The U.S. Department of Justice (“DOJ”) Data Security Program (“DSP”) 90-day enforcement grace period ended as of July 8, 2025. While the program became effective April 8, 2025, DOJ implemented a 90-day enforcement grace...more
The U.S. Department of Justice (DOJ)’s new data security rule went into effect April 8, 2025. The rule creates what are effectively export controls and requires companies to take measures to prevent U.S. sensitive personal...more
On January 8, 2025, the Department of Justice (“DOJ”) published its final rule addressing Executive Order (E.O.) 14117, “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data...more
1/30/2025
/ Artificial Intelligence ,
China ,
Compliance ,
Cybersecurity Information Sharing Act (CISA) ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Justice (DOJ) ,
Enforcement ,
Export Controls ,
Final Rules ,
Information Technology ,
International Emergency Economic Powers Act (IEEPA) ,
National Security ,
Personal Data ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Requirements ,
Risk Management ,
Technology Sector
On August 22, 2024, the United States Department of Justice (DOJ) filed a Complaint-In-Intervention (the “Complaint”) against the Georgia Institute of Technology (Georgia Tech) and Georgia Tech Research Corp. (GTRC). The...more
On June 17, 2024, the Department of Justice (“DOJ”) announced the latest settlement under its Civil Cyber-Fraud Initiative (“CCFI”)... The settlement resulted in a total of $11,300,000 in payments from two consulting...more
For companies in the U.S. that hold certain personal data and U.S. Government-related data, rules stemming from recent Executive Order (“EO”) 14117 on “Preventing Access to Americans’ Bulk Sensitive Personal Data and United...more
The Biden Administration recently issued an Executive Order aimed at protecting American’s sensitive information and certain US Government data from threats posed by foreign actors. Of note is the Order’s focus on data...more
4/25/2024
/ Biden Administration ,
Cybersecurity ,
Data Brokers ,
Data Privacy ,
Department of Justice (DOJ) ,
Executive Orders ,
Export Controls ,
National Security ,
Personal Data ,
Privacy Laws ,
Prohibited Transactions
On November 30, 2023, the Inspector General of the Department of Defense (“DoD IG”) released a Special Report: Common Cybersecurity Weaknesses Related to the Protection of DoD Controlled Unclassified Information on Contractor...more
On December 12, 2023, the Department of Justice (“DOJ”) issued guidance related to the process by which companies may request the United States Attorney General authorize delays of cyber incident disclosures, pursuant to a...more
1/22/2024
/ Banking Sector ,
Cybersecurity ,
Data Breach ,
Data Security ,
Department of Justice (DOJ) ,
Disclosure Requirements ,
Enforcement Actions ,
Form 8-K ,
National Security ,
New Guidance ,
Reporting Requirements ,
Securities and Exchange Commission (SEC)
A few weeks ago, we discussed two recent cyber-related False Claims Act (FCA) cases. One of those cases is a qui tam lawsuit against Penn State and, as of the date of our article, we were waiting to see if DOJ would opt to...more
In recent weeks, there has been an uptick in news of cyber-related False Claims Act (“FCA”) activity. For example, on September 1, 2023, the court unsealed a qui tam lawsuit against Penn State University relating to...more
9/12/2023
/ Compliance ,
Compliance Monitoring ,
Controlled Defense Information (CDI) ,
Cybersecurity ,
Data Protection ,
Data Security ,
Department of Justice (DOJ) ,
DFARS ,
Enforcement ,
False Claims Act (FCA) ,
Federal Contractors ,
Internal Investigations ,
Policies and Procedures ,
Popular ,
Qui Tam ,
Universities ,
Whistleblowers
While you were asking ChatGPT to create a 3-course menu for the upcoming book club you’re hosting or to explain the Rule Against Perpetuities, several federal government agencies announced initiatives related to the use of...more
5/1/2023
/ Artificial Intelligence ,
Automated Systems ,
Bots ,
Consumer Financial Protection Bureau (CFPB) ,
Copyright ,
Department of Justice (DOJ) ,
Equal Employment Opportunity Commission (EEOC) ,
Federal Trade Commission (FTC) ,
Infringement ,
Machine Learning ,
NIST ,
Open Source Software ,
Patents ,
Rule Against Perpetuities ,
Technology Sector
On March 2, 2023, the Biden Administration released its National Cybersecurity Strategy. The Strategy represents the latest push by the Administration to focus on cybersecurity concerns, following the release of Executive...more
On March 8, 2022, just five months after the creation of the Department of Justice’s (“DOJ”) new Civil Cyber-Fraud Initiative (previously discussed...), the DOJ announced its first settlement of a cyber-related fraud case...more
As 2021 draws to a close, we wanted to share a recap of some of the most important cybersecurity developments we covered this past year along with some suggestions on what companies (particularly those that do business with...more
On Wednesday, October 6, 2021, the Department of Justice (“DOJ”) announced a new Civil Cyber-Fraud Initiative to enforce cybersecurity standards and reporting requirements. The Initiative will use DOJ’s civil enforcement...more
10/29/2021
/ Cybersecurity ,
Data Protection ,
Department of Justice (DOJ) ,
Enforcement Actions ,
False Claims Act (FCA) ,
Federal Contractors ,
Fraud ,
Policies and Procedures ,
Popular ,
Regulatory Oversight ,
Reporting Requirements