State Law Privacy Video Series | Privacy and Sensitive Information
Podcast: CFIUS Update: Key Takeaways from the FIRRMA Implementing Regulations
X Agrees to Stop Processing EU Data to Train its Grok AI - Ireland’s Data Protection Commission (“DPC”) recently filed an urgent High Court application against X (formerly Twitter) for using the personal data of European...more
Does the R.R. Donnelley settlement mean heightened Securities and Exchange Commission (SEC) involvement in regulating public companies’ cybersecurity policies and practices? Our Securities Litigation, Privacy, Cyber & Data...more
We are pleased to announce that several of the firm’s practice groups and attorneys were recognized in the 2024 edition of Chambers USA, a directory of leading law firms and attorneys. Chambers and Partners annually...more
The Health Sector Cybersecurity Coordination Center (HC3) recently issued an Alert warning that “threat actors employing advanced social engineering tactics to target IT help desks in the health sector and gain initial access...more
The newly promulgated measures increase the threshold of data triggering security assessments and contract requirements while leaving room for Chinese authorities to heavily restrict cross-border data transfers. In...more
On March 28, 2024, the FTC released its annual Privacy and Data Security Update (Update), which highlights the enforcement actions, guidance, and rules promulgated by the agency from 2021 through 2023 to protect consumer data...more
On February 28, 2024, President Biden signed Executive Order (EO) 14117 titled “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern.” On March 5,...more
In our rapidly evolving digital landscape, all organizations are facing an onslaught of cybersecurity threats. According to recent research, victims of cyber attacks paid out a record $1.1 billion last year and have already...more
The U.S. cybersecurity and data privacy law framework continues to evolve and expand rapidly. Here, we share a summary of the eight new state data privacy and security laws that will take effect in 2024 and 2025. Businesses...more
Managing a remote cybersecurity team at colleges and universities involves addressing a unique set of challenges to ensure the security of sensitive data and infrastructure. There is an additional overlay of potential...more
On November 1, 2023, the New York State Department of Financial Services (“DFS”) amended its cybersecurity regulations to institute additional standards and controls aimed at securing sensitive data among the financial...more
Editor’s Note: In a rapidly evolving technological landscape, understanding the capabilities and limitations of platforms like Microsoft 365 (M365) is crucial for law firms, especially in the realms of eDiscovery and...more
From long-standing laws to incoming legislation, global nonprofits must understand the requirements and prepare for scrutiny in their handling of personal data. U.S. privacy regulations are currently a complex framework of...more
Join members of McDermott’s Global Privacy & Cybersecurity team and Alan Gutierrez-Arana of Mazars for the next installment in our PCI DSS 4.0 series. PCI DSS 4.0 brings major changes to payments with an increased focus on...more
Online sports betting has become a booming industry in recent years, with millions of people placing bets and wagers from their phones and computers. Ever since Murphy v. NCAA, the 2018 case in which the United States Supreme...more
Under the updated Rule, FIs are obligated to implement data security measures that will protect against data breaches and cyberattacks in order to prevent financial harm to consumers, including identity theft and loss of...more
A recent blog post by the leader of a cybersecurity platform provides a suggestion as to how gig economy companies can protect all the sensitive data they accumulate – and we can add a few more items to that checklist. Arti...more
President Biden issued Executive Order (EO) 14083 on September 15, 2022, establishing five factors for reviews by the Committee on Foreign Investment in the U.S. (CFIUS), and areas of heightened scrutiny for transactions...more
Outbound Data Transfer Security Review Measures - On July 7, 2022, the Cybersecurity Administration of China (“CAC”) issued the Outbound Data Transfer Security Assessment Measures (“Security Assessment Measures”) effective...more
Keypoint: The chances for the United States to finally enact a federal privacy bill appear to have increased with the circulation of a bipartisan discussion draft although its chances for passage are far from clear....more
Six months have now passed since China's Personal Information Protection Law (PIPL) became effective on November 1, 2021. As noted below, Chinese authorities have recently stepped up enforcement actions relative to PIPL....more
Efficiency, scalability, speed, increased cost savings, and advanced security for highly sensitive data remain in high demand by users of eDiscovery services. To meet that demand, cloud technology promised several of those...more
Following the SolarWinds and the Colonial Pipeline cyberattacks, the Biden Administration emphasized a shift toward mandatory cybersecurity requirements. Throughout 2021, government agencies issued new cybersecurity guidance,...more
On June 10, 2021, China’s national legislature – the Standing Committee of the National People's Congress passed the Data Security Law (the “DSL”). The DSL (see here for a non-official English translation) took effect on...more
Pick the date and news publication. After a few flips of the pages (or a scroll of the mouse), you’ll no doubt find an article about “ABC Company” reeling from a ransomware attack. This proliferation of cyberattacks is all...more