In the aftermath of a cyberattack, forensic investigations are often launched under intense pressure to identify what went wrong, why, and how to fix it. A common practice following such an investigation is the preparation of...more
On October 21, 2025, much of the internet stopped behaving as expected. The largest cloud provider in the world, Amazon Web Services (AWS), suffered a significant service disruption that rippled through countless businesses,...more
10/28/2025
/ Business Continuity Plans ,
Cloud Computing ,
Cloud Service Providers (CSPs) ,
Cybersecurity ,
Data Security ,
Incident Response Plans ,
NYDFS ,
Risk Management ,
Technology Sector ,
Third-Party Risk ,
Vendors
"It's the boogeyman… and he's been here all along." – Laurie Strode, Halloween (1978) - As Cybersecurity Awareness Month unfolds and Halloween looms, one of the most chilling threats haunting today's businesses isn't a hacker...more
A growing number of U.S. states are requiring businesses to offer mechanisms in their privacy policies or online interfaces to allow individuals to "opt out" of data collection. However, in increasing numbers, many states are...more
10/17/2025
/ California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Consumer Privacy Rights ,
Data Controller ,
Data Privacy ,
Data Protection ,
Opt-Outs ,
Personal Data ,
Privacy Policy ,
Regulatory Requirements ,
State Privacy Laws ,
Websites
October is Cybersecurity Awareness Month – a perfect time to take stock of what's really driving today's cyber losses and how your business may be affected. NetDiligence's 2025 Cyber Claims Study, analyzing more than 10,000...more
Cyber threats don't wait for an invitation – and they certainly don't take a break when the calendar flips to October. As Cybersecurity Awareness Month 2025 begins, the stakes have never been higher. Every organization, from...more
10/2/2025
/ Artificial Intelligence ,
Business E-Mail Compromise (BEC) ,
Class Action ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Security ,
Financial Services Industry ,
Healthcare ,
Incident Response Plans ,
Notification Requirements ,
Ransomware ,
Regulatory Requirements ,
Supply Chain ,
Web Tracking
The continued, rapid advancement of Artificial intelligence (AI) technologies comes with increasing risks for businesses, demanding that they navigate such issues more carefully than ever. Considering recent privacy class...more
8/29/2025
/ Artificial Intelligence ,
Biometric Information ,
Class Action ,
Compliance ,
Consumer Protection Laws ,
Data Privacy ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Privacy Laws ,
State Attorneys General ,
State Privacy Laws ,
Wiretapping
IBM and the Ponemon Institute have released the 2025 Cost of a Data Breach Report. The report, which has become an annual late-summer tradition, highlights the evolving risks and costs associated with data breaches. This...more
8/26/2025
/ Artificial Intelligence ,
Corporate Counsel ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Phishing Scams ,
Ransomware ,
Regulatory Requirements ,
Risk Management
As the race for real-time data access intensifies, organizations are confronting a growing legal and operational challenge: web scraping. What began as a fringe tactic by hobbyists has evolved into a sophisticated,...more
On July 18, 2025, President Trump signed into law the Guiding and Establishing National Innovation for U.S. Stablecoins Act of 2025 – better known as the GENIUS Act. The GENIUS Act establishes the most comprehensive federal...more
Microsoft has just disclosed a serious vulnerability in SharePoint (CVE-2025-53770) that allows unauthenticated attackers to remotely execute code in a SharePoint server hosted on-prem – no user interaction required....more
In a record-setting enforcement action under the California Consumer Privacy Act (CCPA), the California Attorney General (AG) announced a $1.55 million settlement with Healthline Media, a popular online publisher of health...more
7/8/2025
/ Advertising ,
California Consumer Privacy Act (CCPA) ,
Corporate Counsel ,
Data Collection ,
Data-Sharing ,
Enforcement Actions ,
Privacy Laws ,
Sensitive Personal Information ,
Settlement ,
State Attorneys General ,
Web Tracking
Generative AI is rewriting how lawyers work at record speed, but is also quietly flooding Courts with phantom citations and invented case law along the way. In recent months, a number of judges across the country have...more
In the chaos following a cyberattack, forensic reports are often pulled together under intense pressure and can assist companies in responding to and remediating the incident. However, if you're not careful, these reports...more
5/20/2025
/ Attorney-Client Privilege ,
Class Action ,
Corporate Counsel ,
Cybersecurity ,
Data Breach ,
Discovery ,
e-Discovery ,
Evidence ,
Forensic Examination ,
Litigation Strategies ,
Risk Management
Effective July 1, 2025, Tennessee enters the national privacy conversation with the Tennessee Information Protection Act (TIPA), becoming the latest state to enact a comprehensive consumer data privacy law. However, this...more
Wild, wild, west? Web tracking may be the new frontier in class action litigation. With thousands of lawsuits filed in California and increasingly in other states against organizations, including many who may not realize the...more
In late March, an online retailer successfully asserted consent as a complete defense to a putative Pennsylvania Wiretapping and Electronic Surveillance Control Act of 1978 (WESCA) class action lawsuit, resulting in the...more
In late February, California lawmakers introduced new legislation that would impose sweeping restrictions on the use of location and tracking data. Known as the California Location Data Act (CLDA), this legislation goes a...more
Colorado waded into the deep end of AI regulation last year with the Colorado AI Act (Senate Bill 24-205), a sweeping law designed to rein in the risks of artificial intelligence (AI) and automated decision systems (ADS)....more
2/13/2025
/ Artificial Intelligence ,
Automated Decision Systems (ADS) ,
Colorado ,
Consumer Protection Laws ,
Corporate Counsel ,
Data Privacy ,
Enforcement ,
Machine Learning ,
New Legislation ,
Regulatory Reform ,
Risk Management ,
State Legislatures ,
Technology Sector
The Securities and Exchange Commission (SEC) is increasing its scrutiny on artificial intelligence (AI)-related disclosures; therefore, companies must tread carefully as year-end reporting season approaches. Specifically,...more
In today's fast-paced digital world, businesses often seek to access a global pool of skilled professionals by turning to remote talent to fill gaps in their IT needs. Although this practice has many advantages, it also...more
12/20/2024
/ Background Checks ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Protection ,
Employer Liability Issues ,
Hiring & Firing ,
Information Technology ,
Non-Disclosure Agreement ,
North Korea ,
Remote Working ,
Risk Management
In today's digital landscape, data brokers are like modern-day gold miners, sifting through the intimate details of our lives – our addresses, financial records, Social Security numbers – and quietly turning that information...more
California is making waves with its new AI law, Assembly Bill 2013 (AB 2013), set to take effect in 2026. This groundbreaking legislation (again) puts the state at the forefront of tech regulation by tackling one of AI's...more
12/4/2024
/ Algorithms ,
Artificial Intelligence ,
Bias ,
California ,
Copyright ,
Corporate Counsel ,
Cybersecurity ,
Data Management ,
Deep Fake ,
Innovative Technology ,
Machine Learning ,
New Legislation ,
Popular ,
Technology Sector ,
Transparency
The conclusion of Cybersecurity Awareness Month is a reminder of the importance for organizations to implement robust security measures and promote good cyber hygiene. As we noted in our State of the Cyber Landscape webinar,...more
11/6/2024
/ Best Practices ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Cybersecurity Framework ,
Data Privacy ,
Data Protection ,
Data Security ,
Incident Response Plans ,
Risk Assessment ,
Risk Management
The New York Department of Financial Services (NYDFS) issued new guidance (the Guidance) on October 16, 2024, to help state-regulated financial institutions mitigate the myriads of cybersecurity risks posed by artificial...more
10/22/2024
/ Artificial Intelligence ,
Corporate Counsel ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Management ,
Data Privacy ,
Financial Institutions ,
Financial Services Industry ,
Machine Learning ,
NYDFS ,
Risk Assessment ,
Risk Management