In this month’s Privacy & Cybersecurity Update, we review Connecticut’s passage of a comprehensive privacy law (making it the fifth state to do so), the newly enacted federal Better Cybercrime Metrics Act, New York’s new law...more
6/3/2022
/ COPPA ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
Personal Data ,
Popular ,
State Privacy Laws
In this month’s Privacy & Cybersecurity Update, we examine the FTC chair’s comments suggesting a potential shift in its approach to data privacy regulation, the European Data Protection Board’s request for comment on its...more
5/4/2022
/ Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
Food and Drug Administration (FDA) ,
Medical Devices ,
Personal Data ,
Personally Identifiable Information ,
Popular
In this month’s Privacy & Cybersecurity Update, we analyze the U.S. and EU’s joint commitment to create a new data transfer framework to replace the invalidated Privacy Shield, as well as Utah’s new state privacy law and...more
4/5/2022
/ Court of Justice of the European Union (CJEU) ,
Cybersecurity ,
EU ,
EU-US Privacy Shield ,
European Commission ,
European Economic Area (EEA) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Schrems I & Schrems II ,
Standard Contractual Clauses
In this month’s Privacy & Cybersecurity Update, we examine the Illinois Supreme Court’s decision in a case involving workers compensation and the state’s Biometric Information Privacy Act, U.K. data transfer regimes before...more
3/2/2022
/ Biometric Information ,
Biometric Information Privacy Act ,
COPPA ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection Authority ,
EU ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
IL Supreme Court ,
International Data Transfers ,
Internet of Things ,
NIST ,
Personal Data ,
Popular ,
Standard Contractual Clauses
This year, we expect to see new disclosure requirements; rule changes at the Securities and Exchange Commission that will affect directors; activists adopting new tactics; changes to shareholder voting processes; tax and...more
On February 10, 2022, the U.S. Securities and Exchange Commission (SEC) voted 3-1 to approve proposed changes to public company beneficial ownership reporting requirements. The SEC has long considered such changes to the...more
Takeaways -
ESG activist campaigners are likely to continue asserting themselves.
Companies that have merged with SPACs and whose stock prices have slumped will be at risk for activist pressure.
Watch for more activist...more
2/7/2022
/ Corporate Governance ,
Environmental Social & Governance (ESG) ,
Glass Lewis ,
Initial Public Offering (IPO) ,
Institutional Investors ,
Institutional Shareholder Services (ISS) ,
Popular ,
Proxy Season ,
Publicly-Traded Companies ,
Securities and Exchange Commission (SEC) ,
Shareholder Proposals ,
Special Purpose Acquisition Companies (SPACs)
In this month’s Privacy & Cybersecurity Update, we examine the U.S. Chamber of Commerce’s letter to Congress calling for federal cybersecurity legislation, the New York attorney general’s report on “credential stuffing”...more
2/3/2022
/ Biometric Information Privacy Act ,
Commercial General Liability Policies ,
Consumer Financial Protection Bureau (CFPB) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
FTC Act ,
Medical Devices ,
Personal Information
In this month’s Privacy & Cybersecurity Update, we review the TSA’s new cybersecurity requirements for critical U.S. infrastructure, the White House OMB’s new guidance on cyber incident reporting procedures and the U.S.-U.K....more
In this month’s Privacy & Cybersecurity Update, we examine the FBI’s warning to companies regarding cyberattacks targeting confidential M&A activity, as well as the Cybersecurity and Infrastructure Security Agency’s directive...more
12/1/2021
/ Cyber Attacks ,
Cyber Insurance ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
EU ,
European Data Protection Board (EDPB) ,
FBI ,
International Data Transfers ,
Ransomware ,
Robocalling
On November 17, 2021, the U.S. Securities and Exchange Commission (SEC), by a 3-2 vote, proposed amendments to the rules governing proxy voting advice businesses (proxy advisors). The amendments would rescind two portions of...more
On November 17, 2021, the Securities and Exchange Commission (SEC) adopted amendments to the proxy rules mandating the use of universal proxy cards in contested elections. The new rules require both companies and dissidents...more
On November 3, 2021, the Division of Corporation Finance (Staff) of the U.S. Securities and Exchange Commission (SEC) published Staff Legal Bulletin No. 14L (SLB 14L), which explicitly rescinds Staff Legal Bulletin Nos. 14I,...more
In this month’s edition of our Privacy & Cybersecurity Update, we examine the FTC’s changes to the Gramm-Leach-Bliley Act’s Safeguards Rule and the CFPB’s order requiring six tech companies to disclose information regarding...more
11/2/2021
/ Consumer Financial Protection Bureau (CFPB) ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
GEICO ,
Gramm-Leach-Blilely Act ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Multidistrict Litigation ,
Putative Class Actions ,
Safeguards Rule
In this month’s edition of our Privacy & Cybersecurity Update, we examine the California Privacy Protection Agency's public comment period for the California Privacy Rights Act, the U.K. government's public consultation...more
10/4/2021
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
EU ,
Fourth Amendment ,
General Data Protection Regulation (GDPR) ,
Office of Foreign Assets Control (OFAC) ,
Personal Information ,
Public Comment ,
Surveillance
In this month’s edition of our Privacy & Cybersecurity Update, we examine FINRA’s report on cloud computing, Connecticut’s new safe harbor for companies following certain cybersecurity protocols and a district court dismissal...more
9/1/2021
/ China ,
Cloud Computing ,
Communications Decency Act ,
Consultation Periods ,
Covered Entities ,
Cybersecurity ,
Data Protection ,
Financial Industry Regulatory Authority (FINRA) ,
International Data Transfers ,
Safe Harbors ,
Section 230 ,
Securities Regulation
In this month’s edition of our Privacy & Cybersecurity Update, we examine cybersecurity guidance issued by New York state, and the Cybersecurity and Infrastructure Security Agency’s new “Bad Practices” website outlining what...more
8/3/2021
/ Best Practices ,
California Consumer Privacy Act (CCPA) ,
COPPA ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
European Data Protection Board (EDPB) ,
Federal Trade Commission (FTC) ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
NYDFS ,
Popular ,
Ransomware
In this month’s edition of our Privacy & Cybersecurity Update, we examine the European Commission’s new Standard Contractual Clauses and the European Data Protection Board’s new recommendations on international data flows. We...more
7/9/2021
/ Computer Fraud and Abuse Act (CFAA) ,
Cybersecurity ,
Data Protection ,
European Commission ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Popular ,
Ransomware ,
Schrems I & Schrems II ,
State Privacy Laws
The election of three directors nominated by a climate-focused activist fund and shareholder support for detailed lobbying disclosures highlight the ESG forces boards now face. ...more
In this month's edition of our Privacy & Cybersecurity Update, we examine the Second Circuit's ruling allowing standing for increased risk of identity theft following a data breach, the European Commission's recently released...more
5/3/2021
/ Artificial Intelligence ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Labor (DOL) ,
EBSA ,
EU ,
European Commission ,
IN Supreme Court ,
Ransomware
In this month’s edition, we examine California’s new regulations enhancing opt-out rights in the California Consumer Privacy Act and the state's selections for the California Privacy Protection Agency’s inaugural board. We...more
4/2/2021
/ California Consumer Privacy Act (CCPA) ,
Commercial General Liability Policies ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
FDCPA ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
Opt-Outs ,
Personal Data ,
Securities and Exchange Commission (SEC) ,
State Attorneys General ,
State Privacy Laws ,
TCPA
On February 26, 2021, Vice Chancellor Kathaleen S. McCormick of the Delaware Court of Chancery permanently enjoined a stockholder rights plan — or so-called “poison pill” — with a 5% trigger that The Williams Companies, Inc....more
In this month's edition of our Privacy & Cybersecurity Update, we examine the New York Department of Financial Services' issuance of the first-ever cyber insurance risk guidance framework, the Eleventh Circuit's ruling...more
Takeaways
- Activism is likely to rebound as the business world recovers from COVID-19 disruptions.
- Some activists are raising permanent capital, giving them new leverage, and activist approaches have become more...more
In this month's edition, we examine the European Commission's Digital Services Act and its potential regulatory impact, the National Institute of Standards and Technology's draft guidance on internet-of-things devices'...more
2/4/2021
/ Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Retention ,
Data Security ,
Digital Services ,
Draft Guidance ,
European Commission ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Internet of Things ,
NIST ,
Popular ,
Privacy Policy