On May 9, the Federal Trade Commission (FTC) voted unanimously to delay enforcement of most portions of its amended Negative Option Rule (rule) by 60 days, shifting the compliance deadline for these portions from May 14 to...more
The Federal Trade Commission (FTC) has released its long-anticipated Negative Option Rule. The rule defines a negative option feature as “a provision of a contract under which the consumer’s silence or failure to take...more
On July 18, 2024, US District Judge Paul Engelmayer of the Southern District of New York issued a detailed 107-page opinion and order dismissing most of the US Securities and Exchange Commission (SEC) case against SolarWinds...more
Introduction The UK’s Online Safety Act (OSA) imposes extensive obligations on certain types of online service providers to protect users from illegal and harmful content. A key focus of the OSA is the protection of children...more
A flood of class action lawsuits have been filed against companies alleging violations of New Jersey’s Daniel’s Law. The statute – enacted after the son of a New Jersey federal judge was fatally shot by a disgruntled lawyer –...more
With 8-K reporting obligations for “material” cybersecurity incidents under the new Securities and Exchange Commission (SEC) rules becoming effective as of December 18, 2023, most companies will soon be tasked with making...more
On July 26, 2023, the Securities and Exchange Commission (SEC) voted at an open meeting to adopt final rules to mandate standardized cybersecurity disclosures by public companies. The final rules will...more
8/3/2023
/ Cyber Incident Reporting ,
Cybersecurity ,
Disclosure Requirements ,
Final Rules ,
Form 10-K ,
Form 8-K ,
Publicly-Traded Companies ,
Regulation S-K ,
Reporting Requirements ,
Risk Management ,
Securities and Exchange Commission (SEC)
On July 13, 2023, the White House unveiled its National Cybersecurity Strategy Implementation Plan (NCSIP or implementation plan), following the release of the National Cybersecurity Strategy....more
A California court order has delayed enforcement of the implementing regulations for the California Privacy Rights Act of 2020 (CPRA) until March 29, 2024. The California Superior Court of Sacramento County issued the court...more
On February 27, 2023, the US Federal Trade Commission (FTC) published new Business Blog guidance from Division of Advertising Practices staff about marketing claims for artificial intelligence products. While prior FTC AI...more
Key takeaways -
The National Institute of Standards and Technology published the Artificial Intelligence Risk Management Framework on January 26, 2023...more
Key Takeaways -
On August 11, 2022, the Federal Trade Commission announced an advance notice of proposed rulemaking (ANPR) to initiate a process that would allow it to develop and enforce rules on what the FTC has termed...more
On Thursday, May 19, 2022, the five Federal Trade Commission (FTC) Commissioners unanimously approved a Policy Statement on the Children’s Online Privacy Protection Act (COPPA). President Joe Biden issued a statement of...more
On May 16, 2022, eight months after President Joe Biden announced his intention to nominate Alvaro Bedoya to serve as a commissioner of the Federal Trade Commission, Bedoya was sworn in. The FTC includes five commissioners –...more
Nearly a year after the Supreme Court stripped the FTC of its ability to obtain equitable monetary relief under Section 13(b) of the Federal Trade Commission Act (FTCA) in AMG Capital Management LLC v. FTC, the Commission...more
China’s Personal Information Protection Law (PIPL) requires that operators of critical information infrastructure (e.g., China Mobile) and personal information processors that process personal information in an amount that...more
As explained in our previous blog post, in addition to the requirements for adopting a cross-border transfer mechanism, China’s Personal Information Protection Law (PIPL) and the European Union’s General Data Protection...more
Multinational companies often encounter questions regarding if and when they can transfer personal information across borders. The People’s Republic of China’s Personal Information Protection Law (PIPL) adds new...more
On March 9, 2022, the Securities and Exchange Commission announced that it proposed rules that would expressly mandate cybersecurity disclosures by public companies. The rules would require disclosure of material...more
The US Department of Justice has announced the appointment of Eun Young Choi as the first director of the National Cryptocurrency Enforcement Team. Choi has been a DOJ prosecutor for nearly a decade and most recently served...more
Introduction -
On June 3, 2021, the US Supreme Court issued its decision in Van Buren v. United States in the Court’s first-ever interpretation of the Computer Fraud and Abuse Act (CFAA), the federal anti-hacking statute....more
Federal Trade Commission (FTC) staff published a blog post that highlights increased cybersecurity threats and emphasizes the key role corporate boards play in a successful cybersecurity program: “Corporate boards: don’t...more
Earlier this week, the United States Court of Appeals for the Second Circuit held that where personal information is disclosed without authorization, impacted individuals may have standing to sue if they can show an...more
The US Supreme Court ruled last week that the Federal Trade Commission doesn’t have the authority to seek equitable monetary relief in federal court under Section 13(b) of the FTC Act in AMG Capital Management LLC v. FTC....more
The rules proposed by the US Department of Commerce’s National Telecommunications and Information Administration in its recent petition for rulemaking asking the Federal Communications Commission to interpret Section 230 of...more