On January 16, 2025, the U.S. Department of Commerce’s Bureau of Industry and Security (“BIS”) issued a final rule (the “Final Rule”) addressing national security concerns regarding information and communications technology...more
1/22/2025
/ Automotive Industry ,
Bureau of Industry and Security (BIS) ,
China ,
Final Rules ,
Hardware ,
Imports ,
National Security ,
Russia ,
Software ,
Supply Chain ,
U.S. Commerce Department
INTRODUCTION...
On January 16, 2025, President Biden issued an Executive Order (EO) on Strengthening and Promoting Innovation in the Nation’s Cybersecurity, to further address increasing threats from nation-state actors...more
As global economic and geopolitical environments enter a new era, companies need to continuously develop and adjust their coherent global business strategies to secure and further expand business opportunities in all markets...more
1/2/2025
/ Acquisitions ,
Artificial Intelligence ,
Bureau of Industry and Security (BIS) ,
Business Opportunities ,
Business Strategies ,
CFIUS ,
China ,
Compliance ,
Covered Transactions ,
Critical Infrastructure Sectors ,
Department of Homeland Security (DHS) ,
Department of Justice (DOJ) ,
Entity List ,
Exports ,
Final Rules ,
Financial Transactions ,
Forced Labor ,
Foreign Investment ,
Importers ,
Imports ,
Investment ,
Joint Venture ,
National Security ,
NPRM ,
Prohibited Transactions ,
Real Estate Transactions ,
Regulatory Requirements ,
Semiconductors ,
Sensitive Personal Information ,
Supply Chain ,
Trade Relations ,
Uyghur Forced Labor Prevention Act (UFLPA)
On October 28, 2024, the US Department of the Treasury (“Treasury”) issued a Final Rule to require the notification or prohibition of certain outbound investments and other transactions by US persons involving persons of...more
On October 24, 2024, President Biden issued the first-ever National Security Memorandum (NSM) on artificial intelligence (AI), fulfilling another directive (subsection 4.8) set forth in the Administration’s Executive Order on...more
As cybersecurity rules proliferate, companies must navigate a maze of new, and often overlapping, proactive and reactive cybersecurity requirements and guidance. This Legal Update surveys new cybersecurity rules and...more
11/4/2024
/ Critical Infrastructure Sectors ,
Cyber Incident Reporting ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Breach ,
Data Security ,
Disclosure Requirements ,
Government Agencies ,
Incident Response Plans ,
National Security ,
Regulatory Agenda ,
Regulatory Oversight ,
Reporting Requirements ,
Risk Assessment ,
Risk Management ,
Securities and Exchange Commission (SEC)
On October 21, 2024, the Department of Justice (DOJ) released an unpublished Notice of Proposed Rulemaking (NPRM), Provisions Pertaining to Preventing Access to U.S. Sensitive Personal Data and Government-Related Data by...more
10/24/2024
/ Data-Sharing ,
Department of Justice (DOJ) ,
International Data Transfers ,
International Emergency Economic Powers Act (IEEPA) ,
National Security ,
NPRM ,
Personal Data ,
Proposed Rules ,
Regulatory Agenda ,
Regulatory Reform ,
Sensitive Personal Information
On September 9, 2024, the US Department of Commerce’s (“Commerce”) Bureau of Industry and Security (BIS) released notice of a proposed rule to create a mandatory reporting requirement for artificial intelligence (AI)...more
On August 14, 2024, the Committee on Foreign Investment in the United States (“CFIUS” or “Committee”) announced a $60 million penalty, “the largest penalty CFIUS has ever issued,” following its finding of material violations...more
On May 2, 2024, the Department of Defense (DoD) issued a class deviation to DFARS 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting.
The deviation relates to contractors’ compliance with...more
On March 27, 2024, the Cybersecurity & Infrastructure Security Agency (CISA) within the US Department of Homeland Security released a much-anticipated notice of proposed rulemaking (NPRM) to implement the Cyber Incident...more
4/1/2024
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) ,
Cybersecurity ,
Data Breach ,
Data Preservation ,
Data Protection ,
Data Security ,
Department of Homeland Security (DHS) ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Information Technology ,
NPRM ,
Proposed Rules ,
Ransomware ,
Regulatory Agenda
On March 1, 2024, the US Department of Commerce’s (“Commerce”) Bureau of Industry and Security (“BIS”) published an Advance Notice of Proposed Rulemaking1 (the “Notice”) seeking public comments on potential regulation of the...more
3/19/2024
/ Bureau of Industry and Security (BIS) ,
China ,
Comment Period ,
Connected Cars ,
Data Collection ,
Executive Orders ,
Foreign Adversaries ,
Information Technology ,
Motor Vehicles ,
National Security ,
OEM ,
Proposed Rules ,
Public Comment ,
Regulatory Agenda ,
Rulemaking Process ,
U.S. Commerce Department
On 9 December 2023, European Parliament negotiators and the Council presidency agreed on the final version of what is claimed to be the world's first-ever comprehensive legal framework on Artificial Intelligence; the European...more
Background and Summary -
Table On July 26, 2023, the U.S. Securities and Exchange Commission (the “SEC”) issued a release (the “Adopting Release”), adopting final rules (the “Final Rules”) aimed at standardizing and...more
On March 9, 2023, the Securities and Exchange Commission (“SEC”) announced that Blackbaud Inc. (“Blackbaud”) agreed to pay $3 million to settle charges for alleged misleading disclosures about its 2020 ransomware attack and...more
With high-profile cybersecurity incidents hitting the headlines, President Biden’s recent cybersecurity executive order seeks to strengthen security practices at federal agencies and government contractors. But what does the...more
12/28/2021
/ Biden Administration ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Executive Orders ,
Popular ,
Private Sector ,
Ransomware ,
Risk Management
On July 28, 2021, President Biden signed a national security memorandum that seeks to “significantly improve” the cybersecurity of critical infrastructure systems....more
In the wake of the May 2021 ransomware attack on a major US oil pipeline, the Department of Homeland Security’s (DHS) Transportation Security Administration (TSA) has released a security directive (the “TSA Directive”) to...more
6/2/2021
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cybersecurity ,
Department of Homeland Security (DHS) ,
Energy Policy ,
Hackers ,
National Security ,
Oil & Gas ,
Pipelines ,
Ransomware ,
Supply Chain ,
TSA