As integrating artificial intelligence into corporate operations accelerates, the rapid deployment of AI tools—often driven by executive and investor pressure—has outpaced the establishment of robust governance, compliance,...more
On May 19, 2025, President Trump signed into law the Tools to Address Known Exploitation by Immobilizing Technological Deepfakes Act, also known by the backronym the TAKE IT DOWN Act (the “Act”), to combat deepfake revenge...more
With every change in administration, organizations and individuals face changes in the types of conduct the federal government focuses on in its investigations, enforcement, and criminal prosecutions. ...more
3/25/2025
/ Criminal Prosecution ,
Cybersecurity ,
Department of Justice (DOJ) ,
Diversity and Inclusion Standards (D&I) ,
Enforcement Actions ,
Enforcement Priorities ,
Executive Orders ,
False Claims Act (FCA) ,
Immigration ,
National Security ,
Popular ,
Regulatory Agenda ,
Regulatory Reform ,
Tariffs ,
Trump Administration ,
White Collar Crimes
2024 was a record-breaking year for the wrong reasons, as it unfortunately involved the largest and most destructive data breaches. These data breaches affected companies of all sizes and in every sector, costing the United...more
1/9/2025
/ Artificial Intelligence ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Security ,
Department of Health and Human Services (HHS) ,
Department of Justice (DOJ) ,
Federal Contractors ,
Federal Trade Commission (FTC) ,
Privacy Laws ,
Ransomware
In a long-awaited decision affecting the scope of privacy protections in Massachusetts, on October 24, 2024, the Massachusetts Supreme Judicial Court (“SJC”) held that collecting and transmitting user browsing activities,...more
11/5/2024
/ Consumer Privacy Rights ,
Electronic Monitoring ,
Hospitals ,
MA Supreme Judicial Court ,
Putative Class Actions ,
Software ,
Surveillance ,
Tracking Systems ,
Web Tracking ,
Websites ,
Wiretap Act ,
Wiretapping
Organizations can prevent cyberattacks and minimize liability risks by reviewing and implementing these 10 important steps:
Adopt a Zero Trust Network Access Framework, which requires all users to be authenticated,...more
As the last two years have clearly demonstrated, no organization is immune from cyberattacks. Indeed, numerous studies have reported that a majority of businesses have been impacted by at least one cyberattack over the past...more
10/30/2024
/ Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Justice (DOJ) ,
Government Investigations ,
Hackers ,
Information Technology ,
Personally Identifiable Information ,
Securities and Exchange Commission (SEC)
On September 11, 2024, the U.S. Department of Commerce’s Bureau of Industry and Security (BIS) published a proposed rule that would create a mandatory quarterly reporting requirement for U.S. persons and U.S. entities that...more
On May 15, 2024, the Securities and Exchange Commission (the “SEC”) issued final amendments (the “Amendments”) to Regulation S-P (originally adopted in 2000), which governs the treatment of a customer’s nonpublic personal...more
5/28/2024
/ Cybersecurity ,
Data Breach ,
Data Management ,
Data Protection ,
Financial Institutions ,
Incident Response Plans ,
Information Governance ,
Personally Identifiable Information ,
Policies and Procedures ,
Regulation S-P ,
Securities and Exchange Commission (SEC) ,
Securities Exchange Act of 1934 ,
Securities Regulation
In 2025, new federal reporting requirements will require hundreds of thousands of organizations to report cyber incidents within hours of discovery to the United States Government, marking a significant impact on how...more
4/10/2024
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Incident Response Plans ,
Information Technology ,
NPRM ,
Popular ,
Proposed Rules ,
Regulatory Agenda ,
Reporting Requirements ,
Triggering Event
On December 9, 2023, representatives from the Council of the European Union, the European Parliament, and the European Commission agreed in principle on the world’s first comprehensive legal regulations for artificial...more
The Most Significant Developments in Cybersecurity and Cyber-Related Liability Risks -
As we reflect upon 2023, it will unfortunately be remembered as a record-breaking year for ransomware and cybercrime....more
12/19/2023
/ Artificial Intelligence ,
Cryptocurrency ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Department of Justice (DOJ) ,
Hackers ,
Information Technology ,
NYDFS ,
Popular ,
Ransomware ,
Regulatory Oversight ,
Risk Management ,
Securities and Exchange Commission (SEC)