In this month's edition of our Privacy & Cybersecurity Update, we examine the New York Department of Financial Services' issuance of the first-ever cyber insurance risk guidance framework, the Eleventh Circuit's ruling...more
In this month's edition, we examine the European Commission's Digital Services Act and its potential regulatory impact, the National Institute of Standards and Technology's draft guidance on internet-of-things devices'...more
2/4/2021
/ Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Retention ,
Data Security ,
Digital Services ,
Draft Guidance ,
European Commission ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Internet of Things ,
NIST ,
Popular ,
Privacy Policy
On November 10, 2020, the European Data Protection Board (EDPB) adopted its long-awaited recommendations on (1) measures that supplement transfer tools to ensure transfers of personal data outside the European Economic Area...more
12/3/2020
/ Cybersecurity ,
Data Protection ,
EU-US Privacy Shield ,
European Data Protection Board (EDPB) ,
European Economic Area (EEA) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Popular ,
Schrems I & Schrems II ,
Standard Contractual Clauses
In this month’s edition of our Privacy & Cybersecurity Update, we examine the passage of the ballot initiative that enacts the California Privacy Rights Act, the U.K. Information Commissioner’s Office’s final guidance on data...more
12/2/2020
/ Biometric Information Privacy Act ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Consumer Privacy Rights ,
Corporate Counsel ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
European Economic Area (EEA) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Popular ,
Schrems I & Schrems II ,
Standard Contractual Clauses
In this month's edition of our Privacy & Cybersecurity Update, we examine the U.S. Treasury's advisories regarding the role of financial intermediaries in ransomware payments, a ruling by the Israeli data protection authority...more
11/3/2020
/ British Airways ,
California Consumer Privacy Act (CCPA) ,
Court of Justice of the European Union (CJEU) ,
Cyber Attacks ,
Cyber Insurance ,
Cybersecurity ,
Data Breach ,
Data Protection ,
EU ,
EU-US Privacy Shield ,
Financial Institutions ,
FinCEN ,
International Data Transfers ,
Office of Foreign Assets Control (OFAC) ,
Popular ,
Ransomware ,
State Attorneys General ,
Surveillance
Recent and significant regulatory and legislative events in the digital asset space demonstrate the evolving and expanding approach by U.S. and international regulators to the burgeoning digital asset markets. These...more
10/31/2020
/ Banks ,
Blockchain ,
CFTC ,
Civil Monetary Penalty ,
Consent Order ,
Cryptocurrency ,
Department of Justice (DOJ) ,
Derivatives ,
Digital Assets ,
Distributed Ledger Technology (DLT) ,
Enforcement Actions ,
FinCEN ,
Global Market ,
Initial Coin Offering (ICOs) ,
Legislative Agendas ,
OCC ,
OECD ,
Offshore Listings ,
Regulatory Oversight ,
Restricted Transactions ,
Securities and Exchange Commission (SEC) ,
Securities Tokens ,
Smart Contracts ,
Stablecoins ,
Summary Judgment ,
Taxation ,
UK ,
Virtual Currency
In this month's edition, we examine the Swiss data protection authority's comments on the validity of its data-sharing framework with the U.S., as well as the European Data Protection Board's guidance on joint controllers and...more
10/10/2020
/ Biometric Information Privacy Act ,
Class Action ,
Constitutional Challenges ,
Cybersecurity ,
Data Collection ,
Data Protection ,
Data Protection Authority ,
European Data Protection Board (EDPB) ,
International Data Transfers ,
Joint Control ,
Metadata ,
National Security Agency (NSA) ,
New Guidance ,
Outer Space ,
Personally Identifiable Information ,
Popular ,
Presidential Memorandum ,
Privacy Laws ,
Social Media ,
Swiss Privacy Shield ,
Trump Administration
In this month's edition of our Privacy & Cybersecurity Update, we examine the National Institute of Standards and Technology's four principles of the "explainability" of artificial intelligence and the U.K. Information...more
9/1/2020
/ Anti-Drone Technology ,
Artificial Intelligence ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Compliance ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Protection Impact Assessments (DPIAs) ,
Department of Homeland Security (DHS) ,
Department of Justice (DOJ) ,
Drones ,
EU-US Privacy Shield ,
FCC ,
Federal Aviation Administration (FAA) ,
Federal Trade Commission (FTC) ,
Final Rules ,
International Data Transfers ,
NIST ,
Office of Administrative Law ,
Personal Information ,
Popular ,
Privacy Laws ,
Risk Mitigation ,
UK ,
UK ICO
In this month's edition, we examine the Court of Justice of the European Union's decision invalidating the EU-U.S. Privacy Shield framework, as well as the U.S. government's response to the decision. We also examine two...more
8/6/2020
/ Automotive Industry ,
Binding Corporate Rules ,
Broadband Privacy Rules ,
Connected Cars ,
Corporate Counsel ,
Court of Justice of the European Union (CJEU) ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Economic Loss Doctrine ,
Enforcement Actions ,
EU ,
EU-US Privacy Shield ,
European Data Protection Board (EDPB) ,
Federal Trade Commission (FTC) ,
First Amendment ,
Free Speech ,
General Data Protection Regulation (GDPR) ,
Hackers ,
Insurance Industry ,
International Data Transfers ,
Internet Service Providers (ISPs) ,
Misrepresentation ,
Negligence ,
NYDFS ,
Online Platforms ,
P2B ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Privacy Laws ,
Schrems I & Schrems II ,
Security Breach ,
Standard Contractual Clauses ,
U.S. Commerce Department ,
UK ,
UK Data Protection Act ,
United Nations
In this issue, we discuss the new initiatives under New York's BitLicense regime that clarify and streamline the regulatory landscape for virtual currency entities doing business within the state. We also examine the...more
8/4/2020
/ Advanced Notice of Proposed Rulemaking (ANPRM) ,
Bitcoin ,
BitLicense ,
Blockchain ,
Constitutional Challenges ,
Cryptocurrency ,
Digital Assets ,
Digital Ledger Technology ,
Distributed Ledger Technology (DLT) ,
Federal Savings Associations ,
Fourth Amendment ,
Governor Beshear ,
Listing Rules ,
National Bank Act ,
NYDFS ,
OCC ,
Popular ,
Reasonable Expectation of Privacy ,
Right to Privacy ,
Search & Seizure ,
Smart Contracts ,
State and Local Government ,
Virtual Currency ,
Working Groups
On July 16, 2020, the Court of Justice of the European Union (CJEU) struck down the EU-U.S. Privacy Shield as a valid mechanism for transferring personal data from the European Economic Area (EEA) to the United States...more
7/20/2020
/ Binding Corporate Rules ,
Court of Justice of the European Union (CJEU) ,
EU ,
EU-US Privacy Shield ,
European Commission ,
European Economic Area (EEA) ,
International Data Transfers ,
Personal Data ,
Privacy Laws ,
Schrems I & Schrems II ,
Standard Contractual Clauses ,
US-EU Safe Harbor Framework
In this month's edition of our Privacy & Cybersecurity Update, we examine the California attorney general's final regulations for the California Consumer Privacy Act and a ruling by the Indiana Court of Appeals involving...more
7/6/2020
/ California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Constitutional Challenges ,
Consumer Fraud ,
Cyber Insurance ,
Cybersecurity ,
Data Privacy ,
EU ,
Popular ,
Privacy Laws ,
Ransomware
In this month's edition of our Privacy & Cybersecurity Update, we examine the Seventh Circuit's ruling finding standing for an Illinois Biometric Information Privacy Act claim, the European Data Protection Board's updated...more
6/1/2020
/ Appeals ,
Biometric Information Privacy Act ,
Blocked Mergers ,
Bulk Electric System ,
Business Interruption ,
Consent ,
Cookies ,
Coronavirus/COVID-19 ,
Cyber Insurance ,
Cyber Threats ,
Cybersecurity ,
Data Protection Authority ,
Department of Energy (DOE) ,
Employee Privacy Rights ,
European Data Protection Board (EDPB) ,
Foreign Acquisitions ,
Foreign Adversaries ,
General Data Protection Regulation (GDPR) ,
National Security ,
Policy Exclusions ,
Popular ,
Privacy Laws ,
Remote Working ,
Standing ,
Trump Administration
In this month's edition of our Privacy & Cybersecurity Update, we examine Washington state's new facial recognition law, the U.K. Supreme Court's ruling that an employer is not liable for a data breach caused by a disgruntled...more
5/3/2020
/ Coronavirus/COVID-19 ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Draft Guidance ,
Employee Misconduct ,
Employer Liability Issues ,
Equifax ,
European Commission ,
European Data Protection Board (EDPB) ,
Facial Recognition Technology ,
FSB ,
Mobile Apps ,
New Guidance ,
NYDFS ,
Phishing Scams ,
Popular ,
Privacy Laws ,
Settlement ,
UK Supreme Court
On March 24, 2020, the Commodity Futures Trading Commission (CFTC or Commission) voted unanimously to adopt an interpretation of the term “actual delivery” with respect to retail virtual currency transactions (2020 Guidance)....more
4/8/2020
/ Actual Delivery ,
Amended Rules ,
CFTC ,
Commodities ,
Coronavirus/COVID-19 ,
Enforcement ,
Futures ,
Leveraged Lending ,
Margin Requirements ,
Retail Investors ,
Swaps ,
Virtual Currency
As health organizations and governments around the world work to contain the coronavirus (COVID-19), businesses should be mindful of the various ways the virus may impact their operations and employees. The wide range of...more
3/5/2020
/ Acquisitions ,
Anti-Discrimination Policies ,
Business Interruption ,
Capital Markets ,
Centers for Disease Control and Prevention (CDC) ,
Commercial Contracts ,
Coronavirus/COVID-19 ,
Corporate Restructuring ,
Cybersecurity ,
Derivatives ,
Disclosure Requirements ,
Employment Policies ,
Equity Securities ,
Force Majeure Clause ,
Global Economy ,
Leveraged Finance ,
Life Sciences ,
Mergers ,
OSHA ,
Popular ,
Public Health ,
Public Safety ,
Publicly-Traded Companies ,
Securities and Exchange Commission (SEC) ,
Securities Litigation ,
Supply Chain ,
Virtual Meetings
In this month's edition, we examine the California attorney general's proposed modified regulations under the CCPA, the Treasury Department's new CFIUS regulations, and the SEC Office of Compliance Inspections and...more
3/3/2020
/ BPCIA ,
Business Losses ,
California Consumer Privacy Act (CCPA) ,
CFIUS ,
Cyber Insurance ,
Cybersecurity ,
Data Privacy ,
Foreign Investment ,
OCIE ,
Popular ,
Privacy Laws ,
Ransomware ,
Risk Mitigation ,
Securities and Exchange Commission (SEC) ,
Standing ,
State Privacy Laws ,
U.S. Treasury ,
UK ICO
In this month's edition of our Privacy & Cybersecurity Update, we examine the EU advocate general's decision in Schrems II, a federal court's ruling that an insurer owed coverage for a social engineering loss, the Chinese...more
2/6/2020
/ Advocate General ,
China ,
Cybersecurity ,
Cybersecurity Framework ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
EU ,
EU-US Privacy Shield ,
Federal Trade Commission (FTC) ,
GA Supreme Court ,
Hackers ,
Mobile Apps ,
Negligence ,
NIST ,
Personal Data ,
Popular ,
Ransomware ,
Schrems I & Schrems II
Despite political and economic uncertainties, markets and deal activity were resilient in 2019, and strong fundamentals remain in place heading into 2020. Companies continue to face a challenging litigation and enforcement...more
1/30/2020
/ Acquisitions ,
Administrative Procedure Act ,
Anti-Discrimination Policies ,
Anti-Harassment Policies ,
Anti-Kickback Statute ,
Antitrust Investigations ,
Appeals ,
Arbitration Awards ,
Attorney General ,
Backstop Agreements ,
BEPS ,
BitLicense ,
Blockchain ,
Board of Directors ,
Bonds ,
Capital Markets ,
CFIUS ,
CFTC ,
Chapter 11 ,
Claim Preclusion ,
Class Action ,
Commercial Bankruptcy ,
Common Stock ,
Congressional Investigations & Hearings ,
Congressional Subpoenas ,
Consumer Financial Protection Bureau (CFPB) ,
Cooperation Agreement ,
Copyright ,
Corporate Governance ,
Corporate Restructuring ,
Corporate Social Responsibility ,
Corporate Taxes ,
Corwin Doctrine ,
Covenant Lite Deals ,
Creditors ,
Cross-Border Transactions ,
DACA ,
DE Supreme Court ,
Debt Financing ,
Debtors ,
Department of Justice (DOJ) ,
Dischargeable Debts ,
Disgorgement ,
Disparate Impact ,
Dodd-Frank ,
Down Rounds ,
Drug Pricing ,
EBITDA ,
Employee Retirement Income Security Act (ERISA) ,
Employer Liability Issues ,
Employment Discrimination ,
Enforcement Actions ,
Enforcement of Foreign Judgments ,
Enterprise Act 2002 ,
Environmental Social & Governance (ESG) ,
EU ,
Fair Housing Act (FHA) ,
Federal Trade Commission (FTC) ,
FinTech ,
FIRRMA ,
Foreign Acquisitions ,
Foreign Investment ,
Foreign Issuers ,
FRCP 23 ,
General Data Protection Regulation (GDPR) ,
General Elections ,
GILTI tax ,
High-Yield Markets ,
Hong Kong ,
Hong Kong Stock Exchange ,
Individual Accountability ,
Initial Public Offering (IPO) ,
Intellectual Property Litigation ,
Intercreditor Agreements ,
International Arbitration ,
International Litigation ,
IRS ,
Issue Preclusion ,
Japan ,
Joint Venture ,
Legislative Agendas ,
Life Sciences ,
Listing Rules ,
Litigation Strategies ,
Make-Whole Premium ,
Mergers ,
MFW ,
Multinationals ,
National Security ,
PCAOB ,
Pharmaceutical Industry ,
Political Parties ,
Preferred Shares ,
Private Offerings ,
Privately Held Corporations ,
Proxy Advisory Firms ,
Publicly-Traded Companies ,
Refinancing ,
Regulatory Agenda ,
Reporting Requirements ,
SCOTUS ,
Securities and Exchange Commission (SEC) ,
Securities Litigation ,
Separation of Powers ,
Shareholder Activism ,
Shareholder Proposals ,
Shareholders ,
Split of Authority ,
State Labor Laws ,
Stock Drop Litigation ,
Tax Cuts and Jobs Act ,
Tax Litigation ,
Technology Sector ,
Third-Party Release Agrements ,
Transparency ,
UK ,
UK Brexit ,
Valuation ,
White Collar Crimes
In 2019, regulators continued to consider whether and how to regulate blockchain technology. After the two previous years that included a high number of initial coin offerings (ICOs), many of which involved allegedly...more
1/21/2020
/ BitLicense ,
Blockchain ,
Cross-Border Transactions ,
Cryptocurrency ,
Digital Securities ,
Disgorgement ,
Enforcement Actions ,
EU ,
Financial Stability Board ,
FinHub ,
Fraud ,
General Data Protection Regulation (GDPR) ,
Initial Coin Offering (ICOs) ,
NYDFS ,
Popular ,
Regulatory Agencies ,
Securities Act of 1933 ,
Securities and Exchange Commission (SEC) ,
Securities Exchange Act ,
Securities Violations ,
Settlement Negotiations ,
Stablecoins ,
Supervisory Guidance ,
Technology Sector ,
Virtual Currency
In this month's edition of our Privacy & Cybersecurity Update, we take a look at guidance on artificial intelligence released by the U.K. Information Commissioner's Office and the Turing Institute, as well as guidance...more
1/3/2020
/ Artificial Intelligence ,
Consent Order ,
Consumer Insurance Products ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Management ,
Data Protection ,
Draft Guidance ,
Email ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Information Management ,
Insurance Regulations ,
Misleading Statements ,
NAIC ,
Personal Data ,
Popular ,
Regulatory Requirements ,
Settlement Agreements ,
Terms of Service ,
Transparency ,
Voluntary Disclosure
In this month's edition, we examine the landmark data breach class action in the English High Court against Equifax, the FTC's complaint against data colocation company RagingWire and a Utah business-to-business company's...more
12/4/2019
/ Commercial General Liability Policies ,
Cybersecurity ,
Data Breach ,
Denial of Insurance Coverage ,
Equifax ,
EU-US Privacy Shield ,
Federal Trade Commission (FTC) ,
International Arbitration ,
Misrepresentation ,
Popular ,
Privacy Laws ,
Settlement ,
Target ,
UK
In this month's edition of our Privacy & Cybersecurity Update, we examine the California attorney general's draft regulations on the California Consumer Privacy Act, the CJEU's clarified rulings on the use of cookies, the...more
11/4/2019
/ California Consumer Privacy Act (CCPA) ,
Cookies ,
Court of Justice of the European Union (CJEU) ,
Crime Insurance Policies ,
Cybersecurity ,
Data Protection ,
Draft Guidance ,
e-Privacy Directive ,
Email ,
Fantasy Sports ,
Food and Drug Administration (FDA) ,
Health Technology ,
Healthcare ,
Medical Devices ,
Medical Software ,
New Amendments ,
Non-Discrimination Rules ,
Notice Requirements ,
Personal Data ,
Popular ,
Regulatory Agenda ,
Regulatory Requirements ,
Right to Delete ,
Spoofing ,
State and Local Government ,
Verification Requirements ,
Vulnerability Assessments
In this month's edition of our Privacy & Cybersecurity Update, we examine five amendments to the California Consumer Privacy Act, the EU Court of Justice's rulings on the "Right to Be Forgotten" and what qualifies as a joint...more
10/2/2019
/ Amended Rules ,
California Consumer Privacy Act (CCPA) ,
Class Action ,
Court of Justice of the European Union (CJEU) ,
Cybersecurity ,
Data Controller ,
Discovery Disputes ,
EU ,
Facial Recognition Technology ,
Marriott ,
Personal Data ,
Personally Identifiable Information ,
Phishing Scams ,
Popular ,
Privacy Laws ,
Right to Be Forgotten ,
UK ,
United States
In this issue of The Distributed Ledger, we discuss the IRS' warning letters for over 10,000 cryptocurrency holders, the SEC's settlement with a blockchain company regarding unregistered ICO transactions, and a European...more
9/23/2019
/ Blockchain ,
Crypto Exchanges ,
Cryptocurrency ,
Data Controller ,
Data Processors ,
Digital Assets ,
Distributed Ledger Technology (DLT) ,
Ethereum ,
FinHub ,
Gaming ,
General Data Protection Regulation (GDPR) ,
Initial Coin Offering (ICOs) ,
Initial Public Offering (IPO) ,
IRS ,
No-Action Letters ,
Personal Information ,
Popular ,
Securities and Exchange Commission (SEC) ,
Securities Regulation ,
Settlement Agreements ,
Simple Agreement for Future Tokens (SAFT) ,
Smart Contracts ,
Startups ,
Unregistered Securities ,
Warning Letters