On March 15, 2023, the Securities and Exchange Commission (SEC) proposed three rule changes that demonstrate its continued focus on cybersecurity. One of these proposals, and the only one to be unanimously approved (the...more
In an era of increasing cyberattacks by varying threat actors, the board's oversight of cybersecurity risks remains a key responsibility. In two recent cases, the Delaware Court of Chancery (Chancery Court) dismissed Caremark...more
The year 2022 saw a groundswell of interest in privacy rights and related legislation. Five states enacted new laws or regulations aimed at protecting a general right to privacy, while the U.S. government came closer than...more
1/24/2023
/ Corporate Counsel ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
FinCEN ,
NYDFS ,
Popular ,
Risk Management ,
Russia ,
Securities and Exchange Commission (SEC)
On Oct. 24, the Federal Trade Commission (FTC) issued a proposed decision and order against Drizly LLC and its CEO regarding allegations that the company’s security failures led to a data breach exposing the personal...more
On July 20, 2022, the House Committee on Energy and Commerce advanced a new federal privacy bill titled the American Data Privacy and Protection Act (ADPPA) to the House floor. Although it is not yet law, many commentators...more
The first half of 2022 illuminated important trends in the corporate governance space. In recent months, there were notable developments in the enforcement of economic sanctions and export control measures, and the oversight...more
7/5/2022
/ California ,
Corporate Counsel ,
Corporate Governance ,
Cryptocurrency ,
Cybersecurity ,
Department of Justice (DOJ) ,
Environmental Social & Governance (ESG) ,
Equal Protection ,
Export Controls ,
Popular ,
Proxy Season ,
Securities and Exchange Commission (SEC) ,
State Constitutions ,
White Collar Crimes
On May 10, 2022, Connecticut became the fifth state to enact a comprehensive privacy law to protect personal data, joining California, Virginia, Colorado and Utah. Although privacy and data security laws have existed in the...more
On March 9, the SEC, by a 3-1 vote, proposed new rules in its most far-reaching effort to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance and incident reporting by public...more
On March 15, 2022, President Joe Biden signed the Cyber Incident Reporting for Critical Infrastructure Act (the Act) into law as part of the $1.5 trillion fiscal 2022 omnibus spending package. The Act will create a mandatory...more
2021 was a busy year for corporate governance matters, with new legislation passed early in the year and new enforcement priorities emerging under the Biden administration. Kramer Levin lawyers published numerous articles...more
1/6/2022
/ Anti-Money Laundering ,
Broker-Dealer ,
Caremark claim ,
Corporate Governance ,
Cybersecurity ,
Diversity and Inclusion Standards (D&I) ,
Environmental Social & Governance (ESG) ,
Federal Trade Commission (FTC) ,
FinCEN ,
Foreign Corrupt Practices Act (FCPA) ,
Office of Foreign Assets Control (OFAC) ,
Public Comment ,
Securities and Exchange Commission (SEC)
On Oct. 6, 2021, Deputy Attorney General Lisa O. Monaco announced the creation of a Department of Justice (DOJ) Civil Cyber-Fraud Initiative (the Initiative). According to the announcement, the Initiative combines the DOJ’s...more
Demonstrating its continued focus on cybersecurity enforcement, the Securities and Exchange Commission (SEC) announced three new actions on Aug. 30 charging eight firms with maintaining deficient cybersecurity policies and...more
On July 7, 2021, Colorado’s governor signed into law the Colorado Privacy Act (CPA), which follows similar privacy laws enacted in California and Virginia and is consistent with an expanding national trend. ...more
On June 14, the Securities and Exchange Commission (SEC) announced a $490,000 settlement with the real estate services provider First American Financial Corporation (First American) for violations of disclosure controls and...more
On Friday, June 11, the Securities and Exchange Commission (SEC) filed its Agency Rule List for Spring 2021 with the Office of Management and Budget. The Agency Rule List gives clarity to when companies can expect to see...more
6/16/2021
/ 10b5-1 Plans ,
Cybersecurity ,
Disclosure Requirements ,
Environmental Social & Governance (ESG) ,
Investment Adviser ,
Proxy Voting Guidelines ,
Publicly-Traded Companies ,
Regulatory Agenda ,
Rulemaking Process ,
Securities and Exchange Commission (SEC) ,
Securities Regulation ,
Special Purpose Acquisition Companies (SPACs)
On June 7, the Department of Justice (DOJ) announced that it seized 63.7 of the 75 bitcoins paid by Colonial Pipeline to ransomware attackers last month. The recovered bitcoins were valued at $2.3 million at the time of...more
6/10/2021
/ Asset Seizure ,
Bitcoin ,
Cyber Attacks ,
Cybersecurity ,
Department of Justice (DOJ) ,
Enforcement Actions ,
FBI ,
Hackers ,
Infrastructure ,
Oil & Gas ,
Pipelines ,
Popular ,
Ransomware ,
Supply Chain