2BInformed: How TSCA Amendments Impact Industries and Managing the EPA’s Risk Evaluations
Podcast - Developments in FDA & DOJ Regulation and Enforcement of Manufacturer Communications
Newly Amended Dual Agency Disclosure Law: Much Ado About Nothing
The US Securities and Exchange Commission has adopted amendments to Regulation S-P requiring entities under its remit to provide notice to individuals affected by certain types of data breaches. This adds yet another...more
Welcome to the Data Privacy and Cybersecurity chapter of our annual report Consumer Financial Services 2023 Year in Review. Looking Ahead to 2024 - Amendments to key rules and regulations will take effect in 2024,...more
The New York Department of Financial Services recently amended its Cybersecurity Regulation. The revisions aim to strengthen cybersecurity and technology controls to address evolving threats to consumer data and ensure the...more
On November 1, 2023, the New York Department of Financial Services (NYDFS) adopted amendments to its Cybersecurity Regulation, 23 NYCRR Part 500 (Cybersecurity Regulation). This is the second amendment (Amendment) to its...more
On November 1, 2023, New York Department of Financial Services (NYDFS or the “Department”) released the finalized revisions (the “Second Amendment”) to 23 NYCRR Part 500 (Part 500) – the most significant modifications to Part...more
The New York State Department of Financial Services (NYDFS) adopted comprehensive amendments to its cybersecurity regulation on Nov. 1, 2023. The amended regulation, including the notification provisions of §500.17, goes into...more
The New York Department of Financial Services (NYDFS) adopted a long-expected amendment to its Part 500 Cybersecurity Regulations (Part 500) this week. These are the first significant changes to Part 500 since its inception...more
On July 26, 2023, the Securities and Exchange Commission (“SEC”) adopted final rules, rule amendments and form amendments to expand and standardize disclosures regarding cybersecurity risk management, strategy, governance,...more
In this month’s Privacy & Cybersecurity Update, we examine Iowa’s new data privacy law (the sixth state to enact a privacy law), the Biden administration’s new national cybersecurity strategy, the U.K. government’s revised...more
On Nov. 9, 2022, the New York State Department of Financial Services (NYDFS) published a proposed second amendment to its cybersecurity regulation. This follows its pre-proposed amendment that was published on July 29. ...more
Indiana has made a minor amendment to its data breach notification law. Starting July 1, companies who are obligated to notify under the law must do so (to affected individuals and the Indiana Attorney General) without...more
The New York Department of Financial Services (“DFS”) is turning up the heat on cybersecurity once again. During its first-ever Cybersecurity Symposium on March 29, DFS announced a series of new measures that will require...more
Over the last several months, a minority of states amended their data breach notification statutes or enacted sector-specific breach notification requirements. ...more
Since it first went into force in 2009, the European Union’s regulation on the export control of dual-use items has undergone several updates to account for emerging technological and other challenges, including cybersecurity...more
The Regulations to the California Consumer Privacy Act (CCPA) continue to evolve, in confusing fashion. As background, the AG’s Office had previously issued proposed Regulations to the CCPA in October 2019. The AG’s Office...more
We are now over a year on from the major changes made to the European data protection regime by the GDPR so it is time to revisit what the changes mean now for the hospitality sector and investment in it, given increased...more
While we’ve all discussed the California Consumer Privacy Act (CCPA) at length, Nevada was busy amending its internet privacy law and in the process beat California’s deadline for the effective date by three months. Nevada’s...more
On May 24, 2019, Oregon Governor Kate Brown signed into law Senate Bill 684, which requires vendors, service providers and other entities that maintain or possess consumers’ personal information to notify consumers of a...more
Oregon amended its data breach notice statute (ORS §§ 646A.600 – 646A.628) on May 24, 2019. Beginning January 1, 2020, Oregon will be the first state to explicitly require vendors to notify the attorney general about data...more
In the 2018 edition of this publication, we ended the introduction with the line, “We can only hope that we will enter 2019 with greater certainty than 2018 as to how the regulatory landscape will look.” Unfortunately,...more
On August 7, 2017, the SEC’s Office of Compliance Inspections and Examinations (OCIE) issued a Risk Alert providing a summary of the staff’s observations from sweep exams of broker-dealers, investment advisers and funds...more
One of the most important areas of regulation for defense contractors is the International Traffic In Arms Regulations (“ITAR”). ITAR are the State Department controls that regulate the defense industry. Companies regulated...more
Regulatory Developments - NYDFS Announces Approval of First BitLicense Application from a Virtual Currency Firm: The New York State Department of Financial Services (NYDFS) announced Sept. 22 that it has approved...more