If a company has questions about how to comply with California’s new data privacy law, it may, under a remarkable provision of that law, request an opinion from California’s attorney general (AG). This article analyzes that...more
7/12/2019
/ Advisory Opinions ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Rights ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
State and Local Government ,
State Attorneys General ,
Supervisory Guidance
If a company sells personal information of California consumers, then the California Legislature has claimed real estate on its homepage. This article summarizes this new requirement of a “Do Not Sell My Personal Information”...more
6/28/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data-Sharing ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
State and Local Government ,
Websites
The Baltimore city government's email and other systems have been offline for more than three weeks as the result of a ransomware attack in early May. This is not the first local government to have been the victim of such...more
6/3/2019
/ Administrative Agencies ,
Civil Liability ,
Cyber Attacks ,
Data Breach ,
Email ,
Emergency Response ,
First Responders ,
Hackers ,
Information Technology ,
Municipalities ,
Personally Identifiable Information ,
Ransomware ,
State and Local Government
Emulex Corp. v. Varjabedian, No. 18-459 (U.S. Apr. 23, 2019) -
On April 23, 2019, the U.S. Supreme Court dismissed a writ of certiorari that could have decided whether investors may sue public companies alleged to have...more
4/24/2019
/ Denial of Certiorari ,
Emulex Corp. v Varjabedian ,
Material Misstatements ,
Negligence ,
Private Right of Action ,
Publicly-Traded Companies ,
SCOTUS ,
Securities Exchange Act ,
Securities Litigation ,
State of Mind ,
Tender Offers
Sophisticated due diligence in corporate mergers and acquisitions has long included an assessment of the cybersecurity posture and privacy protocols of the target company. But the new California Consumer Privacy Act (CCPA)...more
The protection of senior investors continues to be a priority for FINRA, from both an examination and enforcement perspective. In fact, FINRA detailed how seniors are one of its major areas of concern in the last three...more
7/13/2018
/ Amended Rules ,
Disbursement Issues ,
Elder Abuse ,
Elder Issues ,
Exploitation ,
Financial Industry Regulatory Authority (FINRA) ,
Investment Management ,
Regulatory Oversight ,
Regulatory Requirements ,
SEC Examination Priorities ,
Senior Investors
On March 20, the Supreme Court reached two holdings important to securities litigators. First, the Court held that the Securities Litigation Uniform Standards Act of 1998 (“SLUSA”) did not strip state courts of their ability...more
Threats to your business operations come in many forms, including natural disasters that risk life and property such as the historic flooding from Hurricane Harvey in Texas, the risks from Hurricane Irma, or this summer's...more
A federal magistrate judge in California has allowed a securities fraud suit against a late-stage private company to proceed despite the plaintiff investors holding a security interest only through intermediary,...more
5/4/2017
/ Advertising ,
Breach of Contract ,
Centers for Medicare & Medicaid Services (CMS) ,
Corporate Counsel ,
Initial Public Offering (IPO) ,
Investment Funds ,
Life Sciences ,
Pharmaceutical Industry ,
Sanctions ,
Securities Fraud ,
Securities Litigation ,
Theranos ,
Walgreens
Investment advisers, securities brokers, and other financial professionals who work directly with clients who are age 60 and older have two reasons to learn more about Florida’s financial elder abuse laws....more
5/3/2017
/ Attorney's Fees ,
Elder Abuse ,
Exploitation ,
Fee-Shifting ,
Financial Abuse ,
Financial Industry Regulatory Authority (FINRA) ,
Financial Institutions ,
Financial Services Industry ,
Florida ,
Risk Management ,
Treble Damages
On March 27, 2017, the Supreme Court granted certiorari in the case of Leidos Inc., f/k/a SAIC Inc. v. Indiana Public Retirement System, a securities fraud class action. The case will resolve a circuit split over whether a...more
4/13/2017
/ Disclosure Requirements ,
Kickbacks ,
Leidos Inc v Indiana Public Retirement System ,
Putative Class Actions ,
Regulation S-K ,
Retirement Plan ,
Rule 10(b) ,
SCOTUS ,
Securities Exchange Act ,
Securities Fraud ,
Securities Litigation
We help companies prepare for, respond to, and clean up data breaches and related events. We are lawyers, but in this role, we often look over the shoulders of cybersecurity technical experts, who are advising companies on...more
The recent dismissal of a Home Depot derivative action ends a string of high-profile derivative suits stemming from large-scale corporate data breaches. On November 30, the Northern District of Georgia dismissed a shareholder...more
12/7/2016
/ Breach of Duty ,
Business Judgment Rule ,
Corporate Governance ,
Cybersecurity ,
Data Breach ,
Derivative Suit ,
Dismissals ,
Home Depot ,
Internal Controls ,
Popular ,
Proxy Statements ,
Shareholders
Federal funding is the grand prize for higher education research institutions. Each year, the federal government pumps hundreds of millions of dollars in research grants and awards into the university system. These funds are...more
12/6/2016
/ Department of Justice (DOJ) ,
Educational Institutions ,
False Claims Act (FCA) ,
False-Certification of Conformance ,
Federal Funding ,
Fraud ,
Higher Education Act ,
Online Education ,
Research Funding ,
Title IX ,
Universities ,
Whistleblowers
Last month the White House disclosed how the federal government will coordinate incident response activities in the event of a large-scale cyber incident. While the policy directive is worth reading in its entirety, this...more
8/29/2016
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Incident Reporting ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Incident Response Plans ,
NCCIC ,
Presidential Directives
SEC Chicago Regional Director David Glockner spoke at a PLI Conference in New York on June 6 regarding the SEC’s data security regulations and enforcement efforts. Mr. Glockner acknowledged frustration with the Division of...more
6/30/2016
/ Corporate Issuers ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Financial Markets ,
Investors ,
Morgan Stanley ,
Non-Public Information ,
Personally Identifiable Information ,
Popular ,
Publicly-Traded Companies ,
Regulation S-P ,
Safeguards Rule ,
Securities and Exchange Commission (SEC)
Last week, the United States Court of Appeals for the Eleventh Circuit held that a district court cannot hear constitutional challenges to an ongoing administration enforcement action of the U.S. Securities and Exchange...more
6/24/2016
/ Administrative Law Judge (ALJ) ,
Administrative Proceedings ,
Appeals ,
Appointments Clause ,
Article I ,
Article II ,
Enforcement Actions ,
Jurisdiction ,
Non-Delegation Doctrine ,
Right to a Jury ,
Securities Act ,
Securities and Exchange Commission (SEC) ,
Securities Litigation ,
Securities Violations ,
Seventh Amendment
Breaking up is hard to do. In the investment industry, it can be even harder because one half of the couple needs to publish the reasons for the break-up.
When a registered representative separates from a broker-dealer...more
I. Legal Exposure to Federal and State Privacy Laws -
A. Federal Statutes and Enforcement -
1. Federal Trade Commission Act, 15 U.S.C. §§ 41-58 -
The Federal Trade Commission (FTC) has emerged as the leading...more
3/1/2016
/ Breach Notification Rule ,
Communications Act of 1934 ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Security ,
EU ,
EU-US Privacy Shield ,
Fair Credit Reporting Act (FCRA) ,
FCC ,
Federal Trade Commission (FTC) ,
FTC Act ,
Gramm-Leach-Blilely Act ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HITECH Act ,
Intellectual Property Protection ,
Malware ,
US-EU Safe Harbor Framework
Internal investigations into suspected employee wrongdoing are particularly tricky for in-house counsel, who must protect corporate confidentiality, be mindful of regulatory reporting requirements, and respect labor...more
In This Issue:
IN THE SPOTLIGHT -
- Your Data Breach Collided With My Personal Injury Coverage
LIFE INSURANCE -
- Phantom Injury Dooms “Shadow Insurance” Case
- Latest NAIC Cybersecurity News...more
10/8/2015
/ Administrative Law Judge (ALJ) ,
AIG ,
Auto Body Shop ,
Bailout ,
Banking Sector ,
Banks ,
Big Data ,
Breach Notification Rule ,
Class Action ,
Compliance ,
Consumer Financial Products ,
Consumer Financial Protection Bureau (CFPB) ,
CT Supreme Court ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Security ,
Department of Labor (DOL) ,
Derivative Suit ,
Disclosure Requirements ,
Disparate Impact ,
EB-5 ,
Fair Housing Act (FHA) ,
FFIEC ,
Fiduciary Duty ,
Financial Institutions ,
Foreclosure ,
Healthcare ,
Insurance Industry ,
King v Burwell ,
Life Insurance ,
Mortgage Servicers ,
Mutual Funds ,
NAIC ,
Online Advertisements ,
Ransomware ,
Reassigned Phone Numbers ,
Regulation A ,
RI Supreme Court ,
SCOTUS ,
Securities and Exchange Commission (SEC) ,
Standing ,
TCPA ,
Telecommunications ,
Treble Damages ,
Whistleblowers
The Ninth Circuit Court of Appeals this spring held that mutual fund shareholders could maintain direct claims against the fund’s trustees for breach of their common law fiduciary duties. Before Northstar v. Schwab, such...more
10/2/2015
/ Appeals ,
Beneficiaries ,
Breach of Duty ,
Derivative Suit ,
Fiduciary Duty ,
Investment ,
Investment Companies ,
Investors ,
Mutual Funds ,
Shareholders ,
Trustees
Shortly after the massive 2013 Target data breach, shareholders filed four derivative lawsuits against the company’s directors and some of its officers (13 CARE 624, 3/20/15). The shareholders alleged that the defendants had...more
8/17/2015
/ Caremark claim ,
Corporate Counsel ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Derivative Suit ,
Derivatives ,
Fiduciary Duty ,
Hackers ,
Home Depot ,
Information Security ,
Popular ,
Securities and Exchange Commission (SEC) ,
Shareholders ,
Target ,
Wyndham ,
Young Lawyers
Late last week, the U.S. Court of Appeals for the Second Circuit reversed the dismissal of a shareholder class action against the makers of Keurig coffeemakers and their ubiquitous “K-Cups.” In so doing, the Second Circuit...more
7/30/2015
/ Class Action ,
Financial Reporting ,
Fraud ,
Inventory ,
Keurig Inc ,
PSLRA ,
Putative Class Actions ,
Rule 10b-5 ,
Scienter ,
Securities and Exchange Commission (SEC) ,
Securities Exchange Act ,
Shareholder Litigation ,
Shareholders
Cyber scammers continually innovate new means to extract valuable information from unsuspecting victims. And a new form of cyber fraud is exploiting the close relationship between CEOs and CFOs. Identifying this threat — and...more
7/20/2015
/ C-Suite Executives ,
CEOs ,
CFOs ,
Compliance ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Department of Justice (DOJ) ,
Email ,
FBI ,
Hackers ,
Phishing Scams ,
Software ,
Wire Fraud