In this month's edition of our Privacy & Cybersecurity Update, we examine the European Parliament's report on whether and how the use of blockchain technology can comply with the General Data Protection Regulation, as well as...more
9/5/2019
/ Blockchain ,
Consumer Protection Laws ,
Cyber Policies ,
Cybersecurity ,
Data Protection ,
Data Security ,
EU ,
European Parliament ,
False Claims Act (FCA) ,
Federal Contractors ,
General Data Protection Regulation (GDPR) ,
Insurance Industry ,
Misrepresentation ,
NAIC ,
Personally Identifiable Information ,
Popular ,
Privacy Laws ,
Risk Assessment ,
Security Risk Assessments ,
Settlement ,
State Data Breach Notification Statutes ,
State Insurance Administrations ,
Whistleblower Awards ,
Whistleblowers
In this month's edition of our Privacy & Cybersecurity Update, we examine New York's new laws expanding consumer protection for data breaches, the D.C. Circuit's two rulings deepening the split regarding standing in data...more
8/2/2019
/ Article III ,
Biometric Information ,
Consumer Protection Laws ,
Cookies ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Debit and Credit Card Transactions ,
Equifax ,
Fair Credit Reporting Act (FCRA) ,
General Data Protection Regulation (GDPR) ,
Hackers ,
Identity Theft ,
Injury-in-Fact ,
Malware ,
New Legislation ,
Personally Identifiable Information ,
Popular ,
Search Results ,
Settlement ,
Spokeo v Robins ,
Standing ,
State and Local Government ,
State Data Breach Notification Statutes ,
UK
In this month's edition of our Privacy & Cybersecurity Update, we reflect on the GDPR's one-year anniversary while also examining the EU's new Cybersecurity Act. We also take a look at HHS' new guidance on direct liability of...more
7/2/2019
/ Appeals ,
Business Associates ,
Consumer Privacy Rights ,
Credit Cards ,
Cybersecurity ,
Data Breach ,
Data Sellers ,
Dish Network ,
EU Cybersecurity Act ,
European Council ,
General Data Protection Regulation (GDPR) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Internet Service Providers (ISPs) ,
Liability ,
Merchant Fees ,
Opt-Outs ,
Payment Processors ,
Personal Information ,
Personally Identifiable Information ,
Privacy Laws ,
State and Local Government ,
State Data Breach Notification Statutes ,
TCPA
In this month's edition of our Privacy & Cybersecurity Update, we examine expanded data breach notification laws in New Jersey and Washington state, as well as the SEC's risk alert regarding cloud-based storage solutions. We...more
6/3/2019
/ Amended Rules ,
Annual Reports ,
Cloud Storage ,
Cybersecurity ,
Data Breach ,
Data Protection Authority ,
Data Security ,
Federal Trade Commission (FTC) ,
Finland ,
General Data Protection Regulation (GDPR) ,
Personally Identifiable Information ,
Popular ,
Privacy Laws ,
Risk Alert ,
Securities and Exchange Commission (SEC) ,
State Data Breach Notification Statutes ,
UK
In this month's Privacy & Cybersecurity Update, we examine several recent U.K.-related cybersecurity developments and the SEC's risk alert reminding investment advisers and broker-dealers to follow through on implementing...more
5/1/2019
/ Broker-Dealer ,
Canada ,
Commercial General Liability Policies ,
Cyber Insurance ,
Cyber Policies ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data-Sharing ,
Denial of Insurance Coverage ,
Designated Contract Markets (DCMs) ,
ENISA ,
Equifax ,
EU ,
Fines ,
General Data Protection Regulation (GDPR) ,
Government Investigations ,
Hackers ,
Investment Adviser ,
NCSC ,
OCIE ,
PIPEDA ,
Popular ,
Privacy Comissioners ,
Privacy Laws ,
Privacy Policy ,
Putative Class Actions ,
Regulation S-P ,
Risk Alert ,
Securities and Exchange Commission (SEC) ,
Surveys ,
TCPA ,
UK ,
UK Data Protection Act ,
UK ICO ,
Unsolicited Faxes
In this issue, we examine the release of the much-anticipated Strategic Hub for Innovation and Financial Technology (FinHub) guidance for analyzing how U.S. federal securities laws apply to initial coin offerings, the...more
4/16/2019
/ Advertising ,
Blockchain ,
California Consumer Privacy Act (CCPA) ,
CNIL ,
Cryptocurrency ,
Default ,
Digital Assets ,
Discovery ,
Distributed Ledger Technology (DLT) ,
Division of Corporate Finance ,
Ethereum ,
EU ,
FinHub ,
France ,
Frozen Assets ,
General Data Protection Regulation (GDPR) ,
Guilty Pleas ,
Initial Coin Offering (ICOs) ,
Investment Contract ,
Motion to Dismiss ,
No-Action Letters ,
NYDFS ,
Offerings ,
Payment Tokens ,
Personal Jurisdiction ,
Plea Agreements ,
Popular ,
Preliminary Injunctions ,
Profits ,
Public Comment ,
Putative Class Actions ,
Safe Harbors ,
Securities ,
Securities and Exchange Commission (SEC) ,
Securities Exchange Act ,
Securities Fraud ,
Securities Tokens ,
Securities Violations ,
Settlement ,
Smart Contracts ,
Unregistered Securities ,
Virtual Currency
In this month's edition of our Privacy & Cybersecurity Update, we examine new cybersecurity legislation in California and Massachusetts, the British government's updates to its cybersecurity laws in anticipation of Brexit and...more
4/2/2019
/ California Consumer Privacy Act (CCPA) ,
Class Action ,
Class Certification ,
Credit Reporting Agencies ,
Credit Reports ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Federal Trade Commission (FTC) ,
Gramm-Leach-Blilely Act ,
Popular ,
Privacy Laws ,
Public Comment ,
State Data Breach Notification Statutes ,
Thailand ,
UK ,
UK Brexit
California recently enacted the Consumer Privacy Act, the most stringent privacy law in the United States. Although it does not go into effect until January 1, 2020, most companies will need a number of months to prepare. The...more
3/22/2019
/ California Consumer Privacy Act (CCPA) ,
Compliance ,
Consumer Privacy Rights ,
Covered Entities ,
Data Collection ,
Data Privacy ,
Disclosure Requirements ,
Exceptions ,
Exemptions ,
Legitimate Business Purpose ,
Non-Discrimination Rules ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Privacy Policy ,
Private Right of Action ,
Research and Development ,
Resident's Rights ,
Right to Delete ,
Right-To-Access ,
Sales Restrictions ,
Training Requirements
In this month's edition, we examine a judge's ruling allowing an investor suit against Equifax, the dismissal of a class action against the insurer CareFirst and President Donald Trump's launch of a federal artificial...more
3/4/2019
/ Artificial Intelligence ,
Class Action ,
Cybersecurity ,
Data Breach ,
Department of Financial Services ,
Dismissals ,
Equifax ,
Facebook ,
Federal Cartel Offices ,
Federal Data Privacy ,
GAO ,
Germany ,
Investors ,
NAIC ,
NYDFS ,
Popular ,
Privacy Laws ,
Proposed Legislation ,
Trump Administration ,
User-Generated Content
In this month's edition, we examine cybersecurity-related state Supreme Court rulings in Pennsylvania, Vermont and Illinois; the Department of Health and Human Services' cybersecurity guidelines for the health care industry;...more
2/2/2019
/ Actual Injuries ,
Adequacy Requirement ,
Annual Reports ,
Attorney General ,
Biometric Information Privacy Act ,
California Consumer Privacy Act (CCPA) ,
Common Law Claims ,
Corporate Counsel ,
Cyber Insurance ,
Cybersecurity ,
Data Breach ,
Data Protection Acts ,
Data Protection Authority ,
Denial of Insurance Coverage ,
Department of Health and Human Services (HHS) ,
Employee Privacy Rights ,
EU ,
EU-US Privacy Shield ,
IL Supreme Court ,
Japan ,
Neiman Marcus ,
New Guidance ,
PA Supreme Court ,
Phishing Scams ,
Policy Exclusions ,
Public Hearing ,
Security Standards ,
Settlement ,
State Attorneys General ,
Statutory Rights ,
VT Supreme Court
The Illinois Supreme Court ruled that an Illinois biometric privacy law does not require individuals to show they suffered harm other than a violation of the law in order to bring suit. As a result, entities are at a greater...more
1/31/2019
/ Appeals ,
Article III ,
Biometric Information ,
Biometric Information Privacy Act ,
Class Action ,
Data Collection ,
IL Supreme Court ,
Injury-in-Fact ,
Privacy Laws ,
Right to Privacy ,
Standing ,
Statutory Rights
While debates about the need for a federal data protection law continued to heat up in 2018, California enacted its own comprehensive privacy law, the California Consumer Privacy Act (CCPA), creating a de facto national...more
In 2018, the number of blockchain-enabled projects increased sharply as established companies sought to apply distributed ledger technology to their existing business models and startups developed new and disruptive models...more
1/18/2019
/ AML/CFT ,
Blockchain ,
CFTC ,
Commodity Exchange Act (CEA) ,
Cryptocurrency ,
Derivatives ,
Distributed Ledger Technology (DLT) ,
EU ,
FinCEN ,
FinHub ,
General Data Protection Regulation (GDPR) ,
Initial Coin Offering (ICOs) ,
Popular ,
Proposed Legislation ,
Securities and Exchange Commission (SEC) ,
Token Sales ,
Unregistered Securities
In this month's edition of our Privacy & Cybersecurity Update, we examine the European Commission's second annual review of the Privacy Shield and the Department of Commerce's guidance on how to comply with the Privacy Shield...more
1/4/2019
/ Artificial Intelligence ,
Banking Sector ,
Cybersecurity ,
Data Protection ,
Data Protection Commissioner ,
Ethics ,
EU ,
EU-US Privacy Shield ,
European Central Bank ,
European Commission ,
Federal Trade Commission (FTC) ,
Financial Institutions ,
General Data Protection Regulation (GDPR) ,
Human Rights ,
Identity Theft ,
Payment Systems ,
Popular ,
Privacy Policy ,
Proposed Amendments ,
Public Comment ,
Security Risk Assessments ,
U.S. Commerce Department ,
UK Brexit
In this month's edition of our Privacy & Cybersecurity Update, we examine a declaration on ethical considerations for artificial intelligence, the annual joint review of the Privacy Shield, a new lawsuit from a snack food...more
12/5/2018
/ Administrative Review ,
Artificial Intelligence ,
Banks ,
Cyber Attacks ,
Cyber Lexicon ,
Cybersecurity ,
Data Protection ,
Data Protection Officers (DPOs) ,
Denial of Insurance Coverage ,
EDPS ,
Ethics ,
EU ,
EU-US Privacy Shield ,
European Economic Area (EEA) ,
Financial Institutions ,
Financial Stability Board ,
FSB ,
General Data Protection Regulation (GDPR) ,
Human Rights ,
Insurance Litigation ,
Malware ,
Personal Data ,
Policy Exclusions ,
Popular ,
Privacy Concerns ,
Privacy Laws ,
Property Insurance ,
Ransomware ,
Secretary of Commerce
This is the second edition of The Distributed Ledger, a periodic publication covering the latest trends and developments in blockchain technology, digital assets and smart contracts. In this issue, we examine the SEC’s new...more
11/8/2018
/ Anti-Money Laundering ,
Blockchain ,
CFTC ,
CNIL ,
Commodity Exchange Act (CEA) ,
Cross-Border Transactions ,
Data Controller ,
Data Processors ,
Digital Assets ,
EU ,
FATF ,
FinHub ,
FinTech ,
Initial Coin Offering (ICOs) ,
International Data Transfers ,
Personally Identifiable Information ,
Popular ,
Regulatory Agenda ,
Securities and Exchange Commission (SEC) ,
Smart Contracts ,
Startups ,
Terrorist Financing Regulations ,
Virtual Currency
This is the inaugural issue of The Distributed Ledger, a periodic publication covering the latest trends and developments in blockchain technology, digital assets and smart contracts. In this edition, we examine a federal...more
10/16/2018
/ Anti-Fraud Provisions ,
Blockchain ,
CFTC ,
Commodities ,
Commodity Exchange Act (CEA) ,
Conflicts of Interest ,
Consumer Protection Laws ,
Corporate Counsel ,
Cryptocurrency ,
Digital Assets ,
Distributed Ledger Technology (DLT) ,
Exclusive Jurisdiction ,
Fraud ,
Misappropriation ,
NYDFS ,
Popular ,
Research and Development ,
Smart Contracts ,
State Attorneys General ,
State Legislatures ,
Trade Market Abuse ,
Trading Platforms ,
Virtual Currency ,
Young Lawyers
In this month's Privacy & Cybersecurity Update, we examine recent trends and court decisions, including a new law in Ohio that provides a safe harbor from tort-based data breach claims if the company adopts certain security...more
10/2/2018
/ Affirmative Defenses ,
Amended Rules ,
California Consumer Privacy Act (CCPA) ,
Class Action ,
Computer Fraud Insurance ,
Cybersecurity ,
Data Breach ,
Data Security ,
General Data Protection Regulation (GDPR) ,
Internet of Things ,
Personal Data ,
Popular ,
Privacy Policy ,
Private Right of Action ,
Social Engineering ,
State Attorneys General ,
State Legislatures ,
UK ,
UK ICO
On September 11, 2018, Judge Raymond J. Dearie of the U.S. District Court for the Eastern District of New York issued a new decision in U.S. v. Zaslavskiy, No. 1:17-cr-00647-RJD-RER, Dkt. No. 37 (E.D.N.Y. Sept. 11, 2018),...more
9/21/2018
/ Constitutional Challenges ,
Criminal Procedure ,
Criminal Prosecution ,
Cryptocurrency ,
Howey ,
Indictments ,
Initial Coin Offering (ICOs) ,
Motion to Dismiss ,
Notice Requirements ,
Question of Fact ,
Sales of Securities ,
Securities Fraud ,
Vagueness
In this month's edition of our Privacy & Cybersecurity Update, we examine Brazil's new data protection regulation, the French data protection authority's warning to two companies of potential GDPR violations and the U.S....more
9/7/2018
/ Appeals ,
Brazil ,
Breach Notification Rule ,
CNIL ,
Computer Fraud Insurance ,
Consent ,
Critical Infrastructure Sectors ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Protection Acts ,
Data Protection Authority ,
Data Protection Officers (DPOs) ,
Data Retention ,
Denial of Insurance Coverage ,
Department of Homeland Security (DHS) ,
Email ,
Enforcement Actions ,
EU ,
European Commission ,
European Economic Area (EEA) ,
Extraterritoriality Rules ,
France ,
Fraudulent Transfers ,
General Data Protection Regulation (GDPR) ,
Geological Data ,
International Data Transfers ,
Japan ,
Japan-EU Economic Partnership Agreement (EPA) ,
NCCIC ,
Personal Data ,
Policy Terms ,
Popular ,
Public Private Partnerships (P3s) ,
Reciprocity Rules ,
Reversal ,
Scams ,
Social Engineering ,
Spoofing ,
Standard Contractual Clauses ,
Warning Letters ,
Wire Fraud
On June 28, 2018, California Gov. Jerry Brown signed into law the California Consumer Privacy Act (CCPA or “the Act”), which is the broadest and most comprehensive privacy law enacted in the United States to date.1 The CCPA...more
7/12/2018
/ Anti-Discrimination Policies ,
Business Entities ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Consumer Protection Laws ,
Covered Entities ,
Cybersecurity ,
Damages ,
Data Breach ,
Data Collection ,
Data Storage ,
Disclosure Requirements ,
New Legislation ,
Opt-Outs ,
Personal Data ,
Popular ,
Portability ,
Privacy Laws ,
Privacy Policy ,
Private Right of Action ,
Right of Access ,
Right to Delete ,
State Attorneys General
The market for cryptocurrencies and the current wave of initial coin offerings (ICOs) that seek to raise capital for blockchain-based projects have enjoyed a swell of popularity in recent years. U.S. regulatory agencies and...more
6/20/2018
/ Blockchain ,
Breach of Contract ,
CFTC ,
Commodities ,
Cryptocurrency ,
Digital Currency ,
Enforcement Actions ,
Initial Coin Offering (ICOs) ,
Investment Contract ,
Popular ,
Rule 10(b) ,
Securities ,
Securities and Exchange Commission (SEC) ,
Securities Exchange Act ,
Token Sales ,
Unjust Enrichment ,
Unregistered Securities
“Smart contracts” are a critical component of many platforms and applications being built using blockchain or distributed ledger technology. Below, we outline the background and functions of smart contracts, discuss whether...more
5/8/2018
/ Ancillary Agreements ,
Automated Systems ,
Blockchain ,
Conditions of Payment ,
Corporate Counsel ,
Cryptocurrency ,
Distributed Ledger Technology (DLT) ,
Enforceability ,
Ethereum ,
Payment Systems ,
Penalties ,
Risk Allocation ,
Smart Contracts ,
Statute of Frauds ,
UETA ,
Uniform Commercial Code (UCC) ,
Young Lawyers
On March 6, 2018, Judge Jack B. Weinstein of the U.S. District Court for the Eastern District of New York ruled that virtual currencies are commodities under the Commodity Exchange Act (CEA) and therefore subject to the...more
3/8/2018
/ Administrative Authority ,
CFTC ,
Commodities ,
Commodity Exchange Act (CEA) ,
Derivatives ,
Enforcement Actions ,
Fraud ,
Jurisdiction ,
Market Manipulation ,
Preliminary Injunctions ,
Standing ,
Trial Court Orders ,
Virtual Currency
In 2017, the increased adoption of blockchain technology in various industries was partially obscured by the dramatic fluctuations in the price of bitcoins and the prevalence of so-called initial coin offerings (ICOs) to...more
2/1/2018
/ Anti-Money Laundering ,
Bank Secrecy Act ,
Bitcoin ,
BitLicense ,
Blockchain ,
Cryptocurrency ,
Department of Financial Services ,
FinCEN ,
Initial Coin Offering (ICOs) ,
NYDFS ,
Popular ,
Securities ,
Securities and Exchange Commission (SEC) ,
Smart Contracts ,
Virtual Currency