Four Companies Settle SEC Allegations for “Misleading Cyber Disclosures” Regarding SolarWinds -
On October 22, 2024, the Securities and Exchange Commission (“SEC”) announced settlements with four companies for alleged...more
11/8/2024
/ Artificial Intelligence ,
Consumer Financial Protection Bureau (CFPB) ,
Covered Entities ,
Cybersecurity ,
Disclosure Requirements ,
European Commission ,
Final Rules ,
Notice of Proposed Rulemaking (NOPR) ,
NYDFS ,
Public Disclosure ,
Risk Management ,
Securities and Exchange Commission (SEC) ,
Securities Exchange Act of 1934 ,
Settlement ,
Social Engineering ,
Social Networks ,
SolarWinds ,
UK
FTC Staff Report on Social Media Platforms’ Privacy and Security Practices -
On September 19, 2024, the Federal Trade Commission (“FTC” or the “Commission”) announced the release of its staff report, “A Look Behind the...more
10/11/2024
/ Algorithms ,
Artificial Intelligence ,
California ,
Data Security ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
FTC Act ,
GAO ,
Governor Newsom ,
Governor Vetoes ,
Machine Learning ,
Marketing ,
New Legislation ,
Privacy Laws ,
Settlement ,
Social Media ,
Unfair or Deceptive Trade Practices
FTC and DOJ Reach US$2.95 Million Settlement with Verkada for Alleged Violations of the FTC Act and CAN-SPAM Act -
On August 30, 2024, the Federal Trade Commission (“FTC”) announced a proposed order with Verkada Inc....more
9/27/2024
/ Amicus Briefs ,
Arbitration Agreements ,
Artificial Intelligence ,
CAN-SPAM Act ,
COPPA ,
Cyber Attacks ,
Cybersecurity ,
Department of Health and Human Services (HHS) ,
Department of Justice (DOJ) ,
Ethics ,
EU ,
European Commission ,
Facial Recognition Technology ,
Federal Trade Commission (FTC) ,
FTC Act ,
General Data Protection Regulation (GDPR) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Human Rights ,
Online Reviews ,
Securities and Exchange Commission (SEC) ,
Settlement ,
Standard Contractual Clauses ,
UK ,
Web Tracking
X Agrees to Stop Processing EU Data to Train its Grok AI -
Ireland’s Data Protection Commission (“DPC”) recently filed an urgent High Court application against X (formerly Twitter) for using the personal data of European...more
9/13/2024
/ Artificial Intelligence ,
Cybersecurity ,
Data Collection ,
Data Protection ,
Data Security ,
EU ,
EU-US Privacy Shield ,
European Data Protection Board (EDPB) ,
Fines ,
Ireland ,
Liability ,
Personal Data ,
Sensitive Personal Information ,
Twitter ,
Uber
U.S. Court Axes Most of SEC's SolarWinds Data Breach Suit -
The U.S. District Court for the Southern District of New York recently dismissed much of the U.S. Securities and Exchange Commission’s (“SEC”) suit against...more
8/2/2024
/ Artificial Intelligence ,
Audits ,
Automated Decision Systems (ADS) ,
COPPA ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Dismissals ,
EU ,
EU-US Privacy Shield ,
European Economic Area (EEA) ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Instant Messaging Apps ,
Misleading Statements ,
Regulation Technical Standards (RTS) ,
Risk Assessment ,
ROSCA ,
Securities and Exchange Commission (SEC) ,
Settlement ,
SolarWinds
SEC Fines the New York Stock Exchange’s Parent Company $10 million for Failure to Promptly Notify Its Subsidiaries of Cybersecurity Breach -
On May 22, 2024, the Securities and Exchange Commission (“SEC”) imposed a $10...more
6/14/2024
/ Annual Reports ,
Artificial Intelligence ,
Breach Notification Rule ,
Colorado ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Protection ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Information Commissioner's Office (ICO) ,
Machine Learning ,
New Legislation ,
NYSE ,
Popular ,
Securities and Exchange Commission (SEC) ,
UK
April 2024 On April 4, 2024, the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (“CISA”) published a 447-page Notice of Proposed Rulemaking (“Proposed Rules”) in accordance with the...more
4/19/2024
/ Artificial Intelligence ,
California Consumer Privacy Act (CCPA) ,
California Privacy Protection Agency (CPPA) ,
Critical Infrastructure Sectors ,
Cyber Incident Reporting ,
Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Security ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Government Agencies ,
Machine Learning ,
OMB ,
Online Safety for Children ,
Privacy Laws ,
Proposed Rules ,
Reporting Requirements ,
UK ,
Voluntary Compliance
European Parliament Approves EU AI Act -
On March 13, 2024, the European Parliament approved the EU Artificial Intelligence Act (“AI Act”). A first of its kind legal framework for AI, the AI Act has extraterritorial effect,...more
3/29/2024
/ Appeals ,
Artificial Intelligence ,
California Privacy Protection Agency (CPPA) ,
Consent ,
Court of Justice of the European Union (CJEU) ,
Cybersecurity Framework ,
Data Brokers ,
Data Collection ,
European Parliament ,
Federal Trade Commission (FTC) ,
Foreign Adversaries ,
General Data Protection Regulation (GDPR) ,
Popular ,
Sensitive Personal Information ,
Strategic Planning ,
Transparency
FTC Proposes New Protections to Guard Against AI Impersonations of Individuals -
Amidst growing concerns that emerging technology—including AI-generated deepfakes—threaten to increase the prevalence of impersonation fraud,...more
3/1/2024
/ Anti-Terrorism Financing ,
Artificial Intelligence ,
Cybersecurity ,
Deep Fake ,
EU ,
European Convention on Human Rights ,
Federal Trade Commission (FTC) ,
Human Rights ,
Russia ,
Securities and Exchange Commission (SEC) ,
Terms of Service
FTC Announces Proposed Settlement with Data Aggregator over its Alleged Selling of Precise Location Data -
The Federal Trade Commission (“FTC”), on January 18, 2024, announced a proposed settlement with InMarket Media...more
FTC Settles with Rite Aid on its Use of AI and Processing of Biometric Information -
The Federal Trade Commission (“FTC”), on December 19, 2023, announced that it had reached a settlement with Rite Aid Corporation (“Rite...more
1/19/2024
/ Artificial Intelligence ,
Biometric Information ,
COPPA ,
Data Brokers ,
Data Retention ,
Enforcement Actions ,
Facial Recognition Technology ,
Federal Trade Commission (FTC) ,
FTC Act ,
Inventors ,
Notice of Proposed Rulemaking (NOPR) ,
Opt-In ,
Patents ,
Rite Aid ,
Sensitive Personal Information ,
Settlement ,
UK
As we begin the new year, we offer this special edition with predictions for 2024 from members of the Cyber Bits Partner Committee. Regardless of what happens in 2024, we renew our commitment to keep you informed of the...more
1/8/2024
/ Artificial Intelligence ,
Biometric Information ,
China ,
Consumer Privacy Rights ,
Cybersecurity ,
Disclosure Requirements ,
Enforcement ,
EU ,
Facial Recognition Technology ,
Machine Learning ,
Popular ,
Regulation S-P ,
Risk Management ,
Securities and Exchange Commission (SEC)
EU AI Act: Political Agreement Reached on Terms of Landmark Legislation -
Negotiators for the European Council and the European Parliament have reached political agreement on the provisions of the EU Artificial...more
12/15/2023
/ Artificial Intelligence ,
California Privacy Protection Agency (CPPA) ,
Compliance ,
Cookies ,
Court of Justice of the European Union (CJEU) ,
EU ,
Federal Trade Commission (FTC) ,
Fines ,
General Data Protection Regulation (GDPR) ,
Neglect ,
New Legislation ,
UK
The Biden Administration Issues Executive Order on Artificial Intelligence -
On October 30, 2023, President Biden signed an Executive Order on Safe, Secure, and Trustworthy Artificial Intelligence (the “Order”)...more
11/17/2023
/ Artificial Intelligence ,
Biden Administration ,
Chief Information Security Officer (CISO) ,
Cyber Crimes ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Breach ,
Executive Orders ,
Federal Trade Commission (FTC) ,
Financial Institutions ,
NYDFS ,
Ransomware ,
Regulatory Agenda ,
Securities and Exchange Commission (SEC) ,
SolarWinds
What is in store for Privacy and Cybersecurity in 2023 -
As the year ends, we offer this special edition with predictions for 2023 from each member of the Cyber Bits Partner Committee. Regardless of what happens in 2023, we...more
12/30/2022
/ Artificial Intelligence ,
California Consumer Privacy Act (CCPA) ,
Cyber Attacks ,
Cybersecurity ,
Disclosure Requirements ,
EU ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Infrastructure ,
Investment Adviser ,
Popular ,
Privacy Laws ,
Privacy Legislation ,
Risk Management ,
Securities and Exchange Commission (SEC) ,
State Data Breach Notification Statutes ,
UK ,
Whistleblowers
Few things are certain, but it is indisputable that in 2022 data will remain big; data driven technologies will create unparalleled opportunity and risk; the frequency and sophistication of cyberattacks will shatter...more
1/7/2022
/ Artificial Intelligence ,
California Consumer Privacy Act (CCPA) ,
Cyber Attacks ,
Cyber Insurance ,
Cybersecurity ,
Data Breach ,
Data Loss Prevention ,
Data Privacy ,
Data Protection ,
EU-US Privacy Shield ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Hackers ,
International Data Transfers ,
Machine Learning ,
Popular ,
Ransomware ,
Regulatory Agenda ,
Section 5