Aug. 4, 2021

Evaluating Privacy and Cybersecurity Risks in Emerging Technology Transactions: Artificial Intelligence and EdTech

Global mergers, acquisitions and strategic investments are at a record high, and this significant uptick in transactional activity is taking place in an environment where privacy, data protection and cybersecurity laws and standards are rapidly expanding. A target company’s non-compliance with privacy and cybersecurity responsibilities can undermine its financial valuation, as well as its ability to complete a successful sale, an initial public offering or another strategic transaction. In this two-part guest article series, Sidley Austin attorneys Sujit Raman, Sharon Flanagan, Michael R. Roberts and Francesca Blythe examine U.S., U.K. and E.U. regulatory trends in four key emerging technology sectors that recently have seen vastly increasing amounts of transactional activity. In this first part, they outline key issues for stakeholders to consider when evaluating the privacy, data protection and cybersecurity risk profiles of target companies in artificial intelligence and education technology transactions. Part two will address biometrics, as well as financial technology and cryptocurrency transactions. See “Privacy and Cyber Due Diligence in M&A Transactions” (Mar. 11, 2020).

CISA and Chamber of Commerce Officials Discuss Cyber Essentials’ Six Pillars for Small Businesses

The Cybersecurity and Infrastructure Security Agency (CISA) wants small businesses to take a leadership-driven approach to implement effective cybersecurity strategies to protect their organizational infrastructure and customer data, and it recently published a guide intended to be a starting point for small-business owners as they establish greater resilience. CISA and Chamber of Commerce officials recently discussed the guidance, Cyber Essentials Starter Kit: The Basics for Building a Culture of Readiness, at a NowNext webinar. We detail their insights and the guide’s six key pillars. See “Cybersecurity Resolutions for 2021” (Jan. 13, 2021). 

The Evolution, Status and Future of RegTech in the Private Funds Industry

To stay ahead of increasing legal and compliance requirements, the private funds industry has been turning to regulatory technology (RegTech) to aid in quickly and efficiently performing functions to meet those obligations. This first article in a two-part series outlines the evolution of RegTech in the private funds industry, the current and future scope of its adoption, and ways the SEC is using RegTech, as discussed during an ACA Compliance Group program. The second article will describe how fund managers can use RegTech for their compliance efforts, as well as emerging technology in this area. See our two-part series on FINRA’s RegTech conference: “Digital Identification, Suspicious Activity Reporting and Machine Learning” (May 29, 2019); and “AI, RegTech Adoption and Compliance Challenges” (Jun. 5, 2019). 

Holland & Knight Welcomes Privacy Partner in Boston

Rachel Marmor has joined Holland & Knight as a partner in the firm’s data strategy, privacy and security practice in Boston. For insight from Holland & Knight, see “Facebook Wiretap Ruling Inspires Slew of Lawsuits Over Consumer Tracking” (Dec. 2, 2020); and “After Capital One Ruling, How Will Companies Protect Forensic Reports?” (Jun. 10, 2020).

Norton Rose Fulbright Expands Cyber Bench in Denver

James Kitchen has joined Norton Rose Fulbright’s cyber team as a partner in Denver, where he focuses on privacy, data security and technology issues. For insight from Norton Rose Fulbright, see our two-part series on the U.S. and U.K.’s first joint e-evidence pact under the CLOUD Act: “Fewer Hurdles, More Clarity and New Questions” (Nov. 20, 2019); and “A Look at the Privacy Protections” (Dec. 4, 2019).