President Biden issued the Executive Order on Improving the Nation’s Cybersecurity (“Cyber EO”) on May 12, 2021. The Cyber EO is ambitious in scope and sets aggressive timelines for its implementation. It seeks to both strengthen the cybersecurity of the federal government and push the private sector to further strengthen its approach to cybersecurity. Indeed,

Virginia has become the second state to enact a comprehensive consumer data privacy statute in the United States. Signed into law by Virginia Governor Ralph Northam on March 2, 2021, the Consumer Data Protection Act (“CDPA”) will take effect on January 1, 2023. While the CDPA shares some key components with the California Consumer Privacy

While most companies are squarely focused on the California Consumer Privacy Act (CCPA), 2019 has seen other major developments on data privacy and security. Several states have reacted to the CCPA by passing or pursuing their own security and privacy legislation, and others will likely follow. Namely, Nevada, New York, Maine and North Dakota have

On February 11, 2019, President Trump signed an “Executive Order on Maintaining American Leadership in Artificial Intelligence” (the “Order”) and, in doing so, set out a high-level strategy to strengthen the leadership position that the United States has maintained in AI. Important for companies, the Order sets off a number of opportunities for the private

The state of California recently enacted the most sweeping general privacy statute in the United States. The California Consumer Privacy Act, codified in Assembly Bill 375 (“CCPA”), will take effect on January 1, 2020, and is intended to give California consumers more control over their personal information and how it is collected, used and sold

On June 6, 2018, the US Court of Appeals for the Eleventh Circuit ruled in favor of LabMD in the medical testing company’s closely watched challenge to the Federal Trade Commission’s (“FTC”) data security enforcement action. While assuming that the FTC was correct that LabMD’s allegedly unreasonable security practices constituted an unfair act or practice

On May 11, 2017, President Donald Trump signed Executive Order 13800 (“EO 13800”), titled “Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure.” This executive order constitutes the first significant action to address cybersecurity by the Trump administration. The executive order is divided into three sections addressing cybersecurity for federal networks, critical infrastructure, and the

Cybersecurity and data privacy issues continued to grow in significance for multinational businesses over the past 12 months, further heightening the importance of preparing and responding in a strategic, coordinated and enterprise-wide manner in 2017.

The Trump administration has publicly provided limited details so far about its plans for cybersecurity and data privacy policy. Reports

Companies across industry sectors have developed risk-based cybersecurity programs to respond to the substantial and complex cyber threats they face. Managing regulatory risk has become an important element of these cybersecurity programs, as regulators use rules, enforcement actions, and guidance to establish an increasingly complex framework of regulatory expectations.

This 80-page book offers insights on

The Telephone Consumer Protection Act (TCPA) has become fertile ground for plaintiffs seeking to use the prospect of aggregated statutory damages to extract sizable settlements. Although enacted to protect consumers, the law is being enforced in a manner that harms them by preventing them from receiving important telephone calls and text messages from businesses that