The FTC and many state attorneys general aggressively monitor apps, websites, and internet-connected products for COPPA compliance.
In the United States, collecting data directly from children under 13 years of age is...more
2/26/2019
/ Advertising ,
Advertising to Minors ,
Consent ,
COPPA ,
Data Protection ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Internet of Things ,
Personal Data ,
Privacy Laws ,
Security and Privacy Controls ,
Websites
Ninth hearing on Competition and Consumer Protection in the 21st century highlights challenges of addressing persistent threats to data security.
On December 11 and 12, the Federal Trade Commission (the FTC or the...more
Seventh Hearing on Competition and Consumer Protection considers ethical, practical, and legal dimensions of artificial intelligence and machine learning.
On November 13 and 14, the Federal Trade Commission (FTC) held the...more
11/21/2018
/ Algorithms ,
Anti-Competitive ,
Antitrust Violations ,
Artificial Intelligence ,
Consumer Protection Laws ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
Legislative Agendas ,
Popular ,
Regulatory Agencies ,
Technology Sector
Sixth hearing on Competition and Consumer Protection in the 21st Century features disagreement over FTC’s enforcement priorities for consumer data.
The Federal Trade Commission (FTC) recently held the sixth hearing in its...more
The Brazilian Congress has been working on a bill relating to the protection of personal data for over eight years. The Senate approved the bill, known as the General Data Protection Act (GDPA), on 10 July 2018, and the bill...more
Businesses active in California should promptly assess whether the law applies to their practices and start planning towards compliance with the new law.
Key Points:
..A sweeping new privacy law — the California...more
What directors really need to know about the SEC guidance that has generated so much chatter.
With so much boardroom attention on cybersecurity, directors continue to focus on the Securities and Exchange Commission (SEC)...more
As of December 31, 2017, many United States government contractors face a new compliance requirement involving cybersecurity. This requirement will govern most new Department of Defense (DoD) contracts and, significantly,...more
12/26/2017
/ Bid Protests ,
Breach of Contract ,
Cybersecurity ,
Data Protection ,
Data Security ,
Department of Defense (DOD) ,
DFARS ,
False Claims Act (FCA) ,
Federal Contractors ,
NIST ,
Popular
The DFARS final rule requires contractors to safeguard information systems and imposes investigation and reporting requirements in the case of cyber incidents.
As of December 31, 2017, many United States government...more
HHS OCR issues checklist, iterative guidance in wake of WannaCry and Petya attacks; Anthem breach settlement provides additional lessons.
Key Points:
..Healthcare organizations are particularly vulnerable to ransomware...more
7/11/2017
/ Business Associates ,
Covered Entities ,
Cyber Attacks ,
Cyber Incident Reporting ,
Data Breach ,
Department of Health and Human Services (HHS) ,
Guidance Update ,
Health Care Providers ,
Incident Response Plans ,
OCR ,
Popular ,
Ransomware ,
Risk Management ,
Security and Privacy Controls
Trump Administration’s required cybersecurity assessments provide potential for new round of public-private collaboration.
The Trump Administration recently issued a much anticipated Executive Order (EO) addressing...more
The Trump Administration has issued a much anticipated Executive Order (EO),“Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure,” directing federal executive agency heads to undertake various...more
Ransomware is not only a growing security threat but a potentially thorny notification issue.
Ransomware is one of the most prevalent cybersecurity threats afflicting businesses today. When an attack hits, a victim...more
Tax-related identity theft is nothing new, but tax season 2016 took tax schemes to a new level.
Last year, our cyber experts advised a large cluster of clients (public and private companies) over a period of only two...more
The revised regulations eliminate many of the categorical requirements in the original proposal and instead adopt a more risk-based approach.
On December 28, 2016, the New York State Department of Financial Services...more
Comments submitted on the proposed regulations criticize the lack of a risk-based approach, overbroad definitions, potential extraterritorial implications, an excessive breach notification threshold and a daunting annual...more
The Standing Committee of the National People’s Congress of the People’s Republic of China (PRC) has introduced China’s first and comprehensive Network Security Law (also referred to as Cybersecurity Law). The law will have...more
The law will have far-reaching implications for parties that utilize the Internet and handle network data and personal information in the PRC.
On November 7, 2016, the Standing Committee of the National People’s Congress...more
Hacking of organizations’ systems is becoming increasingly commonplace, even with advancements in security practices. To mitigate risk, a company must have an enterprise-level, cross-functional incident response plan that is...more
Landmark ruling establishes a variety of new obligations, but long-term effects remain unclear.
On November 2, 2016, the US Federal Communications Commission (FCC) released an order adopting new privacy rules that will...more
Hacking of organisations’ systems is becoming increasingly commonplace, even with advancements in security practices. To mitigate risk, a company must have an enterprise-level, cross-functional incident response plan that is...more
Preparing for and rehearsing how to respond to a breach is as important as improving security systems and protocols.
Hacking of organizations’ systems is becoming increasingly commonplace, even with advancements in...more
New law requires employers to give notice of immunity rights in order to recover enhanced damages.
President Obama signed the Defend Trade Secrets Act (DTSA) into law on May 11, 2016. Certain relief available to...more
Broadband Internet access service providers would face a new, top-to-bottom consumer privacy regime.
Twelve months after the US Federal Communications Commission (FCC) imposed common-carrier telecommunications rules on...more
4/13/2016
/ Breach Notification Rule ,
Broadband ,
Comment Period ,
Customer Proprietary Network Information (CPNI) ,
Data Security ,
Data-Sharing ,
FCC ,
Internet Privacy ,
Internet Service Providers (ISPs) ,
Open Internet Rules ,
Opt-Outs ,
Personally Identifiable Information ,
Proposed Regulation ,
Third-Party
On March 17, 2016, the Civil Liberties Committee convened to discuss whether the Privacy Shield framework that will replace Safe Harbor provides adequate protection to the data of EU citizens. A number of experts were...more
3/24/2016
/ Article 29 Working Party (WP29) ,
Data Protection Authority ,
EU ,
EU-US Privacy Shield ,
European Commission ,
Federal Trade Commission (FTC) ,
International Data Transfers ,
Judicial Redress Act ,
Ombudsman ,
Personal Data ,
Standard Contractual Clauses ,
Surveillance ,
U.S. Commerce Department ,
US-EU Safe Harbor Framework