On January 31, 2020, the Department of Defense (DoD) released the latest version (Version 1.0) of its Cybersecurity Maturity Model Certification (CMMC) framework, setting forth future cybersecurity requirements for thousands...more
3/5/2020
/ Certification Requirements ,
Controlled Unclassified Information (CUI) ,
Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Defense Contracts ,
Defense Sector ,
Department of Defense (DOD) ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
NIST ,
Request For Information ,
Third Party Assessment Organization (3PAO)
Businesses in California and around the country have taken notice of the twists and turns taken so far concerning the passage of the CCPA. The California legislature passed the CCPA as an alternative to an even stricter...more
The CCPA is an unprecedented privacy law that grants California residents sweeping rights concerning the collection and use of their information. Once the law becomes effective on January 1, 2020, covered businesses can...more
2/14/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Corporate Counsel ,
Covered Entities ,
Cybersecurity ,
Data Collection ,
Data Protection ,
Disclosure Requirements ,
General Data Protection Regulation (GDPR) ,
Opt-Outs ,
Personally Identifiable Information ,
Popular ,
Privacy Laws ,
Privacy Policy
In LabMD v. FTC, the Eleventh Circuit vacated an order requiring a company to implement a data security program “reasonably designed” to protect information. Following the LabMD decision, the FTC announced a series of public...more
California will likely become the first state to regulate the security of internet-connected devices with a narrowly-written senate bill, SB-327, and an identical house bill, AB 1906 (collectively “the Bill”). If signed into...more
Continuing the increasingly aggressive trend of class actions filed against companies over allegedly unwanted texts, Kohl’s was recently sued in a Telephone Consumer Protection Act (“TCPA”) case over text messaging alerts...more
Facial recognition technology was used to identify the man charged with carrying out the Capitol Gazette shooting in Baltimore, Maryland on June 28, 2018. It is the highest-profile case where the facial recognition technology...more
On February 16, 2018, the U.S. Securities and Exchange Commission (“SEC”) suspended trading in three penny stocks due to concerns about the accuracy of recent statements the companies made relating to their ties to...more
Earlier this month, the United States Court of Appeals for the District of Columbia Circuit (the “D.C. Circuit”) found that inaccuracies in the Department of Transportation’s (“DOT”) trucking database, when shared to...more
The Securities and Exchange Commission (“SEC”) has taken a strong stance in enforcing securities laws over initial coin offerings (“ICOs”), which have recently become increasingly common as a way to fund startups....more
Several advertising groups recently filed comments with the Federal Trade Commission (“FTC”) urging the organization to pursue enforcement actions only against security and privacy practices that cause “concrete injuries” to...more
Last week, Lenovo Inc. agreed to pay $3.5 million to settle allegations that it installed monitoring and advertising software on its laptops. The lawsuit was brought by the Federal Trade Commission (“FTC”) and 32 state...more
On July 31, 2017, the Federal Trade Commission (“FTC”) announced that it voted 2-0 to approve TRUSTe’s modifications to its safe harbor program under the terms of the Children Online Privacy Protection Act (“COPPA”). TRUSTe...more
Last Tuesday morning, June 27, 2017, a version of the “Petya” malware attack—dubbed “NotPetya”—hit several multinational companies in a variety of industries. This is the second major cyber attack in just two months following...more
China has moved to start enforcing its new cybersecurity law as of Thursday, June 1, but the impact of the rules on foreign firms remains to be seen. The law was originally promulgated November 7, 2016 and serves to increase...more
On May 11, 2017, President Trump signed a long-awaited Executive Order that aims to bolster the cybersecurity of federal networks and critical infrastructure. In an effort to fulfill the President’s promise to get “tough on...more
The Federal Trade Commission (FTC) is currently seeking comment on proposed changes to TRUSTe’s safe harbor program under the agency’s Children’s Online Privacy Protection Rule (COPPA). Per the Federal Register notice, the...more
Dangerous Regulatory Landscape -
..Federal Law
.TCPA
.CAN-SPAM
.FTC Regulations
.FCC Regulations
..State Laws
.Consumer Protection Statutes
.Commercial Electronic Mail Acts
.Privacy Torts...
...more
5/12/2017
/ ATDS ,
CAN-SPAM Act ,
Data Breach ,
FCC ,
Federal Trade Commission (FTC) ,
Marketing ,
Mobile Devices ,
Personally Identifiable Information ,
TCPA ,
Telemarketing ,
Text Messages ,
Written Consent
Several major app developers, including Twitter, Facebook, Instagram, and Yelp, settled a putative class action pending in California federal court last week. The app companies have agreed to pay a consolidated $5.3 million...more
The Federal Communications Commission (“FCC”) is weighing the benefits of protecting SMS text messaging under Title II of the Communications Act of 1934, often referred to as the Open Internet rules, versus continuing to...more
The Department of Homeland Security (“DHS”) is hosting a series of test opportunities for manufacturers of Global Positioning System (“GPS”) receivers and components used in critical infrastructure to test their equipment...more
On December 28, 2016, the New York Department of Financial Services (“DFS”) issued a revised version of its proposed cybersecurity rule for banks, insurers, money service businesses, and regulated virtual currency operators...more
On October 14, the California Attorney General released a new online form designed to crowdsource reporting of allegedly inadequate privacy policies. The tool allows users to report violations of the California Online...more