On Friday, October 27, the Federal Trade Commission ("FTC") announced new amendments to the Safeguards Rule, requiring covered financial institutions to report certain data breaches to the FTC and reflecting its continuing...more
11/13/2023
/ Cybersecurity ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
Financial Institutions ,
Financial Regulatory Reform ,
Financial Services Industry ,
FTC Act ,
Gramm-Leach-Blilely Act ,
New Amendments ,
Non-Bank Lenders ,
Personal Information ,
Popular ,
Privacy Rule ,
Risk Assessment ,
Risk Management ,
Safeguards Rule ,
Section 5
On July 18, 2023, Oregon Governor Tina Kotek signed Senate Bill 619, referred to as the "Oregon Consumer Privacy Act" ("OCPA" or "the Act"), making Oregon the 11th state to enact a comprehensive data privacy law....more
In Short -
The Background: The prevalence of generative artificial intelligence ("GenAI") is rapidly expanding, providing vast opportunities for efficiency and innovation, while also creating new risks....more
8/7/2023
/ Algorithms ,
Artificial Intelligence ,
Confidentiality Agreements ,
Data Privacy ,
End-Users ,
EULA ,
Innovation ,
Liability ,
License Agreements ,
Machine Learning ,
Popular
If adopted, these proposed rules would (i) enhance protection of customer information under Regulation S-P, (ii) add new requirements addressing cybersecurity risk to the U.S. securities markets, and (iii) expand the types of...more
On March 15, 2022, President Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (the "Act"), creating new requirements for organizations operating in critical infrastructure sectors to...more
3/18/2022
/ Biden Administration ,
Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Incident Reporting ,
Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) ,
Cybersecurity ,
Data Breach ,
Data Breach Plans ,
Data Protection ,
Data Security ,
New Legislation ,
Popular ,
Regulatory Reform ,
Reporting Requirements
UNITED STATES -
Regulatory—Policy, Best Practices, and Standards -
President Biden Issues Cybersecurity Executive Order -
On May 12, 2021, President Biden issued an executive order that placed new standards on the...more
8/10/2021
/ Article III ,
Biden Administration ,
California Consumer Privacy Act (CCPA) ,
Cybersecurity ,
Cybersecurity Framework ,
Data Breach ,
Data Privacy ,
Data Protection ,
Enforcement Actions ,
Executive Orders ,
Facial Recognition Technology ,
Federal Trade Commission (FTC) ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Information Technology ,
Mobile Apps ,
Personal Data ,
Popular ,
Ransomware ,
SCOTUS ,
Standing ,
TransUnion LLC v Ramirez
United States -
Regulatory—Policy, Best Practices, and Standard -
NIST Unveils Draft Guidance to Protect Critical Infrastructure -
On October 22, 2020, the National Institute of Standards and Technology ("NIST")...more
1/8/2021
/ CNIL ,
Consumer Privacy Rights ,
Court of Justice of the European Union (CJEU) ,
Cybersecurity ,
Cybersecurity Framework ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Protection Authority ,
Data Security ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
NIST ,
Personal Data ,
Popular ,
Risk Management
UNITED STATES -
Regulatory—Policy, Best Practices, and Standards -
NIST Releases Internal Report Regarding IoT Cybersecurity -
In September, the National Institute of Standards and Technology ("NIST") released a draft...more
12/26/2018
/ Civil Monetary Penalty ,
CNIL ,
Consumer Reporting Agencies ,
COPPA ,
Critical Infrastructure Sectors ,
Cross-Border ,
Cyber Attacks ,
Cybersecurity ,
Cybersecurity Framework ,
Data Breach ,
Data Protection ,
Department of Defense (DOD) ,
Disclosure Requirements ,
EU-US Privacy Shield ,
Federal Trade Commission (FTC) ,
Financial Services Industry ,
General Data Protection Regulation (GDPR) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Hobbs Act ,
Internal Audit Functions ,
International Data Transfers ,
Internet of Things ,
NIST ,
Popular ,
Power Grid ,
Securities and Exchange Commission (SEC) ,
Securities Exchange Act
In light of recent high-profile breaches of highly sensitive data, this is a good time to remind individuals of how to protect their identity and credit information....more
9/21/2017
/ Bank Accounts ,
Consumer Financial Protection Bureau (CFPB) ,
Credit Cards ,
Credit Monitoring ,
Credit Reports ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Debit Cards ,
Hackers ,
Identity Theft ,
Personally Identifiable Information ,
Popular
China’s Cybersecurity Law was issued on November 7, 2016, by the Standing Committee of the National People’s Congress, and it came into effect on June 1, 2017. The Cybersecurity Law marks the first comprehensive law in China...more
9/5/2017
/ China ,
Compliance ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Security ,
Exports ,
Foreign Investment ,
International Data Transfers ,
Medical Devices ,
Networks ,
Personally Identifiable Information ,
Popular
For entities regulated by the New York Department of Financial Services, the deadline for complying with the new Cybersecurity Requirements for Financial Services Companies, 23 NYCRR Part 500, is Monday, August 28, 2017. To...more
On March 15, 2017, New Mexico's Senate passed H.B. 15, which would create the state's first data breach notification law. New Mexico is currently one of only three states (including Alabama and South Dakota) without a data...more