Foley Hoag LLP - Security, Privacy and the Law

Contact
Share
Info
Firm Profile: Foley Hoag LLP
Seaport West
155 Seaport Boulevard
Boston, MA 02210, United States
Phone: 617-832-1000
Fax: 617-832-7000
Areas Of Practice
  • Privacy
  • Science, Computers, & Tech
Locations
Other U.S. Locations
  • D.C.
  • Massachusetts
  • New York
Other Countries
  • France
Number of Attorneys
100+ Attorneys

Colorado’s Newly Released Data Privacy Regulations Get Specific Regarding Design and Technical Specifications

We have written previously regarding Colorado’s adoption of the Colorado Privacy Act (CPA)—describing its provision of consumer data rights, how it may function within the context of the cannabis industry, and how business might…more

Colorado, Consumer Privacy Rights, Data Privacy, Final Rules, Personal Data

See all updates »

SEC Revamps and Enhances Data Protections with Amendments to Regulation S-P

The Securities and Exchange Commission (“SEC”) has announced the adoption of amendments to Regulation S-P (“Amendments”) to modernize and enhance the rules that govern the treatment of consumers’ nonpublic personal information…more

Broker-Dealer, Customer Information, Cybersecurity, Data Privacy, Data Protection

See all updates »

Regulators Step Up Scrutiny of Cryptocurrency Advertising as Industry Stance Softens

We posted earlier this year about increased scrutiny of cryptocurrency advertising, especially the promotion of Initial Coin Offerings, or ICOs. The key takeaway from that post was that the frenzy around cryptocurrencies –…more

Advertising, Bitcoin, Cryptocurrency, Federal Trade Commission (FTC), Initial Coin Offering (ICOs)

See all updates »

Supreme Court Considers Modern Applicability of TCPA's Robocall Ban in Duguid v. Facebook

On December 8, 2020, the Supreme Court heard oral argument in Duguid v. Facebook, a landmark case that will determine whether a consumer can sue a company for using automated technology to text or call that consumer at a phone…more

ATDS, Auto-Dialed Calls, Certiorari, Data Storage, Facebook

See all updates »

Cybersecurity 2019: Data Privacy Trends

In 2018, privacy and data security crossed a number of thresholds. In the public mind, through high-profile data breaches and revelations about unexpected uses of personal information, questions of privacy became much more…more

Attorney General, California Consumer Privacy Act (CCPA), Consumer Privacy Rights, COPPA, Cryptocurrency

See all updates »

Cybersecurity 2020 — The Year in Preview: Top 11 CCPA Developments to Watch Out for in 2020

Editors’ Note: This is the first in our fourth-annual end-of-year series examining important trends in data privacy and cybersecurity in the coming year. Up next: a look at trends in the energy space. Lists of “top” things used…more

Advertising, Best Practices, California Consumer Privacy Act (CCPA), Consumer Privacy Rights, Corporate Counsel

See all updates »

Data Breach Prevention and Response: Avoiding Potential Pitfalls and Implementing Best Practices to Protect Your Company

In This Presentation: - Overview of data breach landscape - Data breach response ..Technical best practices ..Legal best practices - Data breach prevention ..Technical best practices ..Legal best…more

Best Management Practices, Data Breach, Data Protection, Risk Assessment, Risk Management

See all updates »

SEC Revamps and Enhances Data Protections with Amendments to Regulation S-P

The Securities and Exchange Commission (“SEC”) has announced the adoption of amendments to Regulation S-P (“Amendments”) to modernize and enhance the rules that govern the treatment of consumers’ nonpublic personal information…more

Broker-Dealer, Customer Information, Cybersecurity, Data Privacy, Data Protection

See all updates »

EU Commission Issues Communication about GDPR

The EU Commission issued today a “Communication to the European Parliament and the Council” which is entitled “Data protection rules as a trust enabler in the EU and beyond- taking stock”, which outlines the current state of EU…more

Data Protection, Data Protection Authority, EU, EU Data Protection Laws, European Commission

See all updates »

Practical Tips to Avoid Being Caught in an IRS Phishing Trap

As a follow-up to our recent discussion of IRS-related phishing attempts, here are a few quick tips to stay out of the phishing traps: ..In general, the IRS does not communicate with taxpayers via e-mail, so any time…more

IRS, Phishing Scams

See all updates »

Thirty-Three State Attorneys General Show Support for FTC’s Proposed Crackdown on “Commercial Surveillance”

On August 22, 2022, the Federal Trade Commission (“FTC”) indicated through the Advanced Notice of Proposed Rulemaking its intent to limit commercial surveillance – the common corporate practice of collecting, analyzing, and…more

Advanced Notice of Proposed Rulemaking (ANPRM), Biometric Information, Consumer Data Requests, Customer Information, Cybersecurity

See all updates »

New Credit Card Security Doesn’t Go Far Enough

Hardly a week goes by without a news report of a new cyberattack. As any consumer affected by fraud knows, the harm is real. The impact on businesses, government, and other targets is also real, and includes monetary harm and…more

Banking Sector, Credit Cards, Cyber Attacks, Cyber Crimes, Cybersecurity

See all updates »

Proposed South Carolina Biometric Legislation Could Break New Ground

Over two years ago, in our annual year in preview series, we noted that while only three states had passed laws specifically dealing with the protection of biometric information, other states were considering following their…more

Biometric Information, Biometric Information Privacy Act, California Consumer Privacy Act (CCPA), Corporate Counsel, Privacy Laws

See all updates »

Deadline to Comment on Proposed Rules Impacting Infrastructure as a Service Providers Approaching

On January 29, 2024, BIS proposed a rule that would impose new requirements for U.S. providers of Infrastructure as a Service (“IaaS”) products and their foreign resellers. The proposed rule would require U.S. IaaS providers and…more

Artificial Intelligence, Bureau of Industry and Security (BIS), Comment Period, Cybersecurity, IaaS

See all updates »

New EU-US Data Privacy Framework Promises Greater Ease for Cross-Border Transfers, but Uncertainty Remains

On July 10, 2023, the European Commission (EC) adopted its adequacy decision for the EU-U.S. Data Privacy Framework (EU-U.S. DPF, or “Privacy Framework”), which establishes the Privacy Framework as an authorized mechanism under…more

Court of Justice of the European Union (CJEU), Cross-Border Transactions, Cybersecurity Framework, Data Privacy, Data Protection

See all updates »

State Data Privacy Law Development Proceeds Apace

2023 is turning out to be the year of the state privacy law, including new laws in five states with the possibility of more to come.  Indeed, in recent days both Indiana and Iowa have likewise passed new statutes, which we will…more

California Consumer Privacy Act (CCPA), California Privacy Rights Act (CPRA), Consumer Privacy Rights, Corporate Counsel, Covered Entities

See all updates »

CISA, FBI, and DOE Release Joint Cybersecurity Advisory in Light of Increased Threats to Energy Sector’s Cybersecurity

On March 24, 2022, the Department of Justice unsealed two indictments charging four Russian government employees in two hacking campaigns that targeted critical infrastructure in the energy sector. We cover these indictments in…more

Criminal Prosecution, Critical Infrastructure Sectors, Cyber Attacks, Cybersecurity, Cybersecurity Information Sharing Act (CISA)

See all updates »

Is Your Company’s Board of Directors Cyber Savvy?

Every company should expect that at some point it will experience a data breach. Whether as a result of hackers, disgruntled employees, or careless acts such as losing an unencrypted phone or laptop, data breaches may subject…more

Best Practices, Board of Directors, Chief Information Officers (CIO), Corporate Governance, Cyber Attacks

See all updates »

Cybersecurity 2020 — The Year in Preview: Top 3 State AG Trends to Watch in 2020

Editors’ Note: This is the fifth in our fourth-annual end-of-year series examining important trends in data privacy and cybersecurity in the coming year. Our previous entry discussed the CCPA, energy, Brexit, and health privacy…more

California Consumer Privacy Act (CCPA), Consumer Privacy Rights, Cybersecurity, Data Privacy, Department of Justice (DOJ)

See all updates »

Obama Executive Order Targets International Cyberattacks Against U.S. with New Sanctions

As part of a series of measures aimed at increasing preparedness and defenses against international cyberattacks on U.S. industries and government agencies, on April 1, President Obama issued Executive Order No. 13694,…more

Barack Obama, Cyber Attacks, Cybersecurity, National Security, Office of Foreign Assets Control (OFAC)

See all updates »

Cybersecurity 2021 – The Year in Preview: The FTC’s Enforcement Priorities

Editors’ Note: This is the fourth in our fifth-annual end-of-year series examining important trends in data privacy and cybersecurity in the coming year. Read our previous posts on Energy, Cannabis, and the GDPR. As the Trump…more

Biden Administration, Competition, Enforcement Actions, Federal Trade Commission (FTC), Popular

See all updates »

Where Should Broker Dealers Invest Today? Cyber Security Compliance

With cyber security threats on the rise, broker dealers must prioritize protection of electronic investor information. What cyber security threats exist for broker dealers? In its 2015 Report on Cyber Security Practices, the…more

Broker-Dealer, Cyber Insurance, Cybersecurity, Financial Industry Regulatory Authority (FINRA), Popular

See all updates »

Cybersecurity Best Practices for Retirement Plans: How to Prepare for the Coming Department of Labor Cybersecurity Audits

Are your employer-sponsored retirement accounts exposed to cybersecurity threats? How should you and those who are entrusted with your retirement assets mitigate cybersecurity risks? The official who leads the Employee Benefit…more

Benefit Plan Sponsors, Best Practices, Cybersecurity, Department of Labor (DOL), EBSA

See all updates »

In Van Buren v. U.S., Supreme Court Clarifies Scope of CFAA, the Federal Anti-Hacking Statute

In Van Buren v. United States, the Supreme Court has issued its first ever opinion interpreting the Computer Fraud and Abuse Act. The CFAA, originally conceived as an anti-hacking statute, broadly prohibits, and imposes civil…more

Computer Fraud and Abuse Act (CFAA), Databases, Police, SCOTUS, Unauthorized Access

See all updates »

Cybersecurity 2019: Data Privacy Trends

In 2018, privacy and data security crossed a number of thresholds. In the public mind, through high-profile data breaches and revelations about unexpected uses of personal information, questions of privacy became much more…more

Attorney General, California Consumer Privacy Act (CCPA), Consumer Privacy Rights, COPPA, Cryptocurrency

See all updates »

NY State Education Department Bans Facial Recognition Technology

In late September, the NY State Education Department issued a two-page order providing that NY public schools may not purchase or utilize facial recognition technology. The Department relied on a report issued by the NY Office…more

Artificial Intelligence, Biometric Information, Department of Education, Educational Institutions, Facial Recognition Technology

See all updates »

Here Comes a New California Privacy Law! A Preliminary Look at the CPRA.

California voters on Election Day passed the California Privacy Rights Act (CPRA), an update and partial overhaul to the California Consumer Privacy Act (CCPA), the landmark 2018 privacy law. The new CPRA strengthens existing…more

American Civil Liberties Union (ACLU), California Consumer Privacy Act (CCPA), California Privacy Rights Act (CPRA), Data Collection, Data Privacy

See all updates »

Minimizing Litigation Risk: What Cybersecurity Auditors Can Learn From Their Financial Statement Auditor Analogues

Data breaches – always critically important to those with responsibility for storing, transporting and protecting electronic information – have become an all-consuming topic of late. Stories about data theft dominate political…more

Cyber Crimes, Cybersecurity, Data Breach, Financial Reporting, Financial Services Industry

See all updates »

OFAC Publishes New Guidance for the Virtual Currency Industry

The U.S Department of the Treasury’s Office of Foreign Assets Control (OFAC) has published guidance to aid members of the virtual currency industry (ranging from tech companies to brokers to users) in complying with OFAC…more

Compliance, Cryptocurrency, Economic Sanctions, Financial Institutions, Financial Services Industry

See all updates »

Lessons Learned From The Greek Supervisory Authority’s PwC Decision on Employee Data Under GDPR

On 26 July 2019, the Greek Supervisory Authority (SA) found Pricewaterhouse Coopers (“PwC”) not compliant with General Data Protection Regulation (GDPR) in relation to the processing of its Greek employees’ personal data. The SA…more

Corporate Counsel, Data Controller, Data Processors, Employee Privacy Rights, Employer Liability Issues

See all updates »

FTC Likely to Continue Focus on Health Care Data

In recent years, the FTC has increasingly focused on protecting consumers’ access to healthcare, through both its competition and its consumer protection missions. Similarly, the FTC has become a force in federal privacy…more

Data Breach, Data Privacy, Department of Health and Human Services (HHS), Digital Health, Federal Trade Commission (FTC)

See all updates »

Cyberattacks on the Energy Sector Continue to Rise

Cyberattacks on the energy sector have been rapidly growing since 2017, and we saw an all-time high of cyberattack events on the sector in 2022. The energy sector is particularly vulnerable due to these types of attacks due to…more

Critical Infrastructure Sectors, Cyber Attacks, Cyber Crimes, Cybersecurity, Distributed Energy Resources (DERs)

See all updates »

Deadline to Comment on Proposed Rules Impacting Infrastructure as a Service Providers Approaching

On January 29, 2024, BIS proposed a rule that would impose new requirements for U.S. providers of Infrastructure as a Service (“IaaS”) products and their foreign resellers. The proposed rule would require U.S. IaaS providers and…more

Artificial Intelligence, Bureau of Industry and Security (BIS), Comment Period, Cybersecurity, IaaS

See all updates »

NY State Education Department Bans Facial Recognition Technology

In late September, the NY State Education Department issued a two-page order providing that NY public schools may not purchase or utilize facial recognition technology. The Department relied on a report issued by the NY Office…more

Artificial Intelligence, Biometric Information, Department of Education, Educational Institutions, Facial Recognition Technology

See all updates »

Seven Major U.S. Tech Organizations Voluntarily Commit to A.I. Safeguards

On July 21, 2023, the White House announced that seven leading A.I. organizations (Amazon, Anthropic, Google, Inflection, Meta, Microsoft, and OpenAI) agreed on and committed to immediately implementing voluntary safeguards for…more

Artificial Intelligence, Online Platforms, Regulatory Agenda, Regulatory Requirements, Technology Sector

See all updates »

OIG Report Reveals HHS Cybersecurity Vulnerabilities

On December 19, the US Department of Health and Human Services’ (HHS) Office of the Inspector General (OIG) released a report indicating continued cybersecurity vulnerabilities among HHS’ four operating divisions based on FY…more

Cybersecurity, Department of Health and Human Services (HHS), OIG, Popular

See all updates »

In Wake of Healthcare System Cyberattack, 22 State Attorneys General Call for Further Action of Data Privacy

On April 25, 2024, the attorneys general of 22 states issued a letter encouraging UnitedHealth Group and its subsidiary, Change Healthcare, to take additional steps to respond to a massively disruptive cyberattack. The broad,…more

Antitrust Provisions, Consumer Protection Laws, Cyber Attacks, Cyber Crimes, Cybersecurity

See all updates »

Yes, You Were Likely a Victim of the Equifax Hack, But Here’s What You Can Do Now

As we previously said, the Equifax breach affects approximately 143 million Americans. While the hackers stole data that includes addresses, birth dates, full names and Social Security numbers, there are steps you can take today…more

Credit Reporting Agencies, Cyber Attacks, Data Breach, Equifax, Hackers

See all updates »

Cybersecurity 2021 – The Year in Preview: The GDPR's New Transfer Landmines

Editors’ Note: This is the third in our fifth-annual end-of-year series examining important trends in data privacy and cybersecurity in the coming year. Read our previous posts on Energy and Cannabis. A year ago, transferring…more

Court of Justice of the European Union (CJEU), Cybersecurity, Data Privacy, Data Protection, EU

See all updates »

GDPR, CCPA and Now, the NY SHIELD Act: Additional Data Security Responsibilities for Companies Holding the Private Information of NY Residents

On March 21, 2020, the last of the features of the NY Stop Hacks and Improve Electronic Data Security Act (“SHIELD Act”) became effective: its data security requirements. The SHIELD Act is a sweeping statute governing…more

California Consumer Privacy Act (CCPA), Data Breach, Data Privacy, Data Security, EU

See all updates »

French Data Protection Authority Rules on Transfers of Health Data

The French Conseil d’Etat handed down an important decision October, 13th regarding privacy and personal data protection. This decision comes in the wake of the “Schrems II” ruling of the Court of Justice of the European Union…more

CNIL, Coronavirus/COVID-19, Corporate Counsel, Court of Justice of the European Union (CJEU), Data Protection

See all updates »

OFAC Publishes New Guidance for the Virtual Currency Industry

The U.S Department of the Treasury’s Office of Foreign Assets Control (OFAC) has published guidance to aid members of the virtual currency industry (ranging from tech companies to brokers to users) in complying with OFAC…more

Compliance, Cryptocurrency, Economic Sanctions, Financial Institutions, Financial Services Industry

See all updates »

The Health Sector Cybersecurity Coordination Center’s September 19 Threat Briefing on Healthcare Technology Security

As healthcare technology continues to evolve, so does the need for robust compliance strategies to safeguard patient information and ensure the integrity of medical devices. In a joint September 19, 2024 presentation, the…more

Artificial Intelligence, Cyber Crimes, Cyber Incident Reporting, Cybersecurity, Data Breach

See all updates »

This profile may constitute attorney advertising. Prior results do not guarantee a similar outcome. Any correspondence with this profile holder does not constitute a client/attorney relationship. Neither the content on this profile nor transmissions between you and the profile holder through this profile are intended to provide legal or other advice or to create an attorney-client relationship.

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide