On May 4, 2023, an Idaho federal judge ruled that the Federal Trade Commission (FTC) needs stronger assertions of consumer harm in order for its data privacy suit against data broker/mobile analytics provider Kochava Inc....more
On August 24, 2022, California Attorney General Rob Bonta (AG) announced a proposed settlement with beauty retailer Sephora USA, Inc. to resolve claims that Sephora violated the California Consumer Privacy Act (CCPA). Under...more
Companies are now on the clock for comments on the new proposed California Privacy Rights Act (CPRA) regulations. On July 8, 2022, the California Privacy Protection Agency (CPPA) filed a Notice of Proposed Action, triggering...more
In this episode, Natasha Kohne and Michelle Reed, who head Akin Gump’s cybersecurity, privacy and data protection practice, and counsel Lauren York discuss the firm’s new CCPA Litigation Annual Report – 2021 Trends and...more
With the recent signing of the Utah Consumer Privacy Act (UCPA) by Gov. Spencer J. Cox on March 24, 2022, Utah has become the fourth state to enact a comprehensive law addressing consumer data privacy, joining California,...more
The Federal Trade Commission (FTC) issued a surprisingly strong warning to companies that they may face potential regulatory action if they fail to address known vulnerabilities, focusing in particular on the Log4j...more
Public comments to recently published regulations governing compliance with the California Privacy Rights Act (CPRA) show that stakeholders sharply disagree on multiple areas of the CPRA. Seventy submissions totaling nearly...more
This December, the Transportation Security Administration (TSA) issued a pair of Directives establishing cybersecurity measures for high-risk freight rail, passenger rail, and rail transit owners and operators. These...more
1/7/2022
/ Aviation Industry ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Department of Homeland Security (DHS) ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Incident Response Plans ,
Public Transportation ,
Railways ,
Surface Transportation ,
Transportation Industry ,
TSA ,
Vulnerability Assessments
On September 21, 2021, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) published an updated sanctions advisory, providing guidance to companies on sanctions compliance obligations related to ransomware...more
12/14/2021
/ Compliance ,
Cryptocurrency ,
Cyber Attacks ,
Cybersecurity ,
Data Security ,
New Guidance ,
Office of Foreign Assets Control (OFAC) ,
Ransomware ,
Sanctions ,
U.S. Treasury ,
Virtual Currency
On October 1, 2021, two Acts overhauling data privacy and cybersecurity in Connecticut took effect—the latest instance of stronger state breach reporting requirements with a safe harbor protection from litigation for...more
10/7/2021
/ Corporate Counsel ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HITECH Act ,
Notification Requirements ,
Personal Information ,
Popular ,
Safe Harbors ,
State Data Breach Notification Statutes
The U.S. Food and Drug Administration (FDA) announced that the newly-created post of Acting Director of Medical Device Security has been filled by Kevin Fu, a University of Michigan associate professor and founder of the...more
• The SEC issued guidance in the form of a rare “21(a) report” this week after investigating a series of email frauds impacting 9 unnamed companies.
• These email-based frauds, referred to as “CEO scams” or “vendor scams,”...more
10/19/2018
/ Accounting Controls ,
Business E-Mail Compromise (BEC) ,
CEOs ,
Corporate Finance ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Email ,
Enforcement Actions ,
Internal Controls ,
New Guidance ,
Policies and Procedures ,
Popular ,
Publicly-Traded Companies ,
Scams ,
Securities and Exchange Commission (SEC) ,
Securities Exchange Act ,
Spoofing ,
Wire Fraud