With the cybersecurity landscape evolving ever more rapidly, and the threats to businesses’ critical information and assets—as well as to their bottom lines—are only increasing. Breaches continue to grow in scale and sophistication, regulators are crowding the field with an expanding and shifting array of requirements and de facto standards, and litigation remains perilous. Now,
Webinar: Cyber Perspectives: The CPRA Regulatory Environment, With Jennifer Barrera, President and CEO, CalChamber
The California Privacy Rights Act (CPRA) will go into effect on January 1, 2023, even though the draft regulations remain unsettled, leaving companies questioning their ability to comply. In this talk with Jennifer Barrera of CalChamber, we’ll discuss some of the outstanding issues that will have impacts in the state, across the country, and, indeed,
Webinar: Cyber Spotlight: NYDFS Cybersecurity Regulation – What Do the Proposed Changes and Increasing Enforcement Mean for Covered Entities?
As cybersecurity and privacy risks mount, financial services companies face new concerns about compliance and enforcement as well as the risk of business interruption and costly litigation. In this Cybersecurity Awareness Month program, our lawyers will discuss the recent regulatory developments from the New York Department of Financial Services (NYDFS) that are presenting real-world challenges
President Biden Signs Executive Order on U.S. Intelligence Activities to Implement EU-U.S. Data Privacy Framework
On October 7, 2022, President Biden signed an Executive Order on Enhancing Safeguards for United States Signals Intelligence Activities,1 which is intended to implement U.S. commitments under the Trans-Atlantic Data Privacy Framework (DPF) announced in March 2022. With the new executive order, the Biden administration aims to strengthen the legal foundation for trans-Atlantic
US FTC Moves Forward on Privacy Rulemaking with Public Forum
On September 8, 2022, the Federal Trade Commission (FTC) held a virtual public forum on the agency’s release last month of an Advance Notice of Proposed Rulemaking (ANPR) to regulate the protection of consumers’ privacy and data security, which we covered in a prior Legal Update. In addition to allowing the public the opportunity
CA Attorney General Says ‘The Kid Gloves Are Coming Off’; Announces $1.2M Settlement with Retail Co. for CCPA Sales Violation
Online businesses that sell to California residents should take note of a recent enforcement action by the state’s attorney general (AG) signaling that adequate notice of sale must be provided in a business’s privacy policy, California residents’ opt-out requests must be honored, and, from the AG’s perspective, the use of third-party cookies for targeted advertising
US FTC Launches Rulemaking on Commercial Surveillance and Data Security Practices
On August 11, 2022, the Federal Trade Commission (FTC) voted 3-2 on partisan lines to file an Advance Notice of Proposed Rulemaking (ANPR) that would regulate the protection of consumers’ privacy and data security in a rulemaking titled “Trade Regulation Rule on Commercial Surveillance and Data Security.”
The release of this ANPR—in the midst of
Africa’s Innovation – July Developments Signal Attention Must Be Paid to Data Privacy Developments in Africa
Recent developments in Africa reflect that global companies should be focusing attention on data protection developments in the region. Tech companies, consumer packaged goods manufacturers, and retailers have focused on Africa as a growth market for their products and services as user adoption in the United States and European Union has flattened.1 As a
HIPAA Privacy Concerns Post-Dobbs
The United States Supreme Court recently issued its decision in Dobbs v. Jackson Women’s Health Org., ––– U.S. –––, 2022 WL 2276808 (2022), overturning Roe v. Wade, 410 U.S. 113 (1973), and Planned Parenthood of Southeastern Pennsylvania v. Casey, 505 U.S. 833 (1992). In holding that the U.S. Constitution does not protect
BIS Revises Export Controls on Cybersecurity Items Used for Malicious Cyber Activity
On May 26, 2022, the US Department of Commerce’s Bureau of Industry and Security (“BIS”) published a final rule revising the restrictions on the export, reexport and transfer (in-country) of certain “cybersecurity items” used for malicious cyber activities (“final rule”). Effective immediately upon publication, the final rule amends the October 21, 2021, interim final rule