The U.S. Court of Appeals for the Federal Circuit (“Federal Circuit”) recently issued a landmark decision in Lashify, Inc. v. International Trade Commission, expanding what expenditures count to prove the economic prong of...more
The first half of 2024 was eventful in the world of environmental, social and governance (“ESG”). Although ESG continued to lose the market tailwinds that have pushed it forward in recent years, regulatory pressures both...more
10/18/2024
/ Corporate Governance ,
Corporate Social Responsibility ,
Disclosure Requirements ,
Environmental Social & Governance (ESG) ,
Federal Trade Commission (FTC) ,
Greenwashing ,
Non-Compete Agreements ,
Proxy Season ,
Securities and Exchange Commission (SEC) ,
Shareholders ,
Sustainability
As part of our series on trademarks as critical assets for businesses, this article discusses the importance of selecting and clearing a new or altered trademark for use and registration in the United States. Trademark...more
8/30/2024
/ Arbitrary Marks ,
Business Assets ,
Fanciful Marks ,
Generic Marks ,
Goods or Services ,
Popular ,
Suggestive Marks ,
Trademark Infringement ,
Trademark Registration ,
Trademark Searches ,
Trademarks
On July 30, 2024, Meta Platforms, Inc. (formerly known as Facebook, Inc.) agreed to pay $1.4 billion to the State of Texas to settle a lawsuit alleging that Meta unlawfully captured and used biometric identifiers of millions...more
The Texas Data Privacy and Security Act (“TDPSA” or the “Act”) came into effect on July 1, 2024. The TDPSA applies to any person who (i) conducts business in the state of Texas or produces a product or service consumed by...more
Trademarks serve as the cornerstone of brand identity, distinguishing the goods and services of one enterprise from those of another. Trademarks are not just legal tools: they are critical assets. They encapsulate the...more
The facts are an oft-told business email compromise horror story: a hacker interjects themselves into an email discussion of a business deal, changes the wire instructions to their own account, and disappears with the...more
Public companies are now required to comply with new cybersecurity disclosure requirements in their Annual Reports on Form 10-K for fiscal years ending on or after December 15, 2023. In preparing this cybersecurity...more
3/5/2024
/ Annual Reports ,
Chief Information Security Officer (CISO) ,
Cyber Incident Reporting ,
Cybersecurity ,
Disclosure Requirements ,
Form 10-K ,
Form 8-K ,
Popular ,
Regulation S-K ,
Securities and Exchange Commission (SEC) ,
SolarWinds
On December 8, 2023, representatives of the European Council and the European Parliament reached a provisional agreement on the EU’s Artificial Intelligence Act (“AI Act”). Although the final text of the AI Act remains...more
On November 27, 2023, the New York State Department of Financial Services (“DFS”) and First American Title Insurance Company (“First American”) entered into a consent order1 that resolved litigation over First American’s...more
12/4/2023
/ Consent Order ,
Covered Entities ,
Cybersecurity ,
Financial Institutions ,
Financial Services Industry ,
First American Title Insurance Co. ,
Gramm-Leach-Blilely Act ,
New York ,
Popular ,
Regulation S-P ,
Risk Assessment ,
Securities and Exchange Commission (SEC)
On October 30, 2023, President Biden issued an Executive Order (“Order”) that drastically increased the U.S. government’s engagement with artificial intelligence (“AI”). The sweeping Order touches on everything from bias in...more
11/1/2023
/ Algorithms ,
Antitrust Violations ,
Artificial Intelligence ,
Critical Infrastructure Sectors ,
Cyber Insurance ,
Cybersecurity ,
Data Privacy ,
Department of Energy (DOE) ,
Department of Health and Human Services (HHS) ,
Discrimination ,
Executive Orders ,
Federal Trade Commission (FTC) ,
Intellectual Property Protection ,
Joe Biden ,
National Security ,
Popular ,
Public Health
On September 12, 2023, Delaware governor John Carney signed the Delaware Personal Data Privacy Act (the “DPDPA” or the “Act”) into law. The DPDPA protects the privacy rights of consumers in Delaware and regulates the...more
9/20/2023
/ Consumer Privacy Rights ,
Data Collection ,
Data Controller ,
Data Privacy ,
Data Processors ,
Data Selling ,
Data-Sharing ,
Delaware ,
Geolocation ,
New Legislation ,
Personal Data ,
Sensitive Personal Information ,
State Privacy Laws
In advance of its September 8, 2023 board meeting, the California Privacy Protection Agency (“CPPA”), the state’s privacy regulatory body, has unveiled draft regulations that could significantly impact cybersecurity...more
9/7/2023
/ Artificial Intelligence ,
Automated Decision Systems (ADS) ,
California ,
California Privacy Protection Agency (CPPA) ,
Consumer Privacy Rights ,
Corporate Counsel ,
Cybersecurity ,
Data Management ,
Regulatory Agenda ,
Risk Assessment ,
State Privacy Laws
The Department of Homeland Security’s Transportation Security Administration (“TSA”) has issued an amended directive on pipeline security, SD-Pipeline-2021-02D (the “Directive”). The Directive is based on and supersedes the...more
On July 10, 2023, the European Commission (the “Commission”) adopted an adequacy decision for the EU-U.S. Data Privacy Framework (the “Framework”).
The Framework provides companies that opt in with a legitimate means of...more
7/14/2023
/ Cross-Border ,
Cybersecurity ,
Data Privacy ,
Data Transfers ,
EU ,
EU-US Privacy Shield ,
European Commission ,
European Economic Area (EEA) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
US-EU Safe Harbor Framework
The Supreme Court of the United States recently considered whether portions of the Lanham Act that relate to trademark infringement can be applied to conduct that takes place outside the United States. Abitron Austria GmbH et...more
7/6/2023
/ Abitron Austria GmbH v Hetronic International Inc ,
Extraterritoriality Rules ,
Foreign Sales ,
Intellectual Property Protection ,
Lanham Act ,
Likelihood of Confusion ,
SCOTUS ,
Trademark Infringement ,
Trademark Litigation ,
Trademarks ,
Use in Commerce
The European Union’s (“EU”) Data Protection Commission (the “Commission”) recently fined Meta Ireland $1.3 billion (or €1.2 billion) for improper data transfers from the European Economic Area (“EEA”) to the United States in...more
Texas will soon join the growing list of states that have passed comprehensive data privacy legislation. House Bill 4, the Texas Data Privacy and Security Act (“TDPSA” or the “Act”), has a broad reach and will apply to all...more
6/1/2023
/ California Privacy Rights Act (CPRA) ,
Consumer Privacy Rights ,
Data Controller ,
Data Privacy ,
Data Processors ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Opt-Outs ,
Proposed Legislation ,
State Labor Laws ,
Texas
After a rash of significant cybersecurity breaches and ransomware attacks affecting a wide set of industries, ranging from pipelines to technology companies, the Biden administration released its much-anticipated National...more
On February 22, 2023, the Securities and Exchange Commission (“SEC”) issued a cease-and-desist order (the “Order”) charging African Gold Acquisition Corp. (“African Gold”) with multiple violations of the Securities Exchange...more
The machines aren’t coming for your job — they’re here to help. But when humans work with artificial intelligence (“AI”) assistance, who owns the final product?
If a person uses an AI tool to invent, is that person the...more
The Supreme Court of Illinois recently held that use of a fingerprint system by White Castle, Inc. (“White Castle”) to authenticate employees, without the consent of the employees, entailed multiple violations of the Illinois...more
Epic Games, Inc. (“Epic”) agreed to pay a combined $520 million in two “record-breaking settlements” on Monday. The settlements resolve alleged violations of both the Federal Trade Commission Act (the “FTC Act”) and the...more
On October 12, 2022, New York Attorney General Letitia James fined Zoetop Business Company, Ltd. (“Zoetop”), the owner of fast-fashion brands SHEIN and ROMWE, $1.9 million for mishandling a 2018 data breach and lying to the...more
On October 18, 2022, the Transportation Security Administration (“TSA”) issued its Security Directive 1580/82-2022-01 on Rail Cybersecurity Mitigation Actions and Testing (the “Railroad Directive”), regulating designated...more