This is the second article in our two-part series on Cybersecurity in the Age of Industry 4.0, focusing on the legal implications and potential liabilities manufacturers face from cyberattacks, as well as practical...more
9/20/2024
/ California Privacy Rights Act (CPRA) ,
Class Action ,
Cyber Attacks ,
Cyber Insurance ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Duty of Care ,
Employee Training ,
General Data Protection Regulation (GDPR) ,
Incident Response Plans ,
Intellectual Property Protection ,
Manufacturers ,
Noncompliance ,
Theft ,
Trade Secrets
As the manufacturing sector continues to embrace the hyper-connected era of Smart Manufacturing, known as Industry 4.0, more and more organizations are integrating advanced automation, artificial intelligence (AI), the...more
9/13/2024
/ Artificial Intelligence ,
Automation Systems ,
Corrective Actions ,
Cyber Attacks ,
Cybersecurity ,
Energy Sector ,
Intellectual Property Protection ,
Internet of Things ,
Machine Learning ,
Malware ,
Manufacturers ,
Ransomware ,
Reputational Injury ,
Risk Management ,
Sensitive Personal Information ,
Social Engineering ,
Supply Chain
The recent massive data breach at National Public Data (NPD), a background check company, has potentially compromised the personal information of millions, if not billions, of individuals, including their Social Security...more
8/26/2024
/ Credit Reports ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Security ,
Federal Trade Commission (FTC) ,
Fraud ,
Hackers ,
Identity Theft ,
IRS ,
Popular ,
Risk Assessment ,
Risk Management
Insights for this month’s article are provided by ARDA members Gregory Szewczyk, partner at Ballard Spahr Practice Leader of the firm’s Privacy and Data Security Group, and Aaron Tantleff, partner in Foley & Lardner’s...more
7/24/2024
/ Artificial Intelligence ,
Blockchain ,
California Privacy Rights Act (CPRA) ,
CDPA ,
Compliance ,
COPPA ,
Damages ,
Data Privacy ,
Data Security ,
Documentation ,
Employee Training ,
Environmental Social & Governance (ESG) ,
FTC Act ,
Gramm-Leach-Blilely Act ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Machine Learning ,
Policies and Procedures ,
Popular ,
Private Right of Action ,
State Privacy Laws
On February 9, a California appellate court issued a decisive ruling in favor of the California Privacy Protection Agency (the Agency), allowing the state to immediately begin enforcement of its new regulations, effectively...more
2/16/2024
/ Appellate Courts ,
Artificial Intelligence ,
Audits ,
California ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Compliance ,
Cybersecurity ,
Enforcement ,
New Regulations ,
Opt-Outs ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Requirements
In the hyper-connected era of smart manufacturing, accelerated by “Industry 4.0,” the manufacturing sector is undergoing a digital revolution. By leveraging technologies such as advanced automation, artificial intelligence,...more
9/25/2023
/ Artificial Intelligence ,
Automation Systems ,
Blockchain ,
Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Insurance ,
Cyber Threats ,
Cybersecurity ,
DFARS ,
Employee Training ,
Energy Sector ,
FERC ,
General Data Protection Regulation (GDPR) ,
Healthcare ,
Internet of Things ,
Malware ,
Manufacturers ,
National Security ,
Pharmaceutical Industry ,
Popular ,
Social Engineering ,
State Sponsors of Cyberattacks ,
Supply Chain ,
Technology ,
Telecommunications ,
Transportation Industry ,
Vulnerability Assessments
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
On July 26, 2023, the U.S. Securities Exchange Commission (“SEC”) adopted final rules regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies. The final rules require...more
8/4/2023
/ Annual Reports ,
Customer Proprietary Network Information (CPNI) ,
Cybersecurity ,
Disclosure Requirements ,
FBI ,
Foreign Private Issuers ,
Form 8-K ,
Incident Response Plans ,
New Rules ,
Regulation S-K ,
Regulation S-X ,
Risk Management ,
Secret Service ,
Securities and Exchange Commission (SEC)
Agility and resiliency remain essential attributes for manufacturers in 2023. Manufacturers are no longer focused on figuring out when things will return to “normal.”
Instead, they are applying lessons learned from the...more
7/11/2023
/ Artificial Intelligence ,
Best Practices ,
Clawbacks ,
Compensation ,
Compliance ,
Customs and Border Protection ,
Cyber Threats ,
Cybersecurity ,
Enforcement ,
Environmental Protection Agency (EPA) ,
Final Rules ,
Intellectual Property Protection ,
Machine Learning ,
Manufacturers ,
Securities and Exchange Commission (SEC) ,
Supply Chain
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
In just the last two weeks, the Illinois Supreme Court dealt two significant blows would be defendants (i.e., employers and consumer-facing companies) under Illinois’ exacting Biometric Information Protection Act (BIPA). The...more
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
The California Privacy Protection Agency (CPPA) quietly issued the first draft of the California Consumer Privacy Act (CPRA) regulations and an Initial Statement of Reasons by attaching them to the June 8 board meeting...more
On March 9, 2022, the U.S. Securities Exchange Commission (the Commission) announced proposed amendments to its rules regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies...more
3/18/2022
/ Corporate Governance ,
Cybersecurity ,
Data Privacy ,
Disclosure Requirements ,
Foreign Private Issuers ,
Investors ,
Popular ,
Proposed Amendments ,
Risk Assessment ,
Risk Factors ,
Risk Management ,
Securities and Exchange Commission (SEC) ,
Third-Party Service Provider
In 2022, automotive suppliers face many of the same issues that have bedeviled the industry throughout 2021, as well as a host of all-new challenges. Unfortunately, as with many aspects of pre-pandemic life, the relative...more
3/17/2022
/ Automotive Industry ,
Biden Administration ,
Coronavirus/COVID-19 ,
Corruption ,
Department of Justice (DOJ) ,
Department of Transportation (DOT) ,
Electric Vehicles ,
Federal Trade Commission (FTC) ,
Final Rules ,
Foreign Corrupt Practices Act (FCPA) ,
Hart-Scott-Rodino Act ,
IMMEX ,
Infrastructure Investment and Jobs Act (IIJA) ,
Mexico ,
Motor Vehicles ,
National Security ,
NHTSA ,
Notice of Proposed Rulemaking (NOPR) ,
OEM ,
Office of Foreign Assets Control (OFAC) ,
OMB ,
Supply Chain ,
Supply Shortages ,
U.S. Treasury ,
Vertical Mergers
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
On February 22, 2022, U.S. Department of Homeland Security Secretary Alejandro Mayorkas warned critical infrastructure organizations located in the United States of possible cyberattacks by Russian state-sponsored actors in...more
What would you do if you woke up tomorrow and your company was experiencing a cybersecurity incident? What if IT systems were completely locked down? What if you could not use phones, check emails, or receive orders? What if...more
Across the country, companies have been grappling with website accessibility challenges filed by serial plaintiffs alleging the company’s website is not fully accessible to individuals with disabilities. The complaints...more
The advent of new technology brings along with it the murkiness of how the American legal system will treat such technology. Before the rise of blockchain for instance, businesses were uncertain how courts would treat...more
10/8/2021
/ Blockchain ,
California Consumer Privacy Act (CCPA) ,
Confidentiality Policies ,
E-SIGN ,
Force Majeure Clause ,
General Data Protection Regulation (GDPR) ,
Governance Standards ,
Service Level Agreements ,
Smart Contracts ,
Supply Chain ,
Termination ,
UETA
The European Commission adopted new versions of the Standard Contractual Clauses (SCCs) on June 4, 2021. The new SCCs finally replace the original SCCs adopted under the 1998 European Data Protection Directive (DPD) and did...more
7/6/2021
/ Corporate Counsel ,
Cybersecurity ,
Data Protection ,
EU ,
European Commission ,
European Data Protection Board (EDPB) ,
European Economic Area (EEA) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Schrems I & Schrems II ,
Standard Contractual Clauses ,
UK Data Protection Act
On June 2, 2021, Anne Neuberger, Deputy Assistant to the President and Deputy National Security Advisor for Cyber and Emerging Technology, published a rare open letter to the corporate executives and business leaders of...more
6/14/2021
/ Corporate Executives ,
Cybersecurity ,
Department of Justice (DOJ) ,
Economic Sanctions ,
Embargo ,
Executive Orders ,
Hackers ,
International Emergency Economic Powers Act (IEEPA) ,
Joe Biden ,
Office of Foreign Assets Control (OFAC) ,
Popular ,
Ransomware ,
TWEA
Earlier today, the European Commission approved and adopted a new version of the Standard Contractual Clauses (SCCs) that revises how data may be transferred by including additional privacy and legal safeguards. The remodeled...more
On May 12, 2021, President Biden issued an Executive Order on Improving the Nation’s Cybersecurity following a series of highly publicized cybersecurity incidents during the first four months of his presidency, including the...more
5/14/2021
/ Compliance ,
Cybersecurity ,
Department of Defense (DOD) ,
Department of Homeland Security (DHS) ,
Department of Justice (DOJ) ,
DFARS ,
Encryption ,
Executive Orders ,
FBI ,
Federal Acquisition Regulations (FAR) ,
Joe Biden ,
National Security Agency (NSA) ,
Popular ,
Software ,
Supply Chain