I. Recap of 2024 Climate Initiatives - Last year featured a number of investigations and initiatives by state and federal officials regarding the impact of climate risk on the affordability and availability of insurance....more
Proposed rule would create new prohibitions on transactions of sensitive personal data and government-related data -
The Department of Justice (DOJ) has proposed a new rule aimed at preventing access of China and other...more
On October 16, 2024, the New York State Department of Financial Services (DFS) issued an industry letter providing guidance on how DFS-regulated entities (covered entities) should be evaluating and responding to artificial...more
10/30/2024
/ Artificial Intelligence ,
Covered Entities ,
Cyber Threats ,
Cybersecurity ,
Deep Fake ,
Industry Letters ,
New York ,
NYDFS ,
Popular ,
Regulatory Agenda ,
Regulatory Requirements ,
Reporting Requirements ,
Risk Management
On September 24th and 25th, the National Institute of Standards and Technology (NIST) convened a symposium to generate new insights about the next steps needed to unleash AI innovations that will enable trust in this...more
With one presidential candidate more inclined toward robust regulation and the other more inclined to loosen regulatory requirements, the outcome of the 2024 US election will significantly influence the direction of AI...more
10/25/2024
/ Artificial Intelligence ,
Corporate Strategy ,
Disclosure Requirements ,
Donald Trump ,
Energy Sector ,
Environmental Social & Governance (ESG) ,
Global Market ,
Green Initiatives ,
Kamala Harris ,
Legislative Agendas ,
Political Candidates ,
Popular ,
Presidential Elections ,
Regulatory Agenda ,
Regulatory Requirements ,
Sustainability ,
Transparency
Cybersecurity requirements continue to proliferate, both globally and within the US. Whether because of these new requirements, or because of the escalating threat environment, companies should urgently consider assessing...more
Companies should brace for another surge in California Invasion of Privacy Act (CIPA) claims after two federal court decisions may encourage plaintiffs to file even more claims relating to website analytics tools. No industry...more
9/6/2024
/ Analytics ,
Appeals ,
California ,
California Consumer Privacy Act (CCPA) ,
CIPA ,
Class Action ,
Demand Letter ,
Invasion of Privacy ,
Popular ,
Privacy Laws ,
State and Local Government ,
State Legislatures ,
Websites
Imagine a world in which powerful computers can instantaneously break a company’s standard encryption, threatening the most valuable financial data, intellectual property, personal information, and even national security...more
Technological advances, especially in Artificial Intelligence and quantum computing, will continue to amaze in the coming years. They will open up vast new opportunities while presenting profound regulatory, litigation, and...more
3/1/2024
/ Artificial Intelligence ,
Business Losses ,
Consumer Financial Protection Bureau (CFPB) ,
Coronavirus/COVID-19 ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Financial Services Industry ,
NAIC ,
Popular ,
Securities and Exchange Commission (SEC) ,
State Privacy Laws ,
Technology ,
Website Design ,
Websites
Last week the FBI Director, CISA Director, NSA Director, and National Cyber Director testified publicly about current and ongoing threats to US critical infrastructure providers by Chinese state-sponsored entities known as...more
2/9/2024
/ China ,
Congressional Investigations & Hearings ,
Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
FBI ,
National Security Agency (NSA) ,
Popular ,
State Sponsors of Cyberattacks
On November 17, 2023, the United States Treasury Department’s Federal Insurance Office (FIO) and the Volatility and Risk Institute at the NYU Stern School of Business jointly hosted a conference on Catastrophic Cyber Risk and...more
On November 1, 2023, the New York Department of Financial Services (NY DFS) published its highly anticipated final amendments to its influential cybersecurity requirements for financial services companies (Part 500)....more
11/15/2023
/ Chief Information Security Officer (CISO) ,
Compliance ,
Covered Entities ,
Cybersecurity ,
Final Rules ,
Financial Services Industry ,
Incident Response Plans ,
Multi-Factor Authentication ,
NYDFS ,
Policies and Procedures ,
Risk Assessment ,
Risk Management ,
State Data Breach Notification Statutes
On October 30, 2023, the Biden Administration issued the groundbreaking Executive Order 14110 on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence (Order), which sets in motion a comprehensive...more
11/13/2023
/ Artificial Intelligence ,
Biden Administration ,
Civil Rights Act ,
Climate Change ,
Competition ,
Cybersecurity ,
Department of Homeland Security (DHS) ,
Department of Labor (DOL) ,
Executive Orders ,
Federal Contractors ,
Government Agencies ,
Innovation ,
Innovative Technology ,
Intellectual Property Protection ,
NIST ,
Popular ,
Privacy Laws ,
Public Policy ,
Regulatory Agenda ,
Technology Sector
On October 19, 2023, the Consumer Financial Protection Bureau (CFPB) issued an advance notice of proposed rulemaking (ANPR) with respect to a new consumer financial data portability rule mandated by Section 1033 of the...more
11/9/2023
/ Advanced Notice of Proposed Rulemaking (ANPRM) ,
Banking Sector ,
Compliance ,
Compliance Dates ,
Consumer Financial Protection Act (CFPA) ,
Consumer Financial Protection Bureau (CFPB) ,
Data Collection ,
Data Privacy ,
Data Processing Rules ,
Data Protection ,
Data-Sharing ,
Federal Trade Commission (FTC) ,
Financial Services Industry ,
Nonbank Firms ,
Personal Data ,
Sensitive Personal Information ,
Third-Party Service Provider
Welcome to the latest edition of Updata – the international update from Eversheds Sutherland’s dedicated Privacy and Cybersecurity team.
Updata provides you with a compilation of privacy and cybersecurity regulatory and...more
11/7/2023
/ Banking Sector ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Data Subject Access Requests ,
Employee Monitoring ,
Enforcement Actions ,
EU ,
Hong Kong ,
New Legislation ,
Privacy Framework ,
Privacy Laws ,
UK
Why should I read this?
A new UK-US data bridge will be available to businesses in the UK looking to transfer personal data to organizations in the United States certified under the UK Extension to the EU-US Data Privacy...more
9/26/2023
/ Corporate Counsel ,
EU ,
EU-US Privacy Shield ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
International Data Transfers ,
Privacy Framework ,
Privacy Laws ,
Standard Contractual Clauses ,
UK ,
UK GDPR ,
US-EU Safe Harbor Framework
On September 15, 2023, the Consumer Financial Protection Bureau (CFPB) published an outline of expansive rulemaking proposals to modernize the coverage of the Fair Credit Reporting Act (FCRA) to include data brokers, data...more
9/26/2023
/ Artificial Intelligence ,
Comment Period ,
Consumer Financial Protection Bureau (CFPB) ,
Credit Reports ,
Creditors ,
Data Brokers ,
Fair Credit Reporting Act (FCRA) ,
Financial Services Industry ,
Medical Debt ,
Proposed Rules ,
Rulemaking Process ,
SBREFA ,
Small Business ,
Underwriting
On July 26, 2023, the US Securities and Exchange Commission (SEC) released final rules requiring disclosure by public companies of material cybersecurity incidents and policies and procedures related to cybersecurity risk...more
8/2/2023
/ Business Development Companies ,
Compliance ,
Corporate Governance ,
Cyber Incident Reporting ,
Cybersecurity ,
Disclosure Requirements ,
Final Rules ,
Foreign Private Issuers ,
Form 10-K ,
Form 20-F ,
Form 8-K ,
Publicly-Traded Companies ,
Regulatory Oversight ,
Risk Management ,
Securities and Exchange Commission (SEC) ,
Securities Exchange Act ,
Third-Party Service Provider
Welcome to the latest edition of Updata – the international update from Eversheds Sutherland’s dedicated Privacy and Cybersecurity team.
Updata provides you with a compilation of privacy and cybersecurity regulatory and...more
Welcome to the latest edition of Updata!
Updata is an international report produced by Eversheds Sutherland’s dedicated Privacy and Cybersecurity team – it provides you with a compilation of key privacy and cybersecurity...more
5/11/2023
/ Adequacy Requirement ,
Artificial Intelligence ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
China ,
Consent ,
Cookies ,
Cybersecurity ,
Czech Republic ,
Disclosure Requirements ,
EU ,
EU Data Protection Laws ,
Germany ,
International Data Transfers ,
Member State ,
New Guidance ,
New Legislation ,
NIST ,
Privacy Laws ,
Singapore ,
South Korea ,
State Privacy Laws ,
UK
US financial services regulators are continuing to enhance cyber reporting requirements in response to increasing geopolitical tensions, emerging technologies, the proliferation of cyber-attacks, and larger market events....more
4/28/2023
/ Broker-Dealer ,
CFTC ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Financial Regulatory Agencies ,
Financial Services Industry ,
Personal Data ,
Publicly-Traded Companies ,
Regulation S-P ,
Reporting Requirements ,
Securities and Exchange Commission (SEC) ,
Sensitive Personal Information
On April 3, the CFPB issued a policy statement intended to provide “a framework to help federal and state enforcers identify when companies engage in abusive conduct.” Conduct violates the abusiveness standard when it either:...more
On March 29, 2023, the Iowa Governor signed into law a consumer data privacy law which enters into force on January 1, 2025.
Entities already complying with other enhanced state privacy laws should not experience any...more
On March 27, 2023, the California Privacy Protection Agency (CPPA) will close its second phase of rulemaking on automated decision-making (ADM) systems under the California Privacy Rights Act (CPRA)— but not before giving...more
The year 2023 will continue to have cybersecurity and data privacy front of mind for General Counsels. With sweeping new US and global laws and regulations coming online and the California Privacy Protection Agency (CPPA)...more
3/3/2023
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Personal Data ,
Personal Information ,
Personally Identifiable Information ,
Privacy Laws ,
Sensitive Personal Information