Latest Posts › Cybersecurity

Share:

New SEC Proposed Cyber Rules Signal Concern About Systemic Risk

After many years of signaling potential expansion of cybersecurity rules, the Securities and Exchange Commission (SEC) has issued in the past month two new sets of proposed rules governing cybersecurity.  The more recent set...more

SEC Proposes New Disclosure Rules for Cyber Incidents

On March 9, 2022, the SEC proposed a new rule to enhance and standardize disclosures regarding cybersecurity incidents, risk management, strategy, and governance. If approved, public companies subject to the reporting...more

Utah Legislature Passes Consumer Privacy Law

Following the lead of California, Colorado, and Virginia, Utah is set to become the fourth state to pass a comprehensive privacy law. As of March 4, the Utah Consumer Privacy Act (SB 227) cleared both houses of the Utah...more

Predictions for Privacy & Data Security in 2022

2021 proved to be a momentous year for privacy and data security law. The scourge of ransomware continued last year, leading to record-setting ransomware payments, a muscular response from the federal government, a hardening...more

Federal Financial Regulators Tighten Timelines for Reporting Ransomware Attacks

As anticipated, the Department of the Treasury’s Office of the Comptroller of the Currency (“OCC”), the Board of Governors of the Federal Reserve System (“Federal Reserve”), and the Federal Deposit Insurance Corporation...more

FTC Strengthens GLBA Financial Safeguards and Privacy Rules

On October 27, the Federal Trade Commission (FTC) announced a final rule (Final Rule) and supplemental notice of proposed rulemaking (NPRM) to amend the Safeguards Rule promulgated under the Gramm-Leach-Bliley Act (GLBA),...more

California Passes Suite of New Privacy Laws

California continues to be at the vanguard of privacy protection.  On October 11, 2021 California’s Governor Newsom signed several bills addressing privacy and data security. These new laws go into effect January 1, 2022 and...more

FTC Guidance Affirms Breach Notification Obligations for Health Apps and Connected Devices

On September 15, 2021, the Federal Trade Commission (“FTC”) issued a policy statement affirming the applicability of its Health Breach Notification Rule (the “Rule”), 16 CFR Part 318, to health apps and connected devices that...more

Federal Court Holds that Cloud Service Provider is Subject to CMIA

On August 12, 2021, the United States District Court for the District of South Carolina issued an opinion denying in part and granting in part a motion by Blackbaud to dismiss seven statutory claims brought by plaintiffs in a...more

California Enforcement Updates and Privacy Tools Highlight Regulatory Scrutiny of Right to Opt Out

With a little over a year of enforcing the California Consumer Privacy Act (CCPA) under its belt, the Office of the California Attorney General (OAG) recently held a press conference to announce updates on its CCPA...more

Another Federal Court Orders Production of Data Breach Forensic Report

Following in the footsteps of the Eastern District of Virginia’s Capital One decision last year and the District of D.C.’s Clark Hill decision earlier this year, the Eastern District of Pennsylvania has just ordered the...more

Managing Compliance with the Growing Patchwork of State Privacy Laws

Over the past four years, U.S. companies have been forced to expand their compliance programs to comply with an expanding array of international and U.S. state privacy laws. The wave of privacy laws began in May 2018, when...more

Second Circuit ruling clarifies when data breach plaintiffs have adequately pleaded Article III standing

In a thoughtful opinion that diverges from how other circuit courts have addressed the issue, the Second Circuit recently issued a ruling clarifying the circumstances when data breach plaintiffs can rely on fear of identity...more

Second Circuit Ruling Clarifies When Data Breach Plaintiffs Have Adequately Plead Article III Standing

In a thoughtful opinion that diverges from how other circuit courts have addressed the issue, the Second Circuit recently issued a ruling clarifying the circumstances when data breach plaintiffs can rely on fear of identity...more

A Comparison Of The Virginia, Washington, And Florida Proposed Privacy Bills

After a pandemic-related hiatus in 2020, a number of U.S. states have proposed new data privacy laws in 2021 – and several are very close to passage. Virginia’s proposed data privacy law appears to be the closest and is...more

11th Circuit Finds No Standing Based on Fear of Future Identity Theft

In an opinion that deepens an existing circuit court split, the Eleventh Circuit recently held that the future risk of identity theft is not sufficient to establish Article III standing....more

Federal Court Dismisses CCPA Claim Against Marriot International, Inc. For Lack of Standing

On January 12, 2021, the federal District Court for the Central District of California dismissed a data breach law suit—including a claim filed under the California Consumer Privacy Act (“CCPA”)—against Marriott...more

Federal Court System—And Possibly Sealed Filings—Breached in Connection With SolarWinds Hack

The Administrative Office of the U.S. Courts (the “AO”) recently disclosed that it has initiated an investigation into an apparent compromise in security of the Judiciary’s Case Management/Electronic Case Files System...more

Federal Agencies Consider Requiring Reporting of Computer Security Incidents

On December 18, 2020, the Office of the Comptroller of the Current (OCC), Federal Reserve Board (FRB), and Federal Deposit Insurance Corporation (FDIC) announced an interagency notice of proposed rulemaking that would require...more

Federal Agencies Consider Requiring Reporting Of Computer Security Incident

On December 18, 2020, the Office of the Comptroller of the Current (OCC), Federal Reserve Board (FRB), and Federal Deposit Insurance Corporation (FDIC) announced an interagency notice of proposed rulemaking that would require...more

California Attorney General Shows No Sign of Slowing CCPA Rulemaking with Fourth Set of Proposed Modifications

The California Attorney General’s Office recently released a fourth set of proposed regulatory modifications to the California Consumer Privacy Act (the “CCPA”)....more

California Voters Approve CPRA

On November 4, 2020, California voters approved of the ballot initiative Proposition 24, more commonly known as the California Privacy Rights Act (the “CPRA”).  The CPRA goes into effect on January 1, 2023, and will expand...more

California Department of Justice Proposes Third Set of Amendments to CCPA Regulations

The Regulations to the California Consumer Privacy Act (CCPA) continue to evolve, in confusing fashion. As background, the AG’s Office had previously issued proposed Regulations to the CCPA in October 2019. The AG’s Office...more

FinCEN and OFAC Advisories Aim to Increase Cybersecurity Awareness and Thwart Ransomware Attacks in the Financial Sector

October is National Cybersecurity Awareness Month, and the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (“FinCEN”) and Office of Foreign Assets Control (“OFAC”) kicked off the month by issuing two...more

Washington’s Latest Effort at Passing a Comprehensive Privacy Act

On September 9, 2020, Washington Senator Reuven Carlyle, D-Seattle, announced via Twitter that the third version of the draft Washington Privacy Act 2021 (“WPA”) was available for public review and comment. The recently...more

117 Results
 / 
View per page
Page: of 5

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide