Latest Posts › Data Protection

Share:

CFPB Publishes Report on State Privacy Law Exceptions for Financial Information

On November 12, the Consumer Financial Protection Bureau (CFPB) released a new report titled, “State Consumer Privacy Laws and the Monetization of Consumer Financial Data.” The report provides an overview of the state...more

SEC Cybersecurity Incidents Disclosures: Materiality, Decryptors, and Ransom Payments - Dear Mary – Incidents + Investigations...

I work for a public company that recently experienced a ransomware attack. Fortunately, we were able to restore our business operations quickly by obtaining a decryption key from the threat actor. Given that we managed to get...more

Notifying Law Enforcement of Security Incidents - Dear Mary – Incidents + Investigations Cybersecurity Advice Column

“Dear Mary” is Troutman Pepper’s Incidents + Investigations team’s advice column. Here, you will find Mary’s answers to questions about anything and everything cyber-related — data breaches, forensic investigations, how to...more

Ensuring Proper Legal Involvement in the Incident Response Process - Dear Mary – Incidents + Investigations Cybersecurity Advice...

“Dear Mary” is Troutman Pepper’s Incidents + Investigations team’s advice column. Here, you will find Mary’s answers to questions about anything and everything cyber-related — data breaches, forensic investigations, how to...more

Restrictions on Paying a Ransom Demand - Dear Mary – Incidents + Investigations Cybersecurity Advice Column

“Dear Mary” is Troutman Pepper’s Incidents + Investigations team’s advice column. Here, you will find Mary’s answers to questions about anything and everything cyber-related — data breaches, forensic investigations, how to...more

Understanding Access vs. Acquisition - Dear Mary – Incidents + Investigations Cybersecurity Advice Column

Each of the 50 states has its own definition of what constitutes a reportable data breach. For some, it requires “unauthorized access” to personal information. For others, it requires “unauthorized acquisition.” And then,...more

Understanding Breach Notification Obligations Under California Law: What Does the CCPA Require? - Dear Mary – Incidents +...

‘Dear Mary,’ is Troutman Pepper’s Incidents + Investigations team’s advice column. Here, you will find Mary’s answers to questions about anything and everything cyber-related – data breaches, forensic investigations, how to...more

Preserving Forensic Artifacts Following Incident Detection - Dear Mary – Incidents + Investigations Cybersecurity Advice Column

‘Dear Mary,’ is Troutman Pepper’s Incidents + Investigations team’s advice column. Here, you will find Mary’s answers to questions about anything and everything cyber-related – data breaches, forensic investigations, how to...more

Can Vendors Notify Affected Individuals on Behalf of Businesses After a Data Breach? - Dear Mary – Incidents + Investigations...

‘Dear Mary,’ is Troutman Pepper’s Incidents + Investigations team’s advice column. Here, you will find Mary’s answers to questions about anything and everything cyber-related – data breaches, forensic investigations, how to...more

How to Respond When Your Service Provider Suffers a Cyberattack - Dear Mary – Incidents + Investigations Cybersecurity Advice...

‘Dear Mary,’ is Troutman Pepper’s Incidents + Investigations team’s advice column. Here, you will find Mary’s answers to questions about anything and everything cyber-related – data breaches, forensic investigations, how to...more

Understanding Regulatory Response Times Following a Cybersecurity Incident - Dear Mary – Incidents + Investigations Cybersecurity...

‘Dear Mary,’ is Troutman Pepper’s Incidents + Investigations team’s advice column. Here, you will find Mary’s answers to questions about anything and everything cyber-related – data breaches, forensic investigations, how to...more

Does Every Incident Require a Forensic Report? - Dear Mary – Incidents + Investigations Cybersecurity Advice Column

‘Dear Mary,’ is Troutman Pepper’s Incidents + Investigations team’s advice column. Here, you will find Mary’s answers to questions about anything and everything cyber-related – data breaches, forensic investigations, how to...more

Should Companies Conduct Their Own Forensic Investigations? - Dear Mary – Incidents + Investigations Cybersecurity Advice Column

‘Dear Mary,’ is Troutman Pepper’s Incidents + Investigations team’s advice column. Here, you will find Mary’s answers to questions about anything and everything cyber-related – data breaches, forensic investigations, how to...more

Comprehensive Data Privacy Legislation Unveiled in Congress

On April 7, House Energy & Commerce Committee Chair Cathy McMorris Rodgers (R-WA) and Senate Commerce Committee Chair Maria Cantwell (D-WA) announced a bipartisan, bicameral draft of comprehensive data privacy legislation,...more

More Privacy, Please – February 2024

Editor’s Note: In recent regulatory and enforcement developments, the White House announced a new executive order aimed at strengthening cybersecurity at U.S. ports, and another executive order was issued to protect sensitive...more

More Privacy, Please – January 2024

NIST Publishes Report on the Cybersecurity of Genomic Data. On December 20, 2023, the NIST National Cybersecurity Center of Excellence (NCCoE) published Final NIST IR 8432, Cybersecurity of Genomic Data. Informed by direction...more

More Privacy, Please – November/December 2023

In recent regulatory and enforcement developments, the California Privacy Protection Agency (CPPA) proposed a regulatory framework for automated decision-making technology (ADMT) and revisions to the California Consumer...more

The Garden State Joins the Privacy Party

On January 16, New Jersey Governor Phil Murphy signed S332 (the act), making New Jersey the first state in 2024 to enact a comprehensive privacy law. Several other states are currently considering similar comprehensive...more

More Privacy, Please - September/October 2023

Editor’s Note: The FTC continues to crack down on privacy and cybersecurity, including issuing a new warning to tax preparation companies and entering into a consent decree with 1Health.io. VPPA and BIPA litigation continues...more

California Takes an Aggressive Approach to Regulating Data Brokers

The Delete Act (SB 362), signed into law by California Gov. Gavin Newsom on October 10, imposes additional disclosure and registration requirements on data brokers. It requires data brokers to support deletion requests...more

More Privacy, Please - August/September 2023

Editor’s Note: As the summer months come to an end, there has been no shortage of privacy news and updates. Oregon signed both a comprehensive privacy law and data broker law, and the SEC adopted new rules regarding the...more

CPRA Shuffle: Two Steps Forward, One Step Back: Court Temporarily Halts CPRA Regulation Enforcement as CPRA Enforcements Begins

CPRA Regulations Delayed. On June 29, 2023, two days before enforcement of the California Consumer Privacy Act (CCPA) was to begin, a Sacramento Superior Court issued a temporary injunction, enjoining enforcement of newly...more

More Privacy, Please – June 2023

Editor’s Note: Montana became the latest state to pass a comprehensive privacy bill, joining California, Virginia, Colorado, Connecticut, Utah, and Tennessee. Florida, too, passed a privacy bill, but with a much narrower...more

More Privacy, Please - May 2023

Editor’s Note: Indiana became the latest state to enact a comprehensive privacy law, with Montana and Tennessee close behind. Washington passed sweeping legislation — the My Health My Data Act — which included a private right...more

51 Results
 / 
View per page
Page: of 3

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide