Breaches & Incident Response

The General Data Protection Regulation (“GDPR”) entered into force on May 25, 2018 (“GDPR Day”). Introducing a new regime for the protection of personal data in the European Union (“EU”), the GDPR imposes new obligations on organizations dealing with personal data.

Under the GDPR, a personal data breach is defined as “a breach of security

On 7 November 2016, the Standing Committee of the National People’s Congress of China (NPC) passed the controversial Cybersecurity Law (the “CSL”). The CSL has gone through three readings since the release of the first draft on 6 July 2015 and will take effect in June 2017. As China’s first comprehensive privacy and security regulation

In a bylined article, Cybersecurity & Data Privacy partner Rajesh De (Washington DC), Litigation & Dispute Resolution partner John Nadolenco and associate Evan Wooten (both Los Angeles) examine the continued evolution of data breach litigation in the United States.

Continue reading.

On September 22, 2015, the US Securities and Exchange Commission (“SEC”) brought and settled charges against a registered investment adviser (the “RIA”) for violations of the Gramm-Leach-Bliley Act’s “safeguards rule” adopted under Regulation S-P.1 These violations occurred immediately prior to a cybersecurity breach of the RIA’s systems, in which the hackers may have obtained