In this month’s edition of our Privacy & Cybersecurity Update, we examine the California Privacy Protection Agency's public comment period for the California Privacy Rights Act, the U.K. government's public consultation...more
10/4/2021
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
EU ,
Fourth Amendment ,
General Data Protection Regulation (GDPR) ,
Office of Foreign Assets Control (OFAC) ,
Personal Information ,
Public Comment ,
Surveillance
In this month’s edition of our Privacy & Cybersecurity Update, we examine FINRA’s report on cloud computing, Connecticut’s new safe harbor for companies following certain cybersecurity protocols and a district court dismissal...more
9/1/2021
/ China ,
Cloud Computing ,
Communications Decency Act ,
Consultation Periods ,
Covered Entities ,
Cybersecurity ,
Data Protection ,
Financial Industry Regulatory Authority (FINRA) ,
International Data Transfers ,
Safe Harbors ,
Section 230 ,
Securities Regulation
In this month’s edition of our Privacy & Cybersecurity Update, we examine cybersecurity guidance issued by New York state, and the Cybersecurity and Infrastructure Security Agency’s new “Bad Practices” website outlining what...more
8/3/2021
/ Best Practices ,
California Consumer Privacy Act (CCPA) ,
COPPA ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
European Data Protection Board (EDPB) ,
Federal Trade Commission (FTC) ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
NYDFS ,
Popular ,
Ransomware
In this month’s edition of our Privacy & Cybersecurity Update, we examine the European Commission’s new Standard Contractual Clauses and the European Data Protection Board’s new recommendations on international data flows. We...more
7/9/2021
/ Computer Fraud and Abuse Act (CFAA) ,
Cybersecurity ,
Data Protection ,
European Commission ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Popular ,
Ransomware ,
Schrems I & Schrems II ,
State Privacy Laws
In this month's edition of our Privacy & Cybersecurity Update, we examine the Second Circuit's ruling allowing standing for increased risk of identity theft following a data breach, the European Commission's recently released...more
5/3/2021
/ Artificial Intelligence ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Labor (DOL) ,
EBSA ,
EU ,
European Commission ,
IN Supreme Court ,
Ransomware
In this month’s edition, we examine California’s new regulations enhancing opt-out rights in the California Consumer Privacy Act and the state's selections for the California Privacy Protection Agency’s inaugural board. We...more
4/2/2021
/ California Consumer Privacy Act (CCPA) ,
Commercial General Liability Policies ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
FDCPA ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
Opt-Outs ,
Personal Data ,
Securities and Exchange Commission (SEC) ,
State Attorneys General ,
State Privacy Laws ,
TCPA
Three Key Takeaways -
There was, and remains, strong parliamentary consensus for reform to the UK’s foreign investment screening laws, stemming from sharpening geopolitical and strategic threats and the growing national...more
In this month's edition of our Privacy & Cybersecurity Update, we examine the New York Department of Financial Services' issuance of the first-ever cyber insurance risk guidance framework, the Eleventh Circuit's ruling...more
Takeaways
- Boards need to take an active role overseeing cybersecurity measures.
- Directors may be held personally responsible for lapses that result in attacks.
- U.S. money laundering and sanctions rules may prohibit...more
2/17/2021
/ Anti-Money Laundering ,
Board of Directors ,
Corporate Governance ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Directors ,
Popular ,
Ransomware
In this month's edition, we examine the European Commission's Digital Services Act and its potential regulatory impact, the National Institute of Standards and Technology's draft guidance on internet-of-things devices'...more
2/4/2021
/ Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Retention ,
Data Security ,
Digital Services ,
Draft Guidance ,
European Commission ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Internet of Things ,
NIST ,
Popular ,
Privacy Policy
In this month’s edition of our Privacy & Cybersecurity Update, we examine the passage of the ballot initiative that enacts the California Privacy Rights Act, the U.K. Information Commissioner’s Office’s final guidance on data...more
12/2/2020
/ Biometric Information Privacy Act ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Consumer Privacy Rights ,
Corporate Counsel ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
European Economic Area (EEA) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Popular ,
Schrems I & Schrems II ,
Standard Contractual Clauses
On November 12, 2020, President Trump signed Executive Order 13959 prohibiting U.S. persons from engaging in any transaction in publicly traded securities in “Communist Chinese military companies” (CCMCs), effective January...more
11/18/2020
/ Biden Administration ,
China ,
Department of Defense (DOD) ,
Executive Orders ,
Foreign Relations ,
National Security ,
NDAA ,
Office of Foreign Assets Control (OFAC) ,
Publicly-Traded Companies ,
Securities Transactions ,
Trump Administration
The UK government’s long-awaited National Security and Investment Bill (the Bill), which paves the way to significant changes in the UK’s regime for screening foreign investment, was laid before Parliament on 11 November...more
On November 4, 2020, the U.S. Department of Commerce issued its preliminary determination that passenger vehicle and light truck tires from Vietnam benefited from a range of government subsidies, including subsidies based on...more
11/12/2020
/ Countervailing Duties ,
Currency Exchange ,
Exchange Rates ,
Foreign Exchanges ,
Imports ,
International Trade Commission (ITC) ,
Statutory Authority ,
Trade Act of 1974 ,
U.S. Commerce Department ,
USTR ,
Vietnam
In this month's edition of our Privacy & Cybersecurity Update, we examine the U.S. Treasury's advisories regarding the role of financial intermediaries in ransomware payments, a ruling by the Israeli data protection authority...more
11/3/2020
/ British Airways ,
California Consumer Privacy Act (CCPA) ,
Court of Justice of the European Union (CJEU) ,
Cyber Attacks ,
Cyber Insurance ,
Cybersecurity ,
Data Breach ,
Data Protection ,
EU ,
EU-US Privacy Shield ,
Financial Institutions ,
FinCEN ,
International Data Transfers ,
Office of Foreign Assets Control (OFAC) ,
Popular ,
Ransomware ,
State Attorneys General ,
Surveillance
On October 8, 2020, the Office of the U.S. Trade Representative (USTR) issued notices launching two investigations with respect to Vietnam. USTR initiated investigations into the acts, policies and practices of Vietnam...more
10/13/2020
/ Cambodia ,
China ,
Comment Period ,
Countervailing Duties ,
Currency Control ,
Government Investigations ,
Illegal Activity ,
Imports ,
Public Comment ,
Request For Information ,
Section 301 ,
Tariffs ,
Timber ,
USTR ,
Vietnam ,
Wildlife Protection
In this month's edition, we examine the Swiss data protection authority's comments on the validity of its data-sharing framework with the U.S., as well as the European Data Protection Board's guidance on joint controllers and...more
10/10/2020
/ Biometric Information Privacy Act ,
Class Action ,
Constitutional Challenges ,
Cybersecurity ,
Data Collection ,
Data Protection ,
Data Protection Authority ,
European Data Protection Board (EDPB) ,
International Data Transfers ,
Joint Control ,
Metadata ,
National Security Agency (NSA) ,
New Guidance ,
Outer Space ,
Personally Identifiable Information ,
Popular ,
Presidential Memorandum ,
Privacy Laws ,
Social Media ,
Swiss Privacy Shield ,
Trump Administration
On September 15, 2020, the Treasury Department issued final regulations that define when it is mandatory to file with the Committee on Foreign Investment in the United States (CFIUS). This final rule builds on regulations...more
9/23/2020
/ CFIUS ,
Critical Infrastructure Sectors ,
Export Administration Regulations (EAR) ,
Export Controls ,
Filing Requirements ,
Final Rules ,
FIRRMA ,
Foreign Acquisitions ,
Foreign Investment ,
NAICS ,
Technology Sector ,
U.S. Treasury
In this month's edition of our Privacy & Cybersecurity Update, we examine the National Institute of Standards and Technology's four principles of the "explainability" of artificial intelligence and the U.K. Information...more
9/1/2020
/ Anti-Drone Technology ,
Artificial Intelligence ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Compliance ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Protection Impact Assessments (DPIAs) ,
Department of Homeland Security (DHS) ,
Department of Justice (DOJ) ,
Drones ,
EU-US Privacy Shield ,
FCC ,
Federal Aviation Administration (FAA) ,
Federal Trade Commission (FTC) ,
Final Rules ,
International Data Transfers ,
NIST ,
Office of Administrative Law ,
Personal Information ,
Popular ,
Privacy Laws ,
Risk Mitigation ,
UK ,
UK ICO
On July 30, 2020, the Committee on Foreign Investment in the United States (CFIUS or the Committee) released its annual report to Congress for calendar year 2019. CFIUS, an interagency committee led by the U.S. Department of...more
In this month's edition, we examine the Court of Justice of the European Union's decision invalidating the EU-U.S. Privacy Shield framework, as well as the U.S. government's response to the decision. We also examine two...more
8/6/2020
/ Automotive Industry ,
Binding Corporate Rules ,
Broadband Privacy Rules ,
Connected Cars ,
Corporate Counsel ,
Court of Justice of the European Union (CJEU) ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Economic Loss Doctrine ,
Enforcement Actions ,
EU ,
EU-US Privacy Shield ,
European Data Protection Board (EDPB) ,
Federal Trade Commission (FTC) ,
First Amendment ,
Free Speech ,
General Data Protection Regulation (GDPR) ,
Hackers ,
Insurance Industry ,
International Data Transfers ,
Internet Service Providers (ISPs) ,
Misrepresentation ,
Negligence ,
NYDFS ,
Online Platforms ,
P2B ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Privacy Laws ,
Schrems I & Schrems II ,
Security Breach ,
Standard Contractual Clauses ,
U.S. Commerce Department ,
UK ,
UK Data Protection Act ,
United Nations
On July 22, 2020, the U.S. Department of Commerce issued a final rule adding 11 Chinese companies (Listed Entities) to the Bureau of Industry and Security’s (BIS) Entity List for allegedly “engaging in or enabling activities...more
7/29/2020
/ Bureau of Industry and Security (BIS) ,
China ,
Commodities ,
Economic Sanctions ,
End-Users ,
Entity List ,
Export Administration Regulations (EAR) ,
Fashion Industry ,
Foreign Policy ,
Human Rights ,
Muslims ,
Statutory Violations ,
Technology Sector ,
U.S. Commerce Department
In the wake of China’s new national security law for Hong Kong that went into effect on June 30, 2020, the Trump administration has taken several steps to significantly pare back Hong Kong’s preferential status under U.S....more
7/20/2020
/ Bureau of Industry and Security (BIS) ,
China ,
Economic Sanctions ,
Export Administration Regulations (EAR) ,
Export Controls ,
Foreign Financial Institutions (FFI) ,
Foreign Persons ,
Hong Kong ,
Hong Kong Autonomy Act (HKAA) ,
Human Rights ,
Office of Foreign Assets Control (OFAC) ,
Preferential Trade Status ,
Revocation ,
Risk Assessment ,
Rollbacks ,
Trump Administration ,
U.S. Commerce Department ,
US Trade Policies
In this month's edition of our Privacy & Cybersecurity Update, we examine the California attorney general's final regulations for the California Consumer Privacy Act and a ruling by the Indiana Court of Appeals involving...more
7/6/2020
/ California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Constitutional Challenges ,
Consumer Fraud ,
Cyber Insurance ,
Cybersecurity ,
Data Privacy ,
EU ,
Popular ,
Privacy Laws ,
Ransomware
In recent months, European states have raced to implement protections against opportunistic acquisitions of key local businesses by foreign buyers amid the economic disruption caused by the spread of COVID-19. ...more