Doc Fees Decoded: The Price of Paperwork in Auto Sales — Moving the Metal: The Auto Finance Podcast
PODCAST: Williams Mullen's Benefits Companion - Gag Clause Prohibitions
Episode 371 -- DOJ's New Corporate Enforcement Program
Podcast - New Guidance on Complying with FTC Rule on Deceptive and Unfair Fees
Welcoming a New Payment Pro: Jason Cover Joins the Payments Pros Podcast — Payments Pros – The Payments Law Podcast
(Podcast) The Briefing: Influencer Fail – ALO Yoga & Influencers Named in $150M Class Action Lawsuit for FTC Violations
The Briefing: Influencer Fail – ALO Yoga & Influencers Named in $150M Class Action Lawsuit for FTC Violations
Compliance into the Weeds: Leaving on a (Qatari) Jet Plane
LEGAL ALERT | NAD Finds Kevin Hart’s Social Media Disclosures Insufficient in Monitoring Decisions
Choosing Your LDA Reporting Path for 2025
Bar Exam Toolbox Podcast Episode 305: Spotlight on Civil Procedure (Part 2 – Discovery)
Compliance Tip of the Day: Clarifying Compliance Mandates
Consumer Finance Monitor Podcast Episode: How to Use the Restatement of Consumer Contracts - A Guide for Judges
Compliance Tip of the Day: Corporate Leaks and Compliance
Greenhushing: What It Is & Why It Matters
(Podcast) The Briefing: Navigating the Legal Risks for Brands in Social Media Marketing – Part 2 (Archive)
The Briefing: Navigating the Legal Risks for Brands in Social Media Marketing – Part 2 (Archive)
AI Washing: Simple Guidance to Avoid Risk
Tech Debt is Common. What does it mean for IPO readiness from a cybersecurity perspective?
Episode 332 -- Deep Dive into SEC’s Internal Controls and Cybersecurity Settlement with R&R Donnelly
Unlike Europe’s comprehensive General Data Protection Regulation framework, the United States still lacks an all-encompassing data privacy statute. Instead, data centers operating in the United States must navigate a complex...more
On May 12, 2025, the Defense Counterintelligence and Security Agency (DCSA) released an updated Standard Form 328 (SF-328), “Certificate Pertaining to Foreign Interests.”...more
Cyber regulations are crucial for the protection of individuals and businesses and aid in risk minimization; failure to comply with these regulations can result in severe consequences such as financial penalties, legal...more
Our Privacy, Cyber & Data Strategy Team discusses how to overcome five challenges companies face in the wake of a data security incident when reviewing impacted data to comply with legal obligations....more
On June 12, 2025, the SEC formally withdrew 14 rule proposals, all but one of which were introduced during Gary Gensler’s tenure as SEC Chair. The SEC did not provide a reason for the withdrawals but stated that if it decides...more
Last month, Paul Hastings sponsored the Cybersecurity Law Workshop at the Spring Privacy & Security Forum held at George Washington University in Washington, D.C. The Cybersecurity Workshop featured three panels of experts...more
On Feb. 20, the U.S. Securities and Exchange Commission announced the creation of the Cyber and Emerging Technologies Unit, which will replace the Enforcement Division’s previous Crypto Assets and Cyber Unit. Originally...more
Petition for Rulemaking with Respect to Cybersecurity Incident Disclosure - A group of financial services industry trade associations submitted a joint petition for rulemaking requesting that the SEC amend the...more
On June 12, the Securities and Exchange Commission (SEC) formally withdrew 14 proposed rules for investment advisers, broker-dealers and public companies, many of which had been pending for several years. Should the SEC...more
The cybercrime group known as Scattered Spider is at it again, according to Google’s Threat Intelligence Group. This criminal group is known to focus its cyber attacks on one sector at a time. Last spring, it was the retail...more
On June 12, 2025, the SEC issued a notice (the “Notice”) formally withdrawing certain proposed rulemakings issued in 2022 and 2023. Of particular interest to the investment management industry, the Notice withdraws the...more
Adopted in July 2023, the US Securities and Exchange Commission (SEC)’s cybersecurity disclosure rules require public companies to report material cybersecurity incidents on Form 8-K and to annually report on their...more
As of 29 May 2025, the requirement on businesses to report ransomware payments they make has come into effect. What is the Requirement? If a reporting business entity becomes impacted by a cyber security incident and ends up...more
Australia has implemented a first-of-its kind requirement for eligible businesses to report ransomware payments. From 30 May 2025, eligible businesses that make a payment in response to a cyber security incident, or become...more
On May 30, the ransomware payment reporting requirements of Australia’s Cyber Security Act 2024 (CSA) took effect. The new requirement applies to a broad range of entities and cyber security incidents, requiring reporting...more
In late May 2025, the Securities Industry and Financial Markets Association (SIFMA), together with the American Bankers Association, Bank Policy Institute, Independent Community Bankers of America, and Institute of...more
The life sciences sector remains a critical area of focus for the US Securities and Exchange Commission (SEC) under the current administration. Companies operating in the healthcare, pharmaceutical, biotechnology, and medical...more
The Oklahoma State Legislature recently enacted Senate Bill 626, amending its Security Breach Notification Act, effective January 1, 2026, to address gaps in the state’s current cybersecurity framework (the “Amendment”). The...more
As described in an earlier alert, the Department of Justice (DOJ) recently announced a 90-day pause in enforcement of the "Bulk Data Rule" for entities engaging in good faith compliance. That 90-day grace period ends on July...more
On May 27, 2025, the Federal Communications Commission (FCC or Commission) released a Notice of Proposed Rulemaking (Foreign Adversary NPRM or NPRM) that seeks to promote U.S. national security by providing “a new and...more
In today's world, violations of individual privacy and secret disclosure are a serious problem. It may be eavesdropping, interception, recording, and the spreading of personal information without the consent of the other...more
During the 2024 legislative session, the Colorado General Assembly passed Senate Bill 24-205, which is known as the Colorado Artificial Intelligence Act (CAIA). This law will take effect on February 1, 2026, and requires...more
Katten's Privacy, Data and Cybersecurity Quick Clicks is a monthly newsletter highlighting the latest news and legal developments involving privacy, data and cybersecurity issues across the globe....more
Foreign nationals visiting the United States, and even returning U.S. citizens and other legal residents (with valid visas), face increasing digital privacy risks and potential entry challenges when arriving at U.S. ports of...more
In 2023 and 2024, our public company clients were focused on complying with the SEC’s cyber disclosure rules—and on the risk from big, high-profile government enforcement actions like the SolarWinds case. But with a new SEC...more