The new SEC cybersecurity rules (Release No. 33-11216), codify and build on earlier SEC guidance on cybersecurity risks and incidents and require specific cybersecurity-related disclosures....more
Cybersecurity and data privacy risks continue to loom large with potentially significant consequences. Litigation, often filed soon after incidents, adds to the possible repercussions. In our previous article, we discussed a...more
Flexing considerable enforcement muscle, California Attorney General Rob Bonta (“AG”) recently announced a $1.2 million settlement with beauty retailer Sephora, Inc. (“Sephora”) under the landmark California Consumer Privacy...more
With football season in full swing, fans and fantasy football owners alike are busy watching games and tossing around acronyms like passes – Xs and Os, TDs, PATs, PPR, YACs, and many more. And on the legal gridiron, insurers...more
As baseball heads to the All-Star break and the rest of the season, fans are meticulously keeping score and tracking statistics such as RBI, HR’s and K’s. Some follow advanced analytics, like WAR, OPS+ and others. And on the...more
Business email compromises (BECs) remain big business. According to a recent FBI report, “[i]n 2021, BEC schemes resulted in 19,954 complaints with an adjusted loss of nearly $2.4 billion.” This is an increase from just over...more
Despite the much-anticipated impact of TransUnion LLC v. Ramirez (“Ramirez”), the Supreme Court decision has not prevented data breach and privacy class actions from proceeding past the pleading stage in federal courts across...more
Every organization with an online presence needs to continuously think about its cybersecurity. The number of cyberattacks spiked significantly during the COVID-19 pandemic with an estimated global loss of nearly $1 trillion....more
Business email compromise threats trick unsuspecting targets into sending money to the perpetrators, often through use of fraudulent wire or ACH transfer instructions. Entities should take steps to protect themselves from...more
The Supreme Court’s June 2021 decision in TransUnion LLC v. Ramirez led many to believe that data breach plaintiffs were going to have a difficult time establishing standing. After all, the Court suggested that exposure to...more
Instead of identifying traditionally “tangible” injuries, data breach plaintiffs typically point to the fact that they may be the victim of identity theft at some point in the future. Prior to late April 2021, the federal...more
Ransomware is dominating headlines and creating unimaginable headaches. Ransomware has been deployed against every industry sector, and against municipalities and other government agencies. The resulting disruptions and...more
Who has standing to bring claims for alleged statutory violations of privacy and cybersecurity statutes? There is no easy answer to this question. In Spokeo, Inc. v. Robins, the Supreme Court explained that just because a...more
Starting January 1, 2020, California consumers are allowed to make requests for disclosure of certain information under the California Consumer Privacy Act of 2018 (“CCPA”). This article spotlights several practical issues...more
Under the California Consumer Privacy Act (CCPA), covered businesses must comply with myriad requirements starting January 1, 2020. Within those requirements, covered businesses must be prepared to deal with the “look back”...more
The effective date for the California Consumer Privacy Act (CCPA) is January 1, 2020. With fewer than 60 days remaining, covered businesses must be ramping up to meet the requirements of the CCPA. The CCPA affords several...more
On 24 September 2019, the European Union’s top court issued a landmark ruling declaring that Google does not have to extend the “right to be forgotten” rules to its search engines globally.1 This decision provides important...more
Beginning on January 1, 2020, the California Consumer Privacy Act of 2018 (CCPA) will impose new privacy obligations on certain businesses that collect personal information of California consumers. Employers with employees in...more
Under the California Consumer Privacy Act (CCPA), covered businesses must comply with myriad requirements starting January 1, 2020. Within those requirements, covered business must be prepared to deal with the “look back”...more
You can’t hear it often enough: the California Consumer Privacy Act of 2018 (CCPA)—Cal. Civ. Code § 1798.100 et seq.—comes into effect on January 1, 2020 with enforcement by the Attorney General beginning on July 1, 2020 (6...more
Beginning on January 1, 2020, the California Consumer Privacy Act of 2018 (“CCPA”) will impose new privacy obligations on certain businesses that collect personal information of California consumers. Employers with employees...more
Fraudsters deploy different computer-related techniques but toward the same end – “gaming the system” for their own financial gain. Some victims turn to insurance for recovery. Four recent federal appellate decisions reveal...more
Locke Lord’s Insurance & Reinsurance Newsletter provides topical snapshots of recent developments in the fast-changing world of insurance. For further information on any of the subjects covered in the newsletter, please...more
Fraudsters deploy different computer-related techniques but toward the same end – “gaming the system” for their own financial gain. Some victims turn to insurance for recovery. Four recent federal appellate decisions reveal...more
The New York Department of Financial Services (NYDFS) blazed a cybersecurity trail with its 2017 regulation for the protection of information collected and processed in, and systems used in the operation of, the financial...more