Warby Parker Fined $1.5 Million Following HHS Investigation of Credential Stuffing Security Breach -
On February 20, 2025, the U.S. Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”) announced a...more
3/14/2025
/ Artificial Intelligence ,
California Privacy Protection Agency (CPPA) ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Department of Health and Human Services (HHS) ,
Enforcement Actions ,
EU ,
European Data Protection Board (EDPB) ,
Personal Data ,
Popular ,
Reporting Requirements ,
UK
DOJ Final Rule: New US Restrictions on Nearly All Foreign Access to Personal Data -
The National Security Division of the United States Department of Justice has issued a sweeping final rule that would prevent access to...more
1/17/2025
/ Artificial Intelligence ,
California Privacy Protection Agency (CPPA) ,
Class Action ,
Cybersecurity ,
Data Breach ,
Data Brokers ,
Data Privacy ,
Data Protection ,
Department of Health and Human Services (HHS) ,
Department of Justice (DOJ) ,
EU ,
European Data Protection Board (EDPB) ,
Final Rules ,
Foreign Governments ,
General Data Protection Regulation (GDPR) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Security Rule ,
National Security ,
OCR ,
Personal Data ,
Sensitive Personal Information ,
UK
Four Companies Settle SEC Allegations for “Misleading Cyber Disclosures” Regarding SolarWinds -
On October 22, 2024, the Securities and Exchange Commission (“SEC”) announced settlements with four companies for alleged...more
11/8/2024
/ Artificial Intelligence ,
Consumer Financial Protection Bureau (CFPB) ,
Covered Entities ,
Cybersecurity ,
Disclosure Requirements ,
European Commission ,
Final Rules ,
Notice of Proposed Rulemaking (NOPR) ,
NYDFS ,
Public Disclosure ,
Risk Management ,
Securities and Exchange Commission (SEC) ,
Securities Exchange Act of 1934 ,
Settlement ,
Social Engineering ,
Social Networks ,
SolarWinds ,
UK
X Agrees to Stop Processing EU Data to Train its Grok AI -
Ireland’s Data Protection Commission (“DPC”) recently filed an urgent High Court application against X (formerly Twitter) for using the personal data of European...more
9/13/2024
/ Artificial Intelligence ,
Cybersecurity ,
Data Collection ,
Data Protection ,
Data Security ,
EU ,
EU-US Privacy Shield ,
European Data Protection Board (EDPB) ,
Fines ,
Ireland ,
Liability ,
Personal Data ,
Sensitive Personal Information ,
Twitter ,
Uber
FTC Announces Proposed Settlement with Data Aggregator over its Alleged Selling of Precise Location Data -
The Federal Trade Commission (“FTC”), on January 18, 2024, announced a proposed settlement with InMarket Media...more
As we begin the new year, we offer this special edition with predictions for 2024 from members of the Cyber Bits Partner Committee. Regardless of what happens in 2024, we renew our commitment to keep you informed of the...more
1/8/2024
/ Artificial Intelligence ,
Biometric Information ,
China ,
Consumer Privacy Rights ,
Cybersecurity ,
Disclosure Requirements ,
Enforcement ,
EU ,
Facial Recognition Technology ,
Machine Learning ,
Popular ,
Regulation S-P ,
Risk Management ,
Securities and Exchange Commission (SEC)
EU AI Act: Political Agreement Reached on Terms of Landmark Legislation -
Negotiators for the European Council and the European Parliament have reached political agreement on the provisions of the EU Artificial...more
12/15/2023
/ Artificial Intelligence ,
California Privacy Protection Agency (CPPA) ,
Compliance ,
Cookies ,
Court of Justice of the European Union (CJEU) ,
EU ,
Federal Trade Commission (FTC) ,
Fines ,
General Data Protection Regulation (GDPR) ,
Neglect ,
New Legislation ,
UK
What is in store for Privacy and Cybersecurity in 2023 -
As the year ends, we offer this special edition with predictions for 2023 from each member of the Cyber Bits Partner Committee. Regardless of what happens in 2023, we...more
12/30/2022
/ Artificial Intelligence ,
California Consumer Privacy Act (CCPA) ,
Cyber Attacks ,
Cybersecurity ,
Disclosure Requirements ,
EU ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Infrastructure ,
Investment Adviser ,
Popular ,
Privacy Laws ,
Privacy Legislation ,
Risk Management ,
Securities and Exchange Commission (SEC) ,
State Data Breach Notification Statutes ,
UK ,
Whistleblowers
Few things are certain, but it is indisputable that in 2022 data will remain big; data driven technologies will create unparalleled opportunity and risk; the frequency and sophistication of cyberattacks will shatter...more
1/7/2022
/ Artificial Intelligence ,
California Consumer Privacy Act (CCPA) ,
Cyber Attacks ,
Cyber Insurance ,
Cybersecurity ,
Data Breach ,
Data Loss Prevention ,
Data Privacy ,
Data Protection ,
EU-US Privacy Shield ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Hackers ,
International Data Transfers ,
Machine Learning ,
Popular ,
Ransomware ,
Regulatory Agenda ,
Section 5