SEC Division of Examinations Issues Risk Alert on Regulation S-ID and Identity Theft Prevention Programs -
On December 5, 2022, the Securities and Exchange Commission (“SEC”) Division of Examinations (“EXAMS”) issued a...more
12/16/2022
/ Advanced Notice of Proposed Rulemaking (ANPRM) ,
American Civil Liberties Union (ACLU) ,
Artificial Intelligence ,
Broker-Dealer ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Transfers ,
EDPS ,
EU ,
European Data Protection Board (EDPB) ,
European Economic Area (EEA) ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Investment Adviser ,
Minors ,
Online Safety for Children ,
Personal Data ,
Policies and Procedures ,
Proposed Legislation ,
Regulation S-ID ,
Risk Alert ,
Securities and Exchange Commission (SEC) ,
SolarWinds
SEC Chair Gensler Indicates Commission is Looking to Update SEC’s Regulation S-P -
On September 28, 2022, Securities and Exchange Commission (“SEC” or the “Commission”) Chairman Gary Gensler appeared via video at the...more
10/14/2022
/ Advanced Notice of Proposed Rulemaking (ANPRM) ,
Algorithms ,
Anti-Discrimination Policies ,
Artificial Intelligence ,
Biden Administration ,
Broker-Dealer ,
Cloud Service Providers (CSPs) ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
EU ,
EU-US Privacy Shield ,
Federal Trade Commission (FTC) ,
Foreign Trade Regulations ,
Gramm-Leach-Blilely Act ,
Hackers ,
Information Commissioner's Office (ICO) ,
International Data Transfers ,
Investment Adviser ,
Investment Companies ,
Privacy Framework ,
Regulation S-P ,
Request For Information ,
Right of Access ,
Securities and Exchange Commission (SEC) ,
Subject Access Request (SAR) ,
Title V ,
U.S. Commerce Department ,
Uber ,
UK ,
UK GDPR
US Federal Appellate Court Issues Opinion on Proof of Injury in Data Breach Cases -
On September 2, 2022, the U.S. Court of Appeals for the Third Circuit reinstated a class action lawsuit that had previously been dismissed...more
9/30/2022
/ Advanced Notice of Proposed Rulemaking (ANPRM) ,
Advisory Opinions ,
Appellate Courts ,
Automation Systems ,
Breach of Confidence ,
Breach of Contract ,
Breach of Duty ,
Breach of Implied Contract ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Class Action ,
Cyber Attacks ,
Cybersecurity ,
Dark Web ,
Data Breach ,
Data Collection ,
Data Security ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Fiduciary Duty ,
Fraud ,
General Data Protection Regulation (GDPR) ,
Hackers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Identity Theft ,
Negligence ,
Popular ,
Putative Class Actions ,
Request For Information ,
Risk Assessment ,
Surveillance ,
UK
Federal Privacy Bill (ADPPA) is Sent to the House Floor but Obstacles to its Passage Remain -
On July 20, 2022, the House Committee on Energy and Commerce (“the Committee”) voted 53-2 in favor of advancing The American Data...more
8/5/2022
/ Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Department of Homeland Security (DHS) ,
FCC ,
Geolocation ,
Popular ,
Proposed Legislation ,
Regulatory Agenda ,
Regulatory Reform ,
T-Mobile ,
Vulnerability Assessments
EDPB Issues Draft Guidance on International Data Transfers -
On November 18, 2021, the European Data Protection Board (“EDPB”) published draft guidance on the interaction between the GDPR’s transfer provisions set out in...more
12/10/2021
/ Cyber Attacks ,
Cybersecurity ,
Data Management ,
Data Protection ,
EU ,
EU Data Protection Laws ,
European Commission ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Regulatory Requirements ,
Standard Contractual Clauses
On November 3, 2020, California voters passed Proposition 24, the California Privacy Rights Act (CPRA). Crafted to address perceived gaps in the California Consumer Privacy Act (CCPA), the CPRA effectively calcifies the law...more
11/13/2020
/ California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Sellers ,
Data-Sharing ,
Information Governance ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Right to Delete ,
Right To Know ,
State and Local Government
On October 28, 2020, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS) issued a joint cybersecurity advisory (the...more
10/31/2020
/ Cyber Attacks ,
Cyber Insurance ,
Cybersecurity ,
Department of Health and Human Services (HHS) ,
FBI ,
Health Care Providers ,
Healthcare Facilities ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Hospitals ,
Incident Response Plans ,
Ransomware ,
Risk Management ,
Security Risk Assessments
The Risk Alert makes clear that OCIE has observed an increase in the frequency of credential stuffing attacks against Registrants, including some successful credential stuffing attacks that resulted in the loss of customer...more
The California Attorney General’s Office (California AG) submitted final proposed regulations (Regulations) under the California Consumer Privacy Act (CCPA) to the California Office of Administrative Law (CA OAL) on June 1,...more
6/24/2020
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Office of Administrative Law Judges (OALJ) ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
State and Local Government ,
State Attorneys General
The Office of Compliance Inspections and Examinations of the Securities and Exchange Commission released cybersecurity and resiliency-related examination observations on January 27, 2020, based on “thousands of examinations...more
2/14/2020
/ Broker-Dealer ,
Clearing Agencies ,
Corporate Governance ,
Cybersecurity ,
Data Loss Prevention ,
Incident Response Plans ,
Investment Adviser ,
OCIE ,
Privacy Policy ,
Publicly-Traded Companies ,
Risk Assessment ,
Risk Management ,
Securities and Exchange Commission (SEC) ,
Stock Exchange ,
Vendors