Sep. 22, 2021

SEC Cybersecurity Disclosure Enforcement Heats Up: Recent Developments

With an ongoing investigative sweep and a series of enforcement actions announced in the past few months, the SEC appears to be highly focused on cybersecurity disclosure enforcement during these early stages of the new administration. Companies regulated by the SEC should take steps now to ensure disclosure controls are in place and operating effectively. This first installment of a two-part guest article guest series by William Johnson, Matthew Hanson, Joseph Zales, and Charles Cain, attorneys at King & Spalding, reviews the applicable SEC regulations and guidance, along with the growing body of enforcement actions. Part two will discuss ongoing investigations and provide practical guidance for management and boards of directors regarding such controls. See “Six Ways to Be Prepared for the SEC’s Focus on Cybersecurity and Resiliency” (Apr. 15, 2020).  

Examining the Intersection of Voiceprints and Data Privacy Laws

The use of so-called voiceprints for authentication purposes is becoming increasingly common. Along with the benefits of those AI-driven technologies come multiple risks, especially privacy risks.  A recent Practising Law Institute seminar took a deep dive into voiceprints, examining the issues raised by the underlying technology, how voiceprinting differs from other voice-based systems, how voiceprints are treated under biometric privacy and other data privacy laws and other risks associated with the technology. The program featured Gail Gottehrer, founder of the Law Office of Gail Gottehrer; Ronald J. Hedges, senior counsel at Dentons; and Debbie Reynolds, founder and CEO of Debbie Reynolds Consulting. This article distills their insights. See “The Rise of Facial Recognition Technology: Uses and Risks” (Jan. 22, 2020).

Jacki Cheslow on IEEE’s Remote Program Assessment

To ensure that a compliance program is truly effective, it is necessary to pause from time to time and reassess. The COVID‑19 pandemic offered many companies the opportunity to pause – voluntarily or not – but created other barriers to program assessment, namely, the inability to meet with employees face-to-face to gain their feedback. Jacki Cheslow, global compliance leader at IEEE, was undaunted by these limitations. In a recent interview with our sister publication the Anti-Corruption Report, she explained how she worked with a compliance consultant to perform an entirely remote program assessment with very satisfying results. See “Insights on Building a Compliance Program at a New Company” (May 27, 2020).

Loeb & Loeb Welcomes New Co-Chair of Privacy, Security and Data Innovations Practice

Loeb & Loeb has announced its hire of Tanya Forsheit as a partner and co-chair of the firm’s privacy, security and data innovations practice. For insight from Loeb & Loeb, see “Recommended Data Strategies As Google Swears Off Web Tracking” (Mar. 24, 2021). For previous comments from Forsheit, see “Behind the Scenes: California AG’s Non-Public CCPA Inquiries” (Apr. 7, 2021).

Kelley Drye Welcomes Former FTC Duo to Privacy and Advertising Practice

Jessica Rich and Laura VanDruff have joined the privacy and advertising practice of Kelley Drye, the firm recently announced. For insight from Kelley Drye, see “Behind the Scenes: California AG’s Non-Public CCPA Inquiries” (Apr. 7, 2021).