In this month's edition of our Privacy & Cybersecurity Update, we examine the California attorney general's draft regulations on the California Consumer Privacy Act, the CJEU's clarified rulings on the use of cookies, the...more
11/4/2019
/ California Consumer Privacy Act (CCPA) ,
Cookies ,
Court of Justice of the European Union (CJEU) ,
Crime Insurance Policies ,
Cybersecurity ,
Data Protection ,
Draft Guidance ,
e-Privacy Directive ,
Email ,
Fantasy Sports ,
Food and Drug Administration (FDA) ,
Health Technology ,
Healthcare ,
Medical Devices ,
Medical Software ,
New Amendments ,
Non-Discrimination Rules ,
Notice Requirements ,
Personal Data ,
Popular ,
Regulatory Agenda ,
Regulatory Requirements ,
Right to Delete ,
Spoofing ,
State and Local Government ,
Verification Requirements ,
Vulnerability Assessments
This issue of Skadden’s semiannual Cross-Border Investigations Update takes a close look at recent cases, regulatory activity and other key developments, including a review of the first year of GDPR enforcement, analysis of...more
10/3/2019
/ Anti-Money Laundering ,
Appeals ,
Blocking Statutes ,
Bribery ,
CFTC ,
China ,
CLOUD Act ,
Communication Restrictions ,
Compliance ,
Conspiracies ,
Cooperation Agreement ,
Crime (Overseas Production Orders) Act 2019 (the COPO Act) ,
Criminal Prosecution ,
Cross-Border Transactions ,
Cryptocurrency ,
Cybersecurity ,
Deferred Prosecution Agreements ,
Denial of Certiorari ,
Department of Justice (DOJ) ,
Deutsche Bank ,
Disclosure ,
Dodd-Frank ,
Economic Sanctions ,
Enforcement Actions ,
EU ,
EURIBOR ,
Exports ,
Extradition ,
Extraterritoriality Rules ,
Financial Conduct Authority (FCA) ,
Financial Records ,
Foreign Corrupt Practices Act (FCPA) ,
Foreign Exchanges ,
France ,
Fraud ,
General Data Protection Regulation (GDPR) ,
Government Investigations ,
Hackers ,
Hungary ,
Imports ,
India ,
Indictments ,
Information Sharing ,
Iran Sanctions ,
Israel ,
Lithuania ,
Money Laundering ,
Morrison v National Australia Bank ,
Multinationals ,
Office of Foreign Assets Control (OFAC) ,
Opioid ,
Pharmaceutical Industry ,
Popular ,
Rate-Rigging ,
SCOTUS ,
Securities and Exchange Commission (SEC) ,
Serious Fraud Office (SFO) ,
Spoofing ,
Subpoenas ,
Swiss Supreme Court ,
Switzerland ,
Tax Crimes ,
Tax Evasion ,
Tax Treaty ,
Turkey ,
UK ,
United States ,
Venezuela ,
Wal-Mart
In this month's edition of our Privacy & Cybersecurity Update, we examine five amendments to the California Consumer Privacy Act, the EU Court of Justice's rulings on the "Right to Be Forgotten" and what qualifies as a joint...more
10/2/2019
/ Amended Rules ,
California Consumer Privacy Act (CCPA) ,
Class Action ,
Court of Justice of the European Union (CJEU) ,
Cybersecurity ,
Data Controller ,
Discovery Disputes ,
EU ,
Facial Recognition Technology ,
Marriott ,
Personal Data ,
Personally Identifiable Information ,
Phishing Scams ,
Popular ,
Privacy Laws ,
Right to Be Forgotten ,
UK ,
United States
In this month's edition of our Privacy & Cybersecurity Update, we examine the European Parliament's report on whether and how the use of blockchain technology can comply with the General Data Protection Regulation, as well as...more
9/5/2019
/ Blockchain ,
Consumer Protection Laws ,
Cyber Policies ,
Cybersecurity ,
Data Protection ,
Data Security ,
EU ,
European Parliament ,
False Claims Act (FCA) ,
Federal Contractors ,
General Data Protection Regulation (GDPR) ,
Insurance Industry ,
Misrepresentation ,
NAIC ,
Personally Identifiable Information ,
Popular ,
Privacy Laws ,
Risk Assessment ,
Security Risk Assessments ,
Settlement ,
State Data Breach Notification Statutes ,
State Insurance Administrations ,
Whistleblower Awards ,
Whistleblowers
In this month's edition of our Privacy & Cybersecurity Update, we examine New York's new laws expanding consumer protection for data breaches, the D.C. Circuit's two rulings deepening the split regarding standing in data...more
8/2/2019
/ Article III ,
Biometric Information ,
Consumer Protection Laws ,
Cookies ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Debit and Credit Card Transactions ,
Equifax ,
Fair Credit Reporting Act (FCRA) ,
General Data Protection Regulation (GDPR) ,
Hackers ,
Identity Theft ,
Injury-in-Fact ,
Malware ,
New Legislation ,
Personally Identifiable Information ,
Popular ,
Search Results ,
Settlement ,
Spokeo v Robins ,
Standing ,
State and Local Government ,
State Data Breach Notification Statutes ,
UK
In this month's edition of our Privacy & Cybersecurity Update, we examine expanded data breach notification laws in New Jersey and Washington state, as well as the SEC's risk alert regarding cloud-based storage solutions. We...more
6/3/2019
/ Amended Rules ,
Annual Reports ,
Cloud Storage ,
Cybersecurity ,
Data Breach ,
Data Protection Authority ,
Data Security ,
Federal Trade Commission (FTC) ,
Finland ,
General Data Protection Regulation (GDPR) ,
Personally Identifiable Information ,
Popular ,
Privacy Laws ,
Risk Alert ,
Securities and Exchange Commission (SEC) ,
State Data Breach Notification Statutes ,
UK
In this month's Privacy & Cybersecurity Update, we examine several recent U.K.-related cybersecurity developments and the SEC's risk alert reminding investment advisers and broker-dealers to follow through on implementing...more
5/1/2019
/ Broker-Dealer ,
Canada ,
Commercial General Liability Policies ,
Cyber Insurance ,
Cyber Policies ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data-Sharing ,
Denial of Insurance Coverage ,
Designated Contract Markets (DCMs) ,
ENISA ,
Equifax ,
EU ,
Fines ,
General Data Protection Regulation (GDPR) ,
Government Investigations ,
Hackers ,
Investment Adviser ,
NCSC ,
OCIE ,
PIPEDA ,
Popular ,
Privacy Comissioners ,
Privacy Laws ,
Privacy Policy ,
Putative Class Actions ,
Regulation S-P ,
Risk Alert ,
Securities and Exchange Commission (SEC) ,
Surveys ,
TCPA ,
UK ,
UK Data Protection Act ,
UK ICO ,
Unsolicited Faxes
In this month's edition of our Privacy & Cybersecurity Update, we examine new cybersecurity legislation in California and Massachusetts, the British government's updates to its cybersecurity laws in anticipation of Brexit and...more
4/2/2019
/ California Consumer Privacy Act (CCPA) ,
Class Action ,
Class Certification ,
Credit Reporting Agencies ,
Credit Reports ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Federal Trade Commission (FTC) ,
Gramm-Leach-Blilely Act ,
Popular ,
Privacy Laws ,
Public Comment ,
State Data Breach Notification Statutes ,
Thailand ,
UK ,
UK Brexit
In this month's edition, we examine a judge's ruling allowing an investor suit against Equifax, the dismissal of a class action against the insurer CareFirst and President Donald Trump's launch of a federal artificial...more
3/4/2019
/ Artificial Intelligence ,
Class Action ,
Cybersecurity ,
Data Breach ,
Department of Financial Services ,
Dismissals ,
Equifax ,
Facebook ,
Federal Cartel Offices ,
Federal Data Privacy ,
GAO ,
Germany ,
Investors ,
NAIC ,
NYDFS ,
Popular ,
Privacy Laws ,
Proposed Legislation ,
Trump Administration ,
User-Generated Content
In this month's edition of our Privacy & Cybersecurity Update, we examine the European Commission's second annual review of the Privacy Shield and the Department of Commerce's guidance on how to comply with the Privacy Shield...more
1/4/2019
/ Artificial Intelligence ,
Banking Sector ,
Cybersecurity ,
Data Protection ,
Data Protection Commissioner ,
Ethics ,
EU ,
EU-US Privacy Shield ,
European Central Bank ,
European Commission ,
Federal Trade Commission (FTC) ,
Financial Institutions ,
General Data Protection Regulation (GDPR) ,
Human Rights ,
Identity Theft ,
Payment Systems ,
Popular ,
Privacy Policy ,
Proposed Amendments ,
Public Comment ,
Security Risk Assessments ,
U.S. Commerce Department ,
UK Brexit
In this month's edition of our Privacy & Cybersecurity Update, we examine a declaration on ethical considerations for artificial intelligence, the annual joint review of the Privacy Shield, a new lawsuit from a snack food...more
12/5/2018
/ Administrative Review ,
Artificial Intelligence ,
Banks ,
Cyber Attacks ,
Cyber Lexicon ,
Cybersecurity ,
Data Protection ,
Data Protection Officers (DPOs) ,
Denial of Insurance Coverage ,
EDPS ,
Ethics ,
EU ,
EU-US Privacy Shield ,
European Economic Area (EEA) ,
Financial Institutions ,
Financial Stability Board ,
FSB ,
General Data Protection Regulation (GDPR) ,
Human Rights ,
Insurance Litigation ,
Malware ,
Personal Data ,
Policy Exclusions ,
Popular ,
Privacy Concerns ,
Privacy Laws ,
Property Insurance ,
Ransomware ,
Secretary of Commerce
In this month's Privacy & Cybersecurity Update, we examine recent trends and court decisions, including a new law in Ohio that provides a safe harbor from tort-based data breach claims if the company adopts certain security...more
10/2/2018
/ Affirmative Defenses ,
Amended Rules ,
California Consumer Privacy Act (CCPA) ,
Class Action ,
Computer Fraud Insurance ,
Cybersecurity ,
Data Breach ,
Data Security ,
General Data Protection Regulation (GDPR) ,
Internet of Things ,
Personal Data ,
Popular ,
Privacy Policy ,
Private Right of Action ,
Social Engineering ,
State Attorneys General ,
State Legislatures ,
UK ,
UK ICO
In this month's edition of our Privacy & Cybersecurity Update, we examine Brazil's new data protection regulation, the French data protection authority's warning to two companies of potential GDPR violations and the U.S....more
9/7/2018
/ Appeals ,
Brazil ,
Breach Notification Rule ,
CNIL ,
Computer Fraud Insurance ,
Consent ,
Critical Infrastructure Sectors ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Protection Acts ,
Data Protection Authority ,
Data Protection Officers (DPOs) ,
Data Retention ,
Denial of Insurance Coverage ,
Department of Homeland Security (DHS) ,
Email ,
Enforcement Actions ,
EU ,
European Commission ,
European Economic Area (EEA) ,
Extraterritoriality Rules ,
France ,
Fraudulent Transfers ,
General Data Protection Regulation (GDPR) ,
Geological Data ,
International Data Transfers ,
Japan ,
Japan-EU Economic Partnership Agreement (EPA) ,
NCCIC ,
Personal Data ,
Policy Terms ,
Popular ,
Public Private Partnerships (P3s) ,
Reciprocity Rules ,
Reversal ,
Scams ,
Social Engineering ,
Spoofing ,
Standard Contractual Clauses ,
Warning Letters ,
Wire Fraud
This issue of Skadden’s semiannual Cross-Border Investigations Update takes a close look at recent cases, regulatory activity and other key developments, including the use of legal holds in cross-border investigations,...more
8/29/2018
/ China ,
Civil Monetary Penalty ,
Cooperation ,
Criminal Investigations ,
Cross-Border Transactions ,
Cryptocurrency ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Department of Justice (DOJ) ,
Enforcement Actions ,
EU ,
Fee Reductions ,
General Data Protection Regulation (GDPR) ,
Initial Coin Offering (ICOs) ,
Personal Liability ,
Popular ,
Privileged Communication ,
Serious Fraud Office (SFO) ,
Settlement ,
Trump Administration ,
UK
In this month's edition of our Privacy & Cybersecurity Update, we examine new privacy laws in Germany, an FTC settlement with an alleged consumer loan company over unfair and deceptive practices, the dismissal of a data...more
8/2/2017
/ Children's Toys ,
Civil Monetary Penalty ,
Consumer Financial Products ,
Cyber Insurance ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Protection ,
Dismissals ,
EU ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Germany ,
Incident Response Plans ,
Lenders ,
Member State ,
Popular ,
Privacy Laws ,
Risk Mitigation ,
Settlement ,
Standing ,
Unfair or Deceptive Trade Practices
Cybersecurity has in recent years become an integral component of a board’s role in risk oversight, but directors often find themselves in unfamiliar territory when it comes to formulating policies and oversight processes...more
4/14/2017
/ Board of Directors ,
China ,
Compliance ,
Customer Information ,
Cyber Insurance ,
Cybersecurity ,
Data Security ,
Disclosure Requirements ,
NYDFS ,
Oversight Committee ,
Popular ,
Ransomware ,
Risk Assessment ,
Risk Management ,
Securities and Exchange Commission (SEC) ,
State and Local Government
In this edition of our Privacy & Cybersecurity Update, we discuss how the prospect of a new chair and three new commissioners at the FTC may impact the agency's approach to cybersecurity regulation, a new Massachusetts...more
2/4/2017
/ Administrative Appointments ,
Breach Notification Rule ,
Cyber Insurance ,
Cybersecurity ,
Cybersecurity Framework ,
Data Breach ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Internet of Things ,
NIST ,
OCR ,
Popular ,
Privacy Policy ,
Public Disclosure ,
Software ,
Swiss Privacy Shield ,
Trump Administration
In this edition of our Privacy & Cybersecurity Update, we take a look at the FCC's new rules for broadband privacy, the FTC's new playbook for data breach response and notification, the NHTSA's voluntary guidance for...more
11/2/2016
/ Actual Injuries ,
Automotive Industry ,
Breach Notification Rule ,
Broadband ,
Cloud Computing ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Breach Plans ,
Driverless Cars ,
EU ,
FCC ,
Federal Bank Regulatory Agencies ,
Federal Trade Commission (FTC) ,
Financial Institutions ,
FTC Guidelines ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Incident Response Plans ,
IP Addresses ,
National Broadband Plan ,
NHTSA ,
Popular ,
Privacy Laws ,
Risk Assessment ,
Risk Mitigation
In this edition of our Privacy & Cybersecurity Update, we examine the Sixth Circuit's decision to allow injury-in-fact to be established by alleging a "substantial risk of harm" in a data breach case, New York state's...more
10/3/2016
/ Article III ,
CFTC ,
Class Action ,
Commodities ,
Corporate Counsel ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Protection Authority ,
EU ,
EU-US Privacy Shield ,
Federal Trade Commission (FTC) ,
Financial Institutions ,
Financial Markets ,
Germany ,
International Data Transfers ,
NIST ,
NYDFS ,
Personal Data ,
Popular ,
Standing ,
UK ,
Young Lawyers
New York state has proposed a new regulation — to go into effect January 1, 2017 — that would require banks, insurance companies and other financial services institutions regulated by the New York State Department of...more
9/15/2016
/ Banks ,
Chief Information Security Officer (CISO) ,
Comment Period ,
Covered Entities ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Protection ,
Data Retention ,
Financial Institutions ,
Gramm-Leach-Blilely Act ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Insurance Industry ,
NYDFS ,
Popular ,
Proposed Regulation ,
Risk Assessment ,
Risk Management
In this edition of our Privacy & Cybersecurity Update, we discuss what companies need to know in the wake of the EU Court of Justice's rejection of the U.S.-EU Safe Harbor framework and take a look at the following important...more
11/3/2015
/ Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Protection ,
Data Protection Authority ,
ECPA ,
EU Data Protection Laws ,
International Data Transfers ,
Mobile Apps ,
New Legislation ,
Personal Data ,
Popular ,
Privacy Policy ,
Safe Harbors ,
Schrems I & Schrems II ,
US-EU Safe Harbor Framework ,
VPPA
In This Issue:
- DOJ Issues Cyber Preparation and Response Guidance
- RadioShack’s Plan to Auction Customer Data Highlights Issues Over Treatment of Such Data as an Asset
- Google v. Vidal-Hall and...more
5/3/2015
/ Commercial Bankruptcy ,
Customer Lists ,
Cyber Attacks ,
Cyber Insurance ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Department of Justice (DOJ) ,
FCC ,
Financial Services Authority ,
Google ,
Hulu ,
Information Sharing ,
NAIC ,
Popular ,
RadioShack ,
Third-Party ,
Video Privacy Protection Act
In This Issue
- White House Releases Proposed Privacy Legislation
- Lessons from the Anthem Data Breach
- SEC and FINRA Release Results of Industrywide Cybersecurity Examination Sweeps
- COSO Releases Report on...more
3/2/2015
/ Anthem Blue Cross ,
Automotive Industry ,
Big Data ,
COSO ,
Cybersecurity ,
Data Breach ,
Financial Industry Regulatory Authority (FINRA) ,
Information Sharing ,
Insurance Industry ,
Obama Administration ,
Popular ,
Securities and Exchange Commission (SEC)
In This Issue:
- Summary of President’s Recent Proposals for Cybersecurity Legislation
- New York Attorney General Proposes New Approaches to Data Security
- Delaware Data Destruction Law Takes...more
This past year has been called the "year of the massive data breach," with many high-profile attacks on well-known companies. Skadden partners Cyrus Amir-Mokri, Patrick Fitzgerald, Marc S. Gerber, Stuart D. Levi and Timothy...more
1/27/2015
/ Best Practices ,
Corporate Counsel ,
Cyber Insurance ,
Cybersecurity ,
Data Breach ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Popular ,
Retailers ,
Risk Assessment ,
Risk Management ,
Senate Banking Committee ,
Target