The public and private focus on corporate governance continued apace in the first half of 2023. In recent months, there were notable developments in jurisprudence potentially impacting corporate diversity initiatives and in...more
7/12/2023
/ 10b5-1 Plans ,
Civil Rights Act ,
Corporate Governance ,
Cybersecurity ,
Data Breach ,
Department of Justice (DOJ) ,
Export Administration Regulations (EAR) ,
Fourteenth Amendment ,
Popular ,
Sanction Violations ,
Section 11 ,
Securities Act of 1933 ,
Securities and Exchange Commission (SEC) ,
Title VI ,
Wells Fargo
On March 9, software company Blackbaud agreed to pay $3 million to the SEC as a result of alleged misleading disclosures arising out of a 2020 data breach that involved customer bank account information and Social Security...more
In an era of increasing cyberattacks by varying threat actors, the board's oversight of cybersecurity risks remains a key responsibility. In two recent cases, the Delaware Court of Chancery (Chancery Court) dismissed Caremark...more
The year 2022 saw a groundswell of interest in privacy rights and related legislation. Five states enacted new laws or regulations aimed at protecting a general right to privacy, while the U.S. government came closer than...more
1/24/2023
/ Corporate Counsel ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
FinCEN ,
NYDFS ,
Popular ,
Risk Management ,
Russia ,
Securities and Exchange Commission (SEC)
Since Kramer Levin issued its Corporate Governance: 2022 Midyear Review, a wave of enforcement actions by the Department of Justice (DOJ) and Securities and Exchange Commission (SEC) has underscored the continued importance...more
The New York State Department of Financial Services (NYDFS) has published proposed amendments to its Cybersecurity Requirements for Financial Services Companies (amendments). The amendments to the agency’s cybersecurity...more
On Oct. 24, the Federal Trade Commission (FTC) issued a proposed decision and order against Drizly LLC and its CEO regarding allegations that the company’s security failures led to a data breach exposing the personal...more
Join us for our Advertising Litigation Quarterly Highlights webinar series. Our Editorial Team will conduct a deep dive on key decisions of interest covered in our recent Advertising Litigation Reports....more
The first half of 2022 illuminated important trends in the corporate governance space. In recent months, there were notable developments in the enforcement of economic sanctions and export control measures, and the oversight...more
7/5/2022
/ California ,
Corporate Counsel ,
Corporate Governance ,
Cryptocurrency ,
Cybersecurity ,
Department of Justice (DOJ) ,
Environmental Social & Governance (ESG) ,
Equal Protection ,
Export Controls ,
Popular ,
Proxy Season ,
Securities and Exchange Commission (SEC) ,
State Constitutions ,
White Collar Crimes
On March 9, the SEC, by a 3-1 vote, proposed new rules in its most far-reaching effort to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance and incident reporting by public...more
On March 15, 2022, President Joe Biden signed the Cyber Incident Reporting for Critical Infrastructure Act (the Act) into law as part of the $1.5 trillion fiscal 2022 omnibus spending package. The Act will create a mandatory...more
On Nov. 18, 2021, federal bank regulatory agencies approved a final rule requiring banking organizations to notify regulators of “any significant computer-security incident” as soon as possible and no later than 36 hours...more
Demonstrating its continued focus on cybersecurity enforcement, the Securities and Exchange Commission (SEC) announced three new actions on Aug. 30 charging eight firms with maintaining deficient cybersecurity policies and...more
On June 14, the Securities and Exchange Commission (SEC) announced a $490,000 settlement with the real estate services provider First American Financial Corporation (First American) for violations of disclosure controls and...more
On June 4, the European Commission (EC) adopted two sets of standard contractual clauses (SCCs) for use between controllers and processers in the European Economic Area (EEA) and for the transfer of data between EEA and...more
6/17/2021
/ Cybersecurity ,
Data Controller ,
Data Processors ,
Data Protection ,
EU ,
European Economic Area (EEA) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Personally Identifiable Information ,
Schrems I & Schrems II ,
Standard Contractual Clauses
Introduction -
The proliferation of data and the rise of affordable cloud computing services has led many companies and organizations to outsource their data storage to third parties, a practice that raises numerous issues...more