications by corporate personnel, this White Paper addresses issues and challenges that companies are facing in this area...more
10/18/2023
/ CFTC ,
Compliance ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Department of Justice (DOJ) ,
Electronic Communications ,
Financial Industry Regulatory Authority (FINRA) ,
Guidance Update ,
Instant Messaging Apps ,
Mobile Devices ,
Policies and Procedures ,
Securities and Exchange Commission (SEC) ,
White Collar Crimes ,
Workplace Communication
In Short -
The Situation: On July 26, 2023, the U.S. Securities and Exchange Commission ("SEC") adopted final rules that significantly alter cybersecurity disclosure obligations for companies. The SEC's final rules adopt...more
8/2/2023
/ Corporate Governance ,
Cyber Attacks ,
Cyber Incident Reporting ,
Cybersecurity ,
Disclosure Requirements ,
Final Rules ,
Form 10-K ,
Form 8-K ,
Publicly-Traded Companies ,
Regulation S-K ,
Reporting Requirements ,
Risk Management ,
Securities and Exchange Commission (SEC) ,
Securities Regulation
On May 30, 2023, the Cyberspace Administration of China ("CAC") issued the "Guidance on Filing the Standard Contract for the Cross-Border Transfer of Personal Information" ("Guidance"), which took effect on June 1, 2023....more
On February 24, 2023, the Cyberspace Administration of China ("CAC") issued the long-awaited Measures on the Standard Contract for Outbound Cross-Border Transfer of Personal Information ("Measures")....more
In Short -
The Situation: The California Privacy Protection Agency ("CPPA" or "Agency") has modified its proposed regulations implementing many key California Privacy Rights Act ("CPRA") requirements....more
The OMB has issued memorandum M-22-18 with new security requirements (the "Rules") requiring federal agencies to ensure that all third-party software they use complies with secure software development standards and guidance...more
In Short -
The Situation: China released new regulations and guidelines to clarify the procedural requirements companies must satisfy for the cross-border transfer of personal information under the Personal Information...more
The Cyberspace Administration of China has issued draft guidance on applying for and conducting security assessments for cross-border data transfers for public comment. On October 29, 2021, the Cyberspace Administration of...more
11/10/2021
/ China ,
Comment Period ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Extraterritoriality Rules ,
International Data Transfers ,
Personal Information ,
Personal Information Protection Law (PIPL) ,
Popular ,
Public Comment ,
Regulatory Reform ,
Regulatory Requirements
The U.S. Department of Justice announces an initiative targeting cybersecurity-related fraud by government contractors and grant recipients.
On October 6, 2021, the U.S. Department of Justice ("DOJ") announced a new Civil...more
When the DSL goes into effect on September 1, 2021, it will impose certain restrictions on a company's ability to transfer data out of China without the prior approval of Chinese authorities. One significant restriction is...more
8/27/2021
/ China ,
Consumer Privacy Rights ,
Corporate Counsel ,
Cybersecurity ,
Data Protection ,
Data Security ,
Foreign Official ,
International Data Transfers ,
Multinationals ,
Personal Data ,
Personally Identifiable Information ,
Popular
On June 10, 2021, the Standing Committee of the 13th National People's Congress passed the long awaited People's Republic of China (China) Data Security Law ("DSL") after a final read of the third draft. The DSL, which takes...more
6/21/2021
/ China ,
Corporate Counsel ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Data Processing Rules ,
Data Processors ,
Data Protection ,
Data Security ,
General Data Protection Regulation (GDPR) ,
Information Technology ,
International Data Transfers ,
National Security ,
New Legislation ,
Regulatory Reform
China recently released new drafts of its Data Security Law and its Personal Information Protection Law for public comment; when finalized the two laws will impose significant obligations on how companies collect, process,...more