The Intelligence Authorization Act for Fiscal Year 2025 (S.4443) is a bold legislative step in addressing ransomware as a critical threat. The act’s provisions, from elevating ransomware to a national intelligence priority to...more
In Part I, we discussed the European Commission’s (“Commission”) disapproval of Meta’s “pay or consent” subscription model. In Part II, we delve into the European Commission’s findings, prior findings by the European Data...more
7/29/2024
/ Consent ,
Corporate Counsel ,
Data Privacy ,
Data Protection ,
Data Security ,
EU ,
European Commission ,
European Data Protection Board (EDPB) ,
European Economic Area (EEA) ,
Investigations ,
Personal Data ,
Popular ,
Privacy Laws
In November of 2023, Meta launched a service in the European Union that allowed users to utilize the Facebook and Instagram platforms “ad free” for a monthly fee. The subscription service was meant to address regulatory...more
7/24/2024
/ Consent ,
Data Collection ,
Data Privacy ,
Digital Markets Strategy ,
EU ,
European Commission ,
Facebook ,
Federal Trade Commission (FTC) ,
Instagram ,
Metaverse ,
Privacy Laws ,
Regulatory Agenda ,
Social Media ,
Subscription Services ,
Web Tracking
As discussed in our previous blog post, the Cybersecurity and Infrastructure Security Agency (CISA) is proposing a significant new rule to bolster the nation’s cyber defenses through mandatory incident reporting. While...more
7/22/2024
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Incident Reporting ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Security ,
Healthcare ,
Hospitals ,
Manufacturers ,
NAM ,
Proposed Rules ,
Reporting Requirements
A significant shift in cybersecurity compliance is on the horizon, and businesses need to prepare. Starting in 2024, organizations will face new requirements to report cybersecurity incidents and ransomware payments to the...more
6/3/2024
/ Covered Entities ,
Critical Infrastructure Sectors ,
Cyber Incident Reporting ,
Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Department of Homeland Security (DHS) ,
Enforcement Actions ,
New Rules ,
NPRM ,
Popular ,
Ransomware ,
Reporting Requirements ,
Risk Management
A previous installment discussed the centrality of network topology to an organization’s data security and outlined the legal framework and obligations incumbent upon many organizations in the U.S. The first installment can...more
Data security is a top concern for organizations in today’s digital landscape. It protects data from unauthorized access, use, modification, or disclosure, and requires implementing technical, administrative, and physical...more
11/30/2023
/ Compliance ,
Cyber Attacks ,
Cyber Incident Reporting ,
Cyber Threats ,
Cybersecurity ,
Data Mapping ,
Data Protection ,
Data Security ,
Enforcement ,
Incident Response Plans ,
Network Security ,
Popular ,
Risk Management
The proliferation of AI-derived and processed data in the era of big data is occurring against a complex backdrop of legal frameworks governing ownership of and responsibilities with regard to that data. In a previous...more
The emergence of big data, artificial intelligence (AI), and the Internet of Things (IoT) has fundamentally transformed our understanding and utilization of data. While the value of big data is beyond dispute, its management...more
The Office of Foreign Assets Control’s (OFAC) settlements in the second half of 2023 serve as cautionary tales for organizations navigating the complex landscape of international sanctions. These cases offer valuable insights...more
In a coordinated effort to counter Russia's aggression against Ukraine, the Export Enforcement Five (E5) — comprising Australia, Canada, New Zealand, the United Kingdom, and the United States — have released unprecedented...more
On Sept. 14, 2023, the U.S. government designated five Turkish companies for breaching U.S. sanctions against Russia. The designations should not have been a surprise, as Washington had been warning the Turkish government and...more
Machine learning (ML) models are a cornerstone of modern technology, allowing models to learn from and make predictions based on vast amounts of data. These models have become integral to various industries in an era of rapid...more
8/17/2023
/ Artificial Intelligence ,
California ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Cyber Attacks ,
Cybersecurity ,
Data Privacy ,
Machine Learning ,
Popular ,
Risk Factors ,
State Privacy Laws ,
Technology Sector
There is a great YouTube video that has been circulating the internet for half a decade that reimagines a heuristically programmed algorithmic computer “HAL-9000” as Amazon Alexa in an iconic scene from “2001: A Space...more
In an age where digital connectivity is rapidly advancing, cybersecurity has become an inescapable concern for organizations across industries. With cyber threats ranging from data breaches to ransomware attacks, it is...more
8/15/2023
/ Cyber Incident Reporting ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Health Information Technologies ,
Healthcare ,
Long Term Care Facilities ,
Long-Term Care ,
Patient Privacy Rights ,
PHI ,
Risk Management
California, home to the highest number of registered vehicles in the U.S., is at the forefront of a critical issue – the privacy practices of automobile manufacturers and vehicle technology firms....more
8/2/2023
/ Automotive Industry ,
California Privacy Protection Agency (CPPA) ,
Data Collection ,
Data Privacy ,
Enforcement Actions ,
Manufacturers ,
Motor Vehicles ,
Privacy Laws ,
Proposed Regulation ,
Regulatory Agenda ,
State Privacy Laws ,
Technology Sector
The adoption of predictive maintenance (PM), an artificial intelligence (AI) driven strategy that anticipates potential equipment failures using Internet of Things (IoT) sensors, holds immense promise for the construction...more
7/28/2023
/ Artificial Intelligence ,
Construction Industry ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Internet of Things ,
Liability ,
Popular ,
Risk Factors ,
Safety Standards ,
Technology
The construction sector is known for its perennial pursuit of efficiency, quality, and safety. In recent years, one of the tools the sector has started leveraging to achieve these goals is predictive maintenance (PM),...more
As cyber threats have evolved and expanded, cybersecurity has emerged as a threat to organizations across sectors, and there is more urgency than ever for companies to remain vigilant and prepared. Cybersecurity incidents can...more
The third and final installment of this three-part series discusses the construction industry’s evolving landscape and the challenges it faces in the realm of cybersecurity, revealing how a comprehensive, data-centric...more
In today’s digital era, the construction industry faces a growing threat from cyber risks that can have significant impacts on projects and operations. As technology continues to revolutionize the industry, it is crucial for...more
The construction industry’s rapid digital transformation has opened the door to new cybersecurity challenges. As the sector adopts innovative technologies like cyber-physical systems, Building Information Modeling (BIM), and...more
6/22/2023
/ Bids ,
Construction Industry ,
Cybersecurity ,
Data Breach ,
Department of Transportation (DOT) ,
Fraud ,
Intellectual Property Protection ,
Popular ,
Ransomware ,
Risk Management ,
Wire Transfers
In an era where our lives are ever more intertwined with technology, the security of digital platforms is a matter of national concern. A recent large-scale cyberattack affecting several U.S. federal agencies and numerous...more
6/19/2023
/ Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Breach ,
Data Transfers ,
Digital Platforms ,
International Data Transfers ,
National Security ,
Popular ,
Ransomware ,
Software ,
Technology Sector