This week, the Trump Administration reached the 100-day mark—a significant milestone in any presidential term wherein key administrative priorities and objectives are promulgated. Perhaps unsurprisingly, cybersecurity stands...more
5/2/2025
/ Cyber Incident Reporting ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Cybersecurity Maturity Model Certification (CMMC) ,
Department of Defense (DOD) ,
Department of Justice (DOJ) ,
False Claims Act (FCA) ,
FCC ,
Federal Contractors ,
Reporting Requirements ,
Securities and Exchange Commission (SEC) ,
Trump Administration
With the publication of a recent Notice of Proposed Rulemaking (NPRM), the Department of Justice National Security Division will soon become an important new regulator of transactions involving the transfer of sensitive U.S....more
10/29/2024
/ Biden Administration ,
China ,
Civil Investigation Demand ,
Comment Period ,
Compliance ,
Covered Person ,
Cross-Border Transactions ,
Data Retention ,
Department of Justice (DOJ) ,
Due Diligence ,
Executive Orders ,
International Data Transfers ,
International Emergency Economic Powers Act (IEEPA) ,
National Security ,
Personal Data ,
Proposed Rules ,
Regulatory Authority ,
Russia ,
Sensitive Personal Information
On October 11, 2024, the U.S. Department of Defense (DoD) at long last published a final rule establishing the Cybersecurity Maturity Model Certification (CMMC) Program (the Final Rule)...more
On February 28, 2024, President Biden signed Executive Order 14117, “Preventing Access to Americans’ Bulk Sensitive Personal Data and U.S. Government-Related Data by Countries of Concern” (the EO), under the authority of the...more
3/4/2024
/ Advanced Notice of Proposed Rulemaking (ANPRM) ,
Biden Administration ,
China ,
Consumer Financial Protection Bureau (CFPB) ,
Data Transfers ,
Department of Homeland Security (DHS) ,
Department of Justice (DOJ) ,
Executive Orders ,
International Data Transfers ,
International Emergency Economic Powers Act (IEEPA) ,
Rulemaking Process ,
Russia ,
Sensitive Personal Information
On July 10, 2023, the European Commission adopted its long-awaited adequacy decision for the EU-U.S. Data Privacy Framework (“Adequacy Decision”). This ends a three-year journey to set up a successor to the EU-U.S. Privacy...more
7/12/2023
/ Adequacy Requirement ,
Court of Justice of the European Union (CJEU) ,
Department of Justice (DOJ) ,
EU ,
EU-US Privacy Shield ,
European Commission ,
Executive Orders ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Iceland ,
International Data Transfers ,
Liechtenstein ,
Member State ,
Norway ,
Personal Data ,
U.S. Commerce Department
Speaking about the U.S. Department of Justice's enforcement priorities on Sept. 12 at the American Bar Association's annual Civil False Claims Act and Qui Tam Enforcement Institute conference, the principal deputy assistant...more
The US Department of Justice (DOJ) recently announced plans to use the False Claims Act (FCA) to pursue cybersecurity-related fraud by government contractors, subcontractors and grant recipients, including for providing...more
10/14/2021
/ Compliance ,
Cyber Crimes ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Protection ,
Department of Justice (DOJ) ,
DFARS ,
False Claims Act (FCA) ,
Federal Contractors ,
Fraud ,
Subcontractors
On February 27, 2020, the Cybersecurity Unit of the Justice Department’s Computer Crime and Intellectual Property Section released a guidance document addressing “Legal Considerations when Gathering Online Cyber Threat...more
On Wednesday, April 29, the US Department of Justice released guidance titled “Best Practices for Victim Response and Reporting of Cyber Incidents.” The guidance outlines steps companies should take before, during, and after...more