For full functionality of this site it is necessary to enable JavaScript. Here are the instructions to help you enable JavaScript in your web browser.

Regulations & Enforcement

Legislation
Investigations and Actions
Regulatory Bodies

Sep. 20, 2023

SEC and CFTC Continue to Penalize Firms for Electronic Communications Recordkeeping Violations

Sep. 13, 2023

Examining the Washington Attorney General’s FAQs on the My Health My Data Act

Sep. 13, 2023

Key Terms and Negotiation Issues in Data Processing Agreements

Sep. 6, 2023

Navigating the SEC’s Newly Adopted Cybersecurity Disclosure and Controls Regime

Sep. 6, 2023

E.U. Coordinated Enforcement Framework Focuses on DPOs

Aug. 9, 2023

Key Legal and Business Issues in AI-Related Contracts

Aug. 2, 2023

Navigating Evolving Data Breach Litigation and Regulatory Risks

Jul. 26, 2023

Bridging the Atlantic: E.U.‑U.S. Data Privacy Framework Practical Takeaways

Jul. 19, 2023

NYDFS Changes Its Cybersecurity Regulation Requirements Through Enforcement – Again

Jul. 19, 2023

CFTC Commissioner Shares Five Pillars of Cyber Resilience

Jul. 19, 2023

CJEU Decision Adds Antitrust Regulators as New GDPR Concern for Companies

Jul. 12, 2023

Analyzing 2023’s New State Privacy Laws: Oregon and Delaware Join the Strictest Tier

Jun. 28, 2023

SEC Steps Up Enforcement Actions Against Cryptocurrencies

Jun. 28, 2023

Analyzing 2023’s New State Privacy Laws: The First Six Plus Compliance Measures

Jun. 21, 2023

Xbox and Alexa COPPA Case Lessons: Avatars, Biometrics and Other New Expectations

Jun. 21, 2023

The Practical and Legal Complexities of Online Age Verification

Jun. 14, 2023

Deciphering California and U.K. Children’s Codes and Compliance Obligations

Jun. 14, 2023

Xbox and Alexa COPPA Case Lessons: Negotiating With the FTC Over Algorithms and Remedies

Jun. 7, 2023

Impact of State Privacy Laws on the Financial Services Sector

Jun. 7, 2023

Implications of CJEU Ruling on Compensation for GDPR Claims

Jun. 7, 2023

“Risk to Resilience”: CFTC Commissioner Romero Discusses Climate and Cybercrime Risk

May 31, 2023

Colorado Controllers: The Final (Rules’) Frontier

May 31, 2023

How to Navigate the Rough Waters and Turning Tides of U.S. States’ Anti-ESG Movement and Europe’s Pro-ESG Measures (Part Two of Two)

May 17, 2023

Meta and Epic Cases Show FTC Toughening Its Children’s Privacy Enforcement

May 17, 2023

Practical Steps to Take Based on SEC’s Proposed Cybersecurity Risk Management Rule for Investment Advisers

May 17, 2023

Understanding Cyber Attacks on Digital Asset Platforms

May 10, 2023

Making Sense of Evolving Regulations, Recent Enforcement Efforts and Antitrust Claims as to ESG Investing in the U.S. and E.U. (Part One of Two)

May 10, 2023

Aggressive Washington Health Privacy Law: Ten Compliance Priorities

May 3, 2023

Landscape of On-Chain Asset Tokenization and Blockchain Technology’s Path Toward Maturity

May 3, 2023

Aggressive Washington Privacy Law: Right to Sue and Onerous Consent Obligations

Apr. 19, 2023

Expedia and Lululemon Privacy Pros Discuss Scaling Vendor Contracting for New Privacy Laws

Apr. 12, 2023

Navigating the Intersection of Whistleblowing and China’s Data Protection Regime

Apr. 12, 2023

Complying With Europe’s Digital Services Act and Digital Markets Act

Apr. 5, 2023

Website-Tracking Lawsuits: Takeaways From New Dismissals of Wiretap Claims

Mar. 29, 2023

Use of Alternative Data Continues to Grow, Says New Survey

Mar. 29, 2023

Website-Tracking Lawsuits: A Guide to New Video Privacy Decisions Starring PBS and People.com

Mar. 29, 2023

FTC’s BetterHelp Case Prescribes Stronger Privacy Practices

Mar. 22, 2023

Managing Legal Issues Arising From Use of ChatGPT and Generative AI: Industry Considerations and Practical Compliance Measures

Mar. 15, 2023

Managing Legal Issues Arising From Use of ChatGPT and Generative AI: E.U. and U.S. Privacy Law Considerations

Mar. 15, 2023

SEC Modernizes Broker-Dealer Electronic Recordkeeping Rules

Mar. 15, 2023

A Roadmap to the Final Regulations Under the CPRA

Mar. 8, 2023

BIPA Decisions Expand Potential Liability: What’s Next in Illinois and Other States?

Mar. 1, 2023

Getting Used to Zero Trust? Meet Zero Copy

Feb. 22, 2023

Is Coinbase a Warning to Other Crypto Players?

Feb. 22, 2023

IAB Unveils Multistate Contract to Satisfy 2023 Laws’ Curbs on Targeted Ads

Feb. 15, 2023

Impact of Emerging Technologies on Financial Crime Risk Management

Feb. 8, 2023

Data Breaches and the Private Credit Market: Post-Breach Considerations

Feb. 8, 2023

How to Comply With the CPRA’s Data Minimization Standards

Feb. 1, 2023

Data Breaches and the Private Credit Market: Assessing Borrower Cyber Preparedness

Feb. 1, 2023

Key Privacy Issues for 2023

Jan. 25, 2023

France’s Cookie Enforcement Against TikTok and Microsoft Highlights Common Compliance Missteps

Jan. 25, 2023

Transparency of Beneficial Ownership Clashes With U.K. Privacy Laws

Jan. 25, 2023

E.U. Regulators Bar Meta From Requiring Users to Pay With Their Data

Jan. 18, 2023

A Sensitive Time for Location Data: Tips to Address New Rules and Vendor Standards

Jan. 11, 2023

Ten Cybersecurity Resolutions for Financial Services Firms in 2023

Jan. 4, 2023

FTC and $391-Million State AG Case Put Location Data Enforcement on the Map

Dec. 14, 2022

The Importance of Being a PIPL Pleaser: Update and Predictions on China’s Data Protection Law One Year In

Dec. 7, 2022

Google Settlement Shows DOJ's Increased Focus on Data Preservation

Nov. 30, 2022

FTC’s Drizly Case Shows Regulators Are Ready to Police Data’s Expiration Dates

Nov. 16, 2022

Ransomware Evolution: Government Efforts and Cyber Insurance

Nov. 16, 2022

What the FAQ: Deciphering the European Commission Guidance on the New SCCs

Nov. 2, 2022

How the New E.U.-U.S. Data Privacy Framework Clears a Path for Transatlantic Business

Oct. 26, 2022

SEC and CFTC Wall Street Resolutions Highlight Need for Communication and Records Compliance

Oct. 26, 2022

Takeaways From the New Push for a Federal AI Law

Oct. 26, 2022

Navigating the Interplay of Breach Response and Breach Notification

Oct. 19, 2022

A New Era of Cyber Incident Reporting and Cybersecurity Regulation: How Companies Should Prepare and Engage

Oct. 19, 2022

Held to Ransom: How Cyberattacks Can Become a Legal and Regulatory Odyssey for a Private Investment Fund

Oct. 12, 2022

A New Era of Cyber Incident Reporting and Cybersecurity Regulation: Key Provisions

Sep. 28, 2022

Lessons From California’s First CCPA Enforcement Action

Sep. 28, 2022

Using Software Bills of Materials to Bolster Security in Contracting

Sep. 21, 2022

Trio of Settled Enforcement Actions Highlights SEC Concerns About Identity Theft Policies and Procedures

Sep. 14, 2022

Shaping the BIPA Landscape: Avoiding Liability

Sep. 14, 2022

Robinhood Resolution a First for Cryptocurrency Enforcement in NY

Sep. 14, 2022

Compliance Survey Finds Data Management Challenges, Rising Costs and Increasing Uptake of RegTech

Sep. 07, 2022

Four Steps to Secure Open-Source Software After CSRB’s Log4j Investigation

Aug. 17, 2022

The SEC’s 2022 Reg Flex Agendas: Major Proposals and Ambitious Timelines

Aug. 17, 2022

Understanding and Implementing DoD’s Cybersecurity Requirements

Aug. 10, 2022

Protecting Against Crypto Theft

Aug. 3, 2022

How to Prepare for the Cybersecurity Incident Reporting for Critical Infrastructure Act

Aug. 3, 2022

Cybersecurity Compliance Lessons From NYDFS’ Carnival Action

Jul. 27, 2022

Employee Data Under the CPRA: Rights Requests, Privacy Policies and Enforcement

Jul. 27, 2022

A Checklist to Help Fund Managers Assess Their Cybersecurity Programs

Jul. 20, 2022

Employee Data Under the CPRA: Key Rights and Restrictions

Jul. 13, 2022

CPRA Draft Regulations: Essential Takeaways and 10 Actions to Take Now

Jun. 29, 2022

Navigating the Intersection of Digital Assets and AML

Jun. 29, 2022

Present and Former SEC Officials Discuss the Commission’s Latest Examination and Enforcement Tactics and Priorities

Jun. 22, 2022

New AI Rules: States Require Notice and Records, Feds Urge Monitoring and Vetting

Jun. 22, 2022

Fifth Circuit Decision Could Hamstring SEC Enforcement Abilities

Jun. 15, 2022

Privacy and Security Regulators Discuss New Enforcement Proposals and Compliance Best Practices

Jun. 8, 2022

Regulation Looms for Sharing of Sensitive Financial Data

Jun. 1, 2022

FINRA Clarifies Stance on CCO Supervisory Liability

May 25, 2022

TV Privacy: Will the TV Industry Agree to Standardize Consent on Screen?

May 18, 2022

Navigating the Intersection of Blockchain and Data Privacy Laws

May 11, 2022

Party of Five: Connecticut Law Solidifies Consensus on State Privacy Standards

May 4, 2022

Effective Use of Privacy Impact Assessments

Apr. 27, 2022

SEC Proposes Cyber Risk Management Rules for Advisers

Apr. 27, 2022

Preparing for CPRA Compliance: Jurisdictional Focus or a More Holistic Approach?

Apr. 27, 2022

New Utah Privacy Law Marks a Shift in State Privacy Legislation

Apr. 20, 2022

FTC’s Khan and Phillips Deliver Views on Future of Data Privacy Enforcement

Apr. 20, 2022

Privacy Enforcers Across the Globe Band Together to Coordinate Investigations

Apr. 13, 2022

U.S., E.U. Announce Trans-Atlantic Data Privacy Framework: What Companies Can Do Now

Apr. 13, 2022

California AG Opinion Hands Companies New Tasks for AI, Data Maps, Marketing

Mar. 30, 2022

Drafting Data and Cybersecurity Provisions in Third-Party Vendor Agreements

Mar. 23, 2022

Implications of DOJ’s Pursuit of the Crypto-Laundering Couple

Mar. 23, 2022

Are “Privacy-First” Clean Rooms Safe From Regulators?

Mar. 16, 2022

Securing Emerging Technologies Without Hampering Innovation: Government Initiatives and How Companies Can Adapt

Mar. 9, 2022

A Look at the NSCP’s Firm and CCO Liability Framework

Mar. 9, 2022

Securing Emerging Technologies Without Hampering Innovation: Private Sector Challenges

Mar. 2, 2022

Blockchain Recordkeeping Stirs Privacy Concerns

Mar. 2, 2022

Navigating Post-Schrems II International Data Transfer Waters: SCCs and Supplementary Measures

Feb. 23, 2022

Navigating Post-Schrems II International Data Transfer Waters: Challenges and TIAs

Feb. 23, 2022

Ad Industry’s Third-Party Data Use Grew Despite Impending Cookie Shutdown

Feb. 16, 2022

The Privacy and Antitrust Paradox in the Age of Data

Feb. 9, 2022

Will It Be Goodbye Forever? Navigating Consumer Requests to Delete Personal Data

Feb. 2, 2022

Compliance Takeaways From the Latest GDPR Enforcement Statistics

Feb. 2, 2022

Gensler Discusses the SEC’s Cyber Priorities

Jan. 26, 2022

Personal Liability and Compliance Resourcing Are Top Concerns Among CCOs, Surveys Show

Jan. 26, 2022

More Regulators Accept New Tool to Streamline Companies’ Cyber Compliance

Jan. 19, 2022

Privacy Resolutions for 2022

Jan. 19, 2022

Two European Regulators Warn Behavioral Advertising Skates on Thin Ice

Jan. 12, 2022

SEC Chair Gensler’s Stance on Three Key Disclosure Areas and the Role of Individual Accountability in Enforcement Actions

Dec. 01, 2021

FTC Sets Wheels in Motion for a Broad Privacy Rule Restricting Data Collection

Nov. 17, 2021

How Financial Institutions Should Strengthen Their Data Security to Comply With FTC’s Updated Safeguards Rule

Nov. 17, 2021

Data Localization: Cybersecurity Challenges Abound

Nov. 17, 2021

Practical Approaches to Conducting Transfer Impact Assessments Under the GDPR

Nov. 10, 2021

Data Localization: New Compliance Headaches and Costs Across the Globe

Nov. 3, 2021

Data Localization: Laws Spread and Enforcement Rises

Nov. 3, 2021

In-House Insight on Handling Data Subject Access Requests Under Multiple Privacy Regimes

Oct. 27, 2021

IOSCO Issues Final Guidance on AI and Machine Learning

Oct. 27, 2021

Lessons From the WhatsApp Decision on GDPR Transparency Requirements: Compliance Foundations

Oct. 20, 2021

U.K. Data Privacy Officers Discuss Challenges and Concerns

Oct. 20, 2021

Collective Actions in the U.K. After Lloyd v. Google

Oct. 20, 2021

Lessons From the WhatsApp Decision on GDPR Transparency Requirements: Enforcement Takeaways

Oct. 13, 2021

China’s First Information Protection Law: Compliance Essentials

Oct. 13, 2021

FINRA Report Outlines Growing Adoption of Cloud Computing by Securities Industry and Associated Regulatory Concerns

Oct. 6, 2021

Fund Managers Must Ensure Adequate Security Measures Under Safeguards Rule or Risk SEC Enforcement Action

Sep. 29, 2021

Value of Sponsors Implementing Portfolio Monitoring Models for ESG and Cybersecurity Issues

Sep. 29, 2021

SEC Cybersecurity Disclosure Enforcement Heats Up: Best Practices

Sep. 22, 2021

SEC Cybersecurity Disclosure Enforcement Heats Up: Recent Developments

Sep. 22, 2021

Examining the Intersection of Voiceprints and Data Privacy Laws

Sep. 8, 2021

What to Expect From the FCC and FTC Under the Biden Administration

Aug. 11, 2021

Using RegTech for Compliance Efforts and Potential Benefits of Emerging Technologies

Aug. 11, 2021

Complying With NYC’s New Biometrics Law

Aug. 4, 2021

The Evolution, Status and Future of RegTech in the Private Funds Industry

Aug. 4, 2021

Evaluating Privacy and Cybersecurity Risks in Emerging Technology Transactions: Artificial Intelligence and EdTech

Jul. 28, 2021

Incident Response in the Financial Services Industry

Jul. 21, 2021

Shedding Light on Dark Patterns: What Financial Institutions Need to Know

Jul. 21, 2021

Vaccines and Testing in the Post-Pandemic Workplace: Answers to the Tough Questions

Jul. 14, 2021

Vaccines and Testing in the Post-Pandemic Workplace: Understanding the Legal Framework and Making a Balanced Plan

Jul. 14, 2021

Personal Data Transfers After Year Zero: A More Appealing Set of EDPB Recommendations?

Jun. 30, 2021

Using RegTech to Enhance Compliance

Jun. 30, 2021

DOL Begins Cyber Audits to Protect U.S. Workers’ Retirement Savings

Jun. 30, 2021

Personal Data Transfers After Year Zero: Are the New SCCs a Paradigm Shift?

Jun. 23, 2021

Three Years In, GDPR Legal Landscape Remains in Flux

Jun. 23, 2021

Colorado Privacy Law Finishes Third, but Could Become the New Standard

Jun. 23, 2021

How the NYDFS Drives Cybersecurity in the Financial Services Industry

Jun. 16, 2021

The Impact of Recent Legislative and Litigation Trends on Commercial Use of De-Identified Data

Jun. 9, 2021

To “Cure” or Not to “Cure,” That Is the Question

Jun. 9, 2021

State AGs Share Breach Notification Tips and Latest Enforcement Concerns

Jun. 2, 2021

U.K. Data Protection Regulator Smooths Way for Fund Managers to Transfer Data to SEC

Jun. 2, 2021

AI Compliance Playbook: Adapting the Three Lines Framework for AI Innovations

May 26, 2021

CISA and DHS Counsel Explain Cybersecurity Executive Order’s Key Provisions

May 26, 2021

SEC Commissioner Examines Regulatory Approach to Digital Assets

May 5, 2021

Two Settlements Show NYDFS’ Hidden Power to Use Other States’ Breach Laws

Apr. 28, 2021

AI Compliance Playbook: Understanding Algorithm Audits

Apr. 28, 2021

Implementing NSA-CISA-FBI Advisory Mitigation Tactics for Vulnerabilities Exploited by Russia

Apr. 21, 2021

Supreme Court’s Facebook Decision Narrows Applicability of the TCPA, but Companies Are Not Home Free

Apr. 21, 2021

AI Compliance Playbook: Seven Questions to Ask Before Regulators or Reporters Do

Apr. 14, 2021

AI Compliance Playbook: Traditional Risk Controls for Cutting-Edge Algorithms

Apr. 7, 2021

Behind the Scenes: California AG’s Non-Public CCPA Inquiries

Apr. 7, 2021

Former Twitter and eBay Counsel Talks Overblown Fears, Third-Party Data Management, and CDA Section 230

Mar. 31, 2021

How Do You Put a System of Controls in Place When Your Target Keeps Moving?

Mar. 31, 2021

Managing Vendor Contracts From the Data Controller's Perspective

Mar. 31, 2021

KBR v. SFO: Implications for Overseas Document Production

Mar. 24, 2021

Recommended Data Strategies As Google Swears Off Web Tracking

Mar. 24, 2021

Privacy and Security Provisions in Vendor Agreements: Key Data Processing Considerations

Mar. 17, 2021

Privacy and Security Provisions in Vendor Agreements: Assessing the Risks

Mar. 17, 2021

Virtual Currencies: Opening a New Avenue for Financial Crimes

Mar. 10, 2021

Preparing for the CPRA’s New Consumer Rights Requirements

Mar. 10, 2021

Familiar and Fresh Mandates in Virginia’s New Privacy Law

Mar. 3, 2021

Best Practices for Data Transfers in the Wake of Schrems II

Feb. 17, 2021

A Fake Zoom Invite Hack: Eight More Lessons

Feb. 10, 2021

GDPR Lives On in the U.K. Post-Brexit

Feb. 10, 2021

A Fake Zoom Invite Hack: What Happened and Three Lessons

Feb. 10, 2021

What the New Information Security Reporting Standards Mean for Financial Institutions

Feb. 3, 2021

Expect Continuing Regulatory Focus on Cybersecurity and Data Protection in 2021

Feb. 3, 2021

Getting Started With CMMC: How to Prepare and What to Expect From the Assessment

Jan. 27, 2021

Getting Started With CMMC: Understanding Goals, Requirements and Challenges

Jan. 20, 2021

Privacy Resolutions for 2021

Jan. 20, 2021

Disputed Twitter Fine Offers Breach Response Lessons

Jan. 13, 2021

Can the Cybersecurity Industry Improve Cooperation to Beat Threats?

Jan. 6, 2021

Privacy and Security Risks in International Arbitration: Managing Remote Proceedings

Jan. 6, 2021

Maintaining Privacy While Staying Competitive in an Evolving Regulatory Landscape

Jan. 6, 2021

Six Practical Tips for Building an Effective Privacy Risk Assessment Program

Dec. 16, 2020

Privacy and Security Risks in International Arbitration: Threats and the Information Security Protocol

Dec. 16, 2020

How Will the Biden Administration’s Approach to Cybersecurity Impact the Private Sector?

Dec. 9, 2020

What the New IoT Act Means for the Private Sector

Dec. 9, 2020

Strategies for Managing the Intersection of Cybersecurity and New Technologies

Dec. 2, 2020

How CCOs Can Avoid Personal Liability for an Organization’s Compliance Failures

Dec. 2, 2020

ICO Hones GDPR Enforcement Approach With Reduced Fines for British Airways, Marriott and Ticketmaster

Nov. 18, 2020

Asset Disposal and Vendor Management Lessons From Morgan Stanley's OCC Settlement

Nov. 11, 2020

The Intelligent Workplace in the Age of a Pandemic: Six Privacy and Security Safeguards

Nov. 11, 2020

Understanding the World’s New Four-Letter Privacy Law: China’s PIPL

Nov. 4, 2020

Comparing U.S. and E.U. Approaches to Incident Response and Breach Notification

Oct. 28, 2020

The Intelligent Workplace in the Age of a Pandemic: Balancing Innovation and Risk

Oct. 21, 2020

Steps to Take After OFAC and FinCEN’s Warnings on Ransomware Payoffs

Oct. 21, 2020

Senior Commerce Official Discusses Supply Chain Security and Cyber Policy

Oct. 14, 2020

H&M’s $41M GDPR Fine Underscores Importance of Employee Data Handling

Oct. 14, 2020

Top Priorities for Compliance With Brazil’s New Personal Data Protection Law

Sep. 30, 2020

What to Expect From the CPRA – California’s New Proposed Privacy Law

Sep. 23, 2020

Identifying and Preventing Ransomware Attacks

Sep. 23, 2020

Apple Overhauls Privacy for iPhone Apps, but Will It Enforce Its Policies?

Sep. 9, 2020

Implementing the CCPA Regulations: Are You Ready?

Sep. 2, 2020

After Death of the Cookie, New Advertising Strategies Raise Compliance Questions

Sep. 2, 2020

Business Continuity Plans, Budgets and More: Hot Compliance Topics for Investment Advisers

Aug. 12, 2020

Navigating China’s Cybersecurity Regulatory Maze

Aug. 12, 2020

Six Compliance Lessons From NYDFS’ First Cybersecurity Regulation Enforcement Action

Aug. 5, 2020

CCPA and Online Ads: Contract and Compliance Consequences

Aug. 5, 2020

Early EDPB Guidance in the Wake of Schrems II Signals Where E.U.-U.S. Data Transfers Are Headed

Jul. 29, 2020

CCPA and Online Ads: Facebook Finally Acts, AG Starts Enforcement

Jul. 22, 2020

Ten Initial Steps for E.U. and U.S. Companies in Light of Schrems II Ruling

Jul. 15, 2020

Back to the Table: CCPA Regulations Spark New Wave of Service-Provider Negotiations

Jul. 15, 2020

Business Continuity Planning: How to Update a BCP With Lessons Learned From the Pandemic

Jun. 24, 2020

Balancing Privacy Rights and Innovation in Digital Contact Tracing

Jun. 24, 2020

How to Comply With Key CCPA Notice and Consumer Request Requirements

Jun. 24, 2020

Perspectives From the Public and Private Sectors on Information Sharing During COVID-19

Jun. 17, 2020

The (Im)Possibilities of Scientific Research Under the GDPR

Jun. 17, 2020

Privacy Settings May Serve as One-Step CCPA Opt-Out From Sale

Jun. 10, 2020

Are You Prepared for OCIE’s Sweep of Business Continuity Plans and Coronavirus Actions?

May 27, 2020

Recent Developments in E.U. Cybersecurity Regulation

May 20, 2020

Did Adtech Fix Its CCPA Problem? IAB’s GC Discusses New Contract for Data Sales

May 20, 2020

How to Facilitate a Safe and Privacy Compliant Return to Work: Policies and Protocols

May 13, 2020

How to Facilitate a Safe and Privacy Compliant Return to Work: Laws and Guidance

May 6, 2020

How Asset Managers and Others Can Mitigate Pandemic-Related Operational Risks and Maintain Business Continuity

Apr. 29, 2020

What Is the Potential Liability for Zoombombing, and How Safe Are Zoom Alternatives?

Apr. 29, 2020

Understanding Insider Trading Based on Data Breaches Amidst Heightened Regulatory Scrutiny

Apr. 22, 2020

GDPR Enforcement Lessons and New ICO Guidance on COVID‑19

Apr. 22, 2020

Morrisons Ruling Lets U.K. Employers Off the Hook for Rogue Employee Data Leaks

Apr. 22, 2020

How Is COVID-19 Affecting Cybersecurity Risk, Readiness, Reporting and NYDFS Enforcement?

Apr. 15, 2020

Six Ways to Be Prepared for the SEC’s Focus on Cybersecurity and Resiliency

Apr. 15, 2020

Takeaways From Former FTC Officials on 2019 Enforcement Actions: Data Security Guidance and Enforcement Predictions

Apr. 8, 2020

Takeaways From Former FTC Officials on the Commission’s 2019 Enforcement: General, Financial and Children’s Privacy

Apr. 1, 2020

A Considered Cooperation Approach Is Vital in ICO Data Protection Audits

Mar. 25, 2020

Are Companies Turning a Blind Eye to Their Lost Data on the Dark Web?

Mar. 25, 2020

Gauging the GDPR’s Global Reach

Mar. 11, 2020

The Keys to Encryption: Legal and Regulatory Framework

Mar. 11, 2020

NIST’s New IoT Standard: Inspiring a Wave of New Device Security Guidance

Mar. 4, 2020

Safeguards for Proper Disposal of Hardware: Effective Inventories, Policies and Due Diligence

Mar. 4, 2020

NIST’s New IoT Standard: Boosting Security As States Launch Laws

Feb. 26, 2020

Safeguards for Proper Disposal of Hardware: Risks and Examiner Expectations

Feb. 19, 2020

Best Practices for Using Alternative Data: Mitigating Regulatory Risks

Feb. 19, 2020

Consciously Coupling: Tackling the Juxtaposition Between Adtech and Privacy

Feb. 12, 2020

How to Approach CCPA’s Under-16 Opt‑in Consent

Feb. 12, 2020

Best Practices for Using Alternative Data: Collection and Provider Management

Feb. 5, 2020

Defining, Implementing and Documenting “Reasonable Security”

Feb. 5, 2020

CCPA Litigation Risks: How to Avoid Claims Under Other Statutes

Jan. 29, 2020

Establishing a Foundation for Breach-Notification Compliance in a Sea of Privacy Laws

Jan. 22, 2020

How to Stem the Coming Tide of CCPA Private Litigation

Jan. 15, 2020

Key Compliance Considerations for Fund Managers Using Alternative Data

Jan. 8, 2020

Present and Former Regulators Discuss Current SEC and NFA Examination and Enforcement Environment

Dec. 18, 2019

Not Just the GDPR: Privacy Laws in Belarus, Russia, Switzerland, Turkey and Ukraine

Dec. 11, 2019

Not Just GDPR: Examining the Other European Privacy Laws

Dec. 11, 2019

How to Handle E.U. Data Subject Access Requests

Dec. 4, 2019

U.K. and U.S. Sign First E-Evidence Pact Under the CLOUD Act: A Look at the Privacy Protections

Nov. 20, 2019

U.K. and U.S. Sign First E-Evidence Pact Under the CLOUD Act: Fewer Hurdles, More Clarity and New Questions

Nov. 13, 2019

AI for Fund Managers and Beyond: Government Guidance

Nov. 13, 2019

Updating Vendor Agreements to Comply With CCPA: Non-Third Parties and Key Steps

Nov. 13, 2019

Updating Cyber Policies to Align With Recent SEC Exams and Guidance

Nov. 6, 2019

AI for Fund Managers and Beyond: How to Use It to Streamline Operations

Nov. 6, 2019

Updating Vendor Agreements to Comply With CCPA: Service-Provider Exemption and Corporate Approaches

Oct. 30, 2019

Broad but Limited Reach of GDPR Highlighted in ECJ Google Ruling on “Right to Be Forgotten”

Oct. 23, 2019

ICO Enforcement Takeaways After Marriott and British Airways

Oct. 23, 2019

CFTC Issues $1.5-Million Fine After Phishing Attack

Oct. 16, 2019

Portuguese DPA Holds Parts of Portuguese Data Protection Law Inconsistent With GDPR

Oct. 16, 2019

How Uber, eBay and Pitney Bowes Built Principles-Based Global Privacy Programs

Oct. 9, 2019

Does the GDPR Disadvantage Non-E.U. Companies? Addressing the Lead Supervisory Authority Dilemma (Part Two)

Oct. 9, 2019

CCPA Close-Up: Examining the GLBA Carve-Out and How Financial Institutions Can Evaluate Applicability

Oct. 2, 2019

Does the GDPR Disadvantage Non-E.U. Companies? The Benefits of a Lead Supervisory Authority (Part One of Two)

Oct. 2, 2019

CCPA Close-Up: Review of Amendments and How to Prepare for Compliance

Sep. 18, 2019

New York’s First Mandated Cybersecurity Standards: A Compliance Roadmap

Sep. 18, 2019

Far-Reaching Google and YouTube Settlement Offers COPPA Compliance Lessons

Sep. 11, 2019

New York’s New Cybersecurity Standards: Expanding Definitions and Requirements

Aug. 21, 2019

Examining Portugal’s GDPR Implementation Statute

Aug. 21, 2019

Third-Party Data Breaches Highlight the Importance of Vetting Vendors in Compliance With GDPR and CCPA

Jul. 17, 2019

How to Establish an Efficient Incident Response Plan

Jul. 17, 2019

Maine Enacts Sweeping Broadband Customer Privacy Law

Jul. 10, 2019

Implications of Nevada’s New Privacy Law

Jul. 10, 2019

Parental Liability in the E.U.: Mitigating Liability at Various Stages of Portfolio Company Ownership

Jul. 10, 2019

Can GDPR Hinder AI Made in Europe?

Jun. 26, 2019

Preparing for the Latest SEC Cyber Sweeps

Jun. 26, 2019

Parental Liability in the E.U.: Rebuttable Presumption of Decisive Influence and Four Misconceptions About Avoiding Liability

Jun. 19, 2019

Kids, Privacy & Legal Compliance

Jun. 19, 2019

Parental Liability in the E.U.: “Undertakings” and Potential Scope of Risk for Parent Entities

Jun. 12, 2019

CCPA Priorities: Tackling Data Subject Rights Requests and Vendors

Jun. 5, 2019

FINRA RegTech Conference Reviews AI, RegTech Adoption and Compliance Challenges (Part Two of Two)

Jun. 5, 2019

Irish Data Protection Commissioner Helen Dixon on Breach Notification, the Role of the DPO and a U.S. Privacy Law

Jun. 5, 2019

CCPA Priorities: Turning Legislation Prep Into a Program Shift

May 29, 2019

FINRA RegTech Conference Examines Digital Identification, Suspicious Activity Reporting and Machine Learning

May 29, 2019

Irish DPC Helen Dixon on GDPR Enforcement Hurdles One Year In

May 22, 2019

Deputy Assistant Attorney General Seeks to Dispel CLOUD Act Misunderstandings One Year In

May 15, 2019

ECJ Confirms Direct Parental Liability for Civil Damages for Subsidiary Antitrust or GDPR Violations

May 8, 2019

Understanding Regulatory Technology: Current Uses and Deployment Considerations

May 8, 2019

Lessons From FTC 2018 Privacy and Data Security Update: Hearings, Reports and 2019 Predictions

May 1, 2019

Understanding Regulatory Technology: Tools, Challenges and Regulators’ Views

May 1, 2019

Lessons From FTC 2018 Privacy and Data Security Update: Financial Privacy, COPPA and International Enforcement

Apr. 24, 2019

Lessons From FTC's 2018 Privacy and Data Security Update: Enforcement Takeaways

Apr. 17, 2019

GPEN Report Highlights Key Areas for Data Privacy Improvement

Apr. 10, 2019

Combatting Privacy Issues Arising From Geolocation Data Use: Five Risk-Mitigation Strategies

Apr. 10, 2019

Utah Act Increases Restrictions on Access to Third-Party Data

Apr. 3, 2019

Combatting Privacy Issues Arising From Geolocation Data Use: Understanding the Legal Landscape

Mar. 27, 2019

Companies May Need to Re-Examine Approach to Breach Response Preparedness According to Experian Survey

Mar. 20, 2019

COPPA Compliance Lessons Following Musical.ly’s $5.7 Million FTC Settlement

Mar. 13, 2019

Takeaways From 2018 COPPA Developments and a Forward-Thinking Approach to Compliance

Mar. 13, 2019

Mitigating the Risks of Open-Source Software

Mar. 6, 2019

The NYDFS’ Cybersecurity Regulation’s Third-Party Requirement and Beyond

Mar. 6, 2019

Benefits and Risks of Open-Source Software and How the Financial Sector Is Using It

Mar. 6, 2019

Preparing for the CCPA: Best Practices and Understanding Enforcement

Feb. 27, 2019

Preparing for the CCPA: Securing Buy-In and Setting the Scope

Feb. 27, 2019

U.K. Employers on the Hook for Rogue Employee Data Leaks Post-Morrison

Feb. 20, 2019

ACA Aponix-NSCP Cyber Survey Finds Growing Numbers of Security Incidents, Cloud Use and Regulatory Burdens

Feb. 13, 2019

FINRA Report Addresses Common Cybersecurity Risks and Recommends Mitigation Measures

Feb. 6, 2019

Examining the New Requirements and Broad Definition of Data Broker Under Vermont’s New Law

Feb. 6, 2019

Analyzing Early GDPR Enforcement: France

Jan. 30, 2019

Analyzing Early GDPR Enforcement: U.K. and Austria

Jan. 30, 2019

How Healthcare and Other Industries Can Use the HHS Cybersecurity Practices Guidance

Jan. 23, 2019

Illinois Federal Court Denies Standing in BIPA Claim Against Google

Jan. 23, 2019

Massachusetts Breach Notification Law 2.0: More Protections for Consumers, More Requirements for Businesses

Jan. 23, 2019

Analyzing Early GDPR Enforcement: Portugal and Germany

Jan. 16, 2019

GDPR Provides Model for Privacy and Security Laws in Latin America and Asia (Part Two of Two)

Jan. 16, 2019

How a New Ethics Rule and Error in Manafort Case Highlight the Importance of Lawyers’ Technology Competence

Jan. 9, 2019

GDPR Provides Model for Privacy and Security Laws in Latin America and Asia (Part One of Two)

Jan. 9, 2019

FTC Data Security Hearing Examines M&A Cybersecurity Risks and Promoting Better Policies

Dec. 12, 2018

Implications of a Dynamic Regulatory and Threat Environment on E.U. and U.S. Cyber Insurance Markets

Dec. 12, 2018

Illinois Appellate Decision Creates Split on Standing to Sue Under BIPA

Dec. 12, 2018

Understanding the Potential Implications of Pennsylvania’s Newly Recognized Common Law Duty to Protect Personal Information

Dec. 5, 2018

Insights From Uber: Building Bridges Between Legal and Engineering

Nov. 28, 2018

SEC Officials and the Defense Bar Talk Cybersecurity Enforcement Trends and Takeaways From Recent Cases

Nov. 28, 2018

Insights From Uber: An Inside Look at Its Privacy Team Structure and How Legal and Tech Collaborated on Its Differential Privacy Tool

Nov. 28, 2018

The Growing Role of State AGs in Privacy Enforcement

Nov. 7, 2018

How to Improve Risk Analysis in the Wake of the Anthem’s Record Settlement

Nov. 7, 2018

How GoDaddy Built an Effective Privacy Program

Oct. 31, 2018

SEC Report on Business Email Compromise Signals That It May Pursue Insufficient Internal Controls Cases

Oct. 31, 2018

How to Comply With Canada’s New Privacy Breach Reporting and Record-Keeping Rules

Oct. 24, 2018

Unregistered Crypto Asset Fund Hit With Multiple Securities Laws Violations by SEC

Oct. 24, 2018

The Hidden Requirements in NYDFS’ Cybersecurity Regulation

Oct. 24, 2018

California Enacts Groundbreaking IoT Law and Requires Disclosure of Bot Use

Oct. 17, 2018

Regulating AI: U.S., E.U. and Industry Laws and Guidance

Oct. 10, 2018

Lessons From the SEC’s First Red Flags Rule Settlement

Sep. 26, 2018

Five Takeaways From the Fiserv Wake-Up Call

Sep. 19, 2018

Ohio Adopts Pioneering Cybersecurity Safe Harbor for Companies

Sep. 12, 2018

Colorado’s Revised Cybersecurity Law Clarifies and Strengthens Existing Requirements

Sep. 12, 2018

Information Sharing in the Private Sector: Lessons From the Financial Services Industry

Sep. 5, 2018

How the GDPR Will Affect Private Funds’ Use of Alternative Data

Aug. 22, 2018

A Fund Manager’s Roadmap to Big Data: Privacy Concerns, Third Parties and Drones

Aug. 15, 2018

A Fund Manager’s Roadmap to Big Data: MNPI, Web Scraping and Data Quality

Aug. 8, 2018

Essential Cyber, Tech and Privacy M&A Due Diligence Considerations

Aug. 8, 2018

U.K.’s Cyber Essentials Provide a Window Into GDPR Security Infrastructure Requirements

Jul. 25, 2018

GDPR Essentials for the Financial Sector: Staying Compliant and Special Challenges (Part Three of Three)

Jul. 18, 2018

GDPR Essentials for the Financial Sector: Compliance Steps (Part Two of Three)

Jul. 18, 2018

Overcoming Barriers to Cross-Border Data Flows, Contract Provisions and Other Digital Transformation Issues

Jul. 18, 2018

What to Expect From California’s Expansive Privacy Legislation

Jul. 11, 2018

Is Encryption Obligatory? HHS Upholds Texas Hospital $4.3M HIPAA Fine

Jul. 11, 2018

GDPR Essentials for the Financial Sector: Benchmarking and Assessing the Risks (Part One of Three)

Jun. 27, 2018

Implementation of NIS Directive Commences Unprecedented E.U.-Wide Cybersecurity Regime

Jun. 27, 2018

What Are the GDPR’s Implications for Alternative Investment Managers? (Part Two of Two)

Jun. 20, 2018

What Are the GDPR’s Implications for Alternative Investment Managers? (Part One of Two)

Jun. 13, 2018

CFTC Commissioner Encourages Formation of Self-Regulatory Organization for Cryptocurrency Spot Platforms

Jun. 6, 2018

Analyzing New and Amended State Breach Notification Laws

Jun. 6, 2018

Beyond GDPR: The E.U.’s Expanding Cybersecurity Regime

May 30, 2018

Understanding the Intersection of Law and Artificial Intelligence

May 16, 2018

Countdown to GDPR Enforcement: Final Steps and Looking Ahead

May 16, 2018

How to Ensure GDPR-Compliant Third-Party Relationships

May 9, 2018

The Right to Be Forgotten: English High Court Details When Google Must Delist Links to Crimes

May 9, 2018

How Financial Services Firms Should Structure Their Cybersecurity Programs

May 2, 2018

Direct From the Irish Data Commissioner: GDPR Enforcement Priorities (Part Two of Two)

Apr. 25, 2018

Direct From the Irish Data Protection Commissioner: Supervising Facebook (Part One of Two)

Apr. 11, 2018

Breaking the Cloud: CLOUD Act Brings Data Held Overseas Under U.S. Jurisdiction

Apr. 11, 2018

Virtual Currencies Ruled Commodities Under the Commodities Exchange Act by District Court

Mar. 28, 2018

EY Global Data Analytics Survey Finds Lack of GDPR Preparedness and Need for Cross-Functional Collaboration

Mar. 28, 2018

Beware of False Friends: A Hedge Fund Manager’s Guide to Social Engineering Fraud

Mar. 28, 2018

Singapore Focuses on Critical Infrastructure With New Cybersecurity Law

Mar. 28, 2018

Evaluating Cybersecurity Coverage in Light of the GDPR

Mar. 14, 2018

Developing an Effective Third-Party Management Program

Mar. 14, 2018

How Will the GDPR Affect Due Diligence?

Mar. 14, 2018

FTC Enters Into Stiff Settlement With PayPal for Venmo’s Deceptive Practices, but Eases up on a 2009 Sears Order

Feb. 28, 2018

How South Korea Regulates Cryptocurrency and Why U.S. Lawyers and Investors Should Take Notice

Feb. 28, 2018

SEC Confirms Cyber Disclosure Expectations in New Guidance

Feb. 28, 2018

Financial Firms Must Supervise Their IT Providers to Avoid CFTC Enforcement Action

Feb. 28, 2018

The GDPR’s Data Subject Rights and Why They Matter

Feb. 14, 2018

Using Technology to Comply With the GDPR

Feb. 14, 2018

Dynamic Regulations and Shareholder Actions Guide the Board’s Shifting Role in Cyber (Part Two of Two)

Feb. 14, 2018

Virtual Currencies Present Significant Risk and Opportunity, Demanding Focus From Regulators, According to CFTC Chair

Feb. 14, 2018

NY AG and HHS Flex Regulatory Muscles in Recent Protected Health Information Breach Settlements

Oct. 14, 2015

Privacy and Data Security Considerations for Life Sciences and Health Technology Companies (Part One of Two)

Jan. 31, 2018

Lessons and Trends From FTC’s 2017 Privacy and Data Security Update: Enforcement Actions (Part One of Two)

Jan. 31, 2018

Biometric Data Protection Laws and Litigation Strategies (Part One of Two)

Jan. 31, 2018

Dynamic Regulations and Shareholder Actions Guide the Board’s Shifting Role in Cyber (Part One of Two)

Jan. 17, 2018

A Practical Look at the GDPR’s Data Breach Notification Provision

Jan. 17, 2018

Deadline Passes for DoD Contractors and Subcontractors to Provide “Adequate Security”: Are They Ready?

Jan. 17, 2018

How Blockchain Will Continue to Revolutionize the Private Funds Sector in 2018

Dec. 20, 2017

Electronic Signatures: Implementation Considerations for the Financial Sector (Part Two of Two)

Dec. 20, 2017

Five Months Until GDPR Enforcement: Addressing Tricky Questions and Answers

Dec. 6, 2017

Actions Under Biometric Privacy Laws Highlight Related Risks

Dec. 6, 2017

Electronic Signatures: Implementation Considerations for the Financial Sector (Part One of Two)

Nov. 8, 2017

E.U. Data Regulators Weigh in on GDPR Prep in Asia and Across the Globe

Oct. 25, 2017

Privacy Shield Survives First Annual Review

Oct. 25, 2017

Survey Finds Cybersecurity Preparedness of Alternative Asset Managers to be Inadequate Relative to Traditional Asset Managers and Broker-Dealers

Oct. 11, 2017

Reconciling Data Localization Laws and the Global Flow of Information

Sep. 27, 2017

FTC Settlements in Privacy Shield Cases and With Lenovo Over Use of “Man-in-the-Middle” Software Highlight Vigorous Enforcement Efforts

Sep. 27, 2017

New Criteria for Employee Monitoring Practices in Light of ECHR Decision

Sep. 27, 2017

Deloitte Survey Shows Getting Skilled Cybersecurity Talent and Addressing Cyber Threats Among the Top Challenges for Financial Institutions

Sep. 13, 2017

Focus on Children’s Privacy by FTC and Plaintiffs Calls for Prioritizing COPPA

Aug. 23, 2017

Inside Advice on the Growing Cyber Insurance Market for the Financial Sector

Aug. 23, 2017

SEC Report Cites Cybersecurity Progress Along With Gaps in Training and Compliance

Aug. 23, 2017

Implications and Analysis of the E.U.-Canada Data Sharing Agreement Rejection

Aug. 9, 2017

Overcoming the Challenges and Reaping the Benefits of Multi-Factor Authentication in the Financial Sector (Part Two of Two)

Aug. 9, 2017

What the Financial Sector Should Know to Recognize and Combat Cyber Threats (Part Two of Two)

Aug. 9, 2017

Identifying and Managing Third-Party Cybersecurity Risks for Asset Managers

Jun. 3, 2015

Navigating Data Breaches and Regulatory Compliance for Employee Benefit Plans

Jul. 26, 2017

International Law Playing Cybersecurity Catch-Up (Part Two of Two)

Jul. 26, 2017

How the CCO Can Use SEC Guidance to Tackle Cyber Threats

Jul. 26, 2017

Overcoming the Challenges and Reaping the Benefits of Multi-Factor Authentication in the Financial Sector (Part One of Two)

Jul. 12, 2017

Synthesizing New York and Colorado’s Trailblazing Data Security Regulations for Financial Firms

Jul. 12, 2017

Blockchain and the Financial Services Industry: Potential Impediments to Its Eventual Adoption (Part Three of Three)

Jul. 12, 2017

Navigating the Intersection of ERISA Fiduciary Duties and Cybersecurity Risk

Jun. 28, 2017

Surveys Show Cyber Risk Remains High for Financial Services Despite Preventative Steps

Jun. 28, 2017

Three Takeaways From Congress’s Cross-Border Data Hearings

Jun. 28, 2017

How Financial Service Providers Can Use Blockchain to Improve Operations and Compliance (Part Two of Three)

Jun. 14, 2017

Are New York’s Cyber Regulations a “Game Changer” for Hedge Fund Managers?

Jun. 14, 2017

Basics of the Blockchain Technology and How the Financial Sector Is Currently Employing It (Part One of Three)

May 31, 2017

One Year Until GDPR Enforcement: Five Steps Companies Should Take Now

May 17, 2017

Tracking Data and Maximizing Its Potential

May 17, 2017

Executive Order on Cybersecurity Signed Amidst Massive Worldwide Ransomware Attack

May 3, 2017

Practical and Innovative Permissioning Within the Framework of Europe’s Upcoming Data Protection Regulations

May 3, 2017

SEC Officials Flesh Out Cybersecurity Enforcement and Examination Priorities (Part One of Two)

May 3, 2017

Infrastructure Cybersecurity Challenges: A View Through the Oil and Gas Pipeline Lens

May 3, 2017

European Data Protection Supervisor Offers Advice on Privacy Shield Review and GDPR Preparation

Apr. 19, 2017

Effective and Compliant Employee Monitoring (Part Two of Two)

Apr. 19, 2017

How to Ensure Cyber Risks Do Not Derail an IPO

Apr. 5, 2017

A Discussion With Ireland’s Data Protection Commissioner Helen Dixon About GDPR Compliance Strategies (Part Two of Two)

Apr. 5, 2017

Best Practices for Mitigating Compliance Risks When Investment Advisers Use Social Media

Apr. 5, 2017

Effective and Compliant Employee Monitoring (Part One of Two)

Mar. 22, 2017

A Discussion With Ireland’s Data Protection Commissioner Helen Dixon About GDPR Compliance Strategies (Part One of Two)

Mar. 8, 2017

What Covered Financial Entities Need to Know About New York’s New Cybersecurity Regulations

Feb. 22, 2017

Marsh and FireEye Take the Pulse of European Cybersecurity Climate

Feb. 22, 2017

Lessons for Connected Devices From the FTC’s Warning Against Unexpected Data Collection

Feb. 8, 2017

Getting to Know the DPO and How to Adapt Corporate Structure to Comply With GDPR Requirements for the Role (Part Two of Two)

Feb. 8, 2017

Lessons From the Continued Uptick in HIPAA Enforcements

Feb. 8, 2017

How Fund Managers Can Prepare for Investor Cybersecurity Due Diligence

Jan. 25, 2017

Getting to Know the DPO and Adapting Corporate Structure to Comply With the GDPR (Part One of Two)

Jan. 25, 2017

Preparing to Meet the Deadlines of DFS’ Revised New York Cybersecurity Regulation

Jan. 25, 2017

FINRA Emphasizes the Importance of Proper Electronic Record Storage in Enforcement Actions

Jan. 25, 2017

Triaging Security Projects in the Current Legal Landscape

Jan. 11, 2017

Privacy, Security Risks and Applicable Regulatory Regimes of Smart TVs

Jan. 11, 2017

Ten Cybersecurity Priorities for 2017

Jan. 11, 2017

FTC Priorities for 2017 and Beyond

Dec. 14, 2016

Navigating Data Privacy Laws in Cross-Border Investigations

Dec. 14, 2016

Presidential Commission Recommends Ways For Public and Private Sectors to Improve Cybersecurity

Dec. 14, 2016

Advice From Compliance Officers on Getting the C-Suite to Show You the Money for Your Data Privacy Program

Dec. 14, 2016

FINRA Lays Out Cyber Expectations in Action Against Broker-Dealer

Nov. 16, 2016

Navigating U.S. and E.U. Cybersecurity Requirements

Nov. 16, 2016

WilmerHale Attorneys Explain the Evolving Cybersecurity Environment of the Energy Sector

Nov. 2, 2016

Navigating the Early Months of Privacy Shield Certification Amidst Uncertainty

Oct. 5, 2016

Examining Newly Released Privacy and Security Guidance for the Fast-Driving Development of Autonomous Cars

Oct. 19, 2016

SEC Emphasizes Protecting Information From More Than Just Cyber Threats in Deutsche Bank Case

Oct. 19, 2016

How the Financial Services Industry Can Handle Cybersecurity Threats, Acquisition Diligence and Breach Response

Oct. 5, 2016

FCA Director Lays Out Cybersecurity Expectations for Financial Services Firms

Sep. 21, 2016

Steps Financial Institutions Should Take to Meet New York’s Proposed Cybersecurity Regulation

Sep. 7, 2016

Navigating Online Identity Management’s Risks and Regulations

Aug. 3, 2016

Procedures for Hedge Fund Managers to Safeguard Trade Secrets From Rogue Employees

Aug. 3, 2016

Is Pokémon Go Pushing the Bounds of Mobile App Privacy and Security?

Aug. 3, 2016

Second Circuit Quashes Warrant for Microsoft to Produce Email Content Stored Overseas

Jul. 20, 2016

Key Requirements of the Newly Approved Privacy Shield

Jul. 20, 2016

How the Financial Services Industry Can Manage Cyber Risk

Jul. 20, 2016

Challenges Facing Chief Privacy Officers

Jul. 6, 2016

Enforcing Consumer Consent: FTC Focuses on Location Tracking and Children’s Privacy

Jul. 6, 2016

How Will Brexit Affect U.K. Data Protection and Privacy Laws?

Jun. 22, 2016

Morgan Stanley Action Signals SEC’s Continued Enforcement of Safeguards Rule

May 11, 2016

SEC Teaches Broker-Dealer a Lesson About Keeping Business Emails Secure

Apr. 27, 2016

Federal Judge Offers Advice on Litigating Data Privacy, Security Breach and TCPA Class Action Suits

Apr. 27, 2016

Designing Privacy Policies for Products and Devices in the Internet of Things

Apr. 27, 2016

Mitigating the Risks of Using Social Media in the Workplace

Apr. 13, 2016

Ten Steps to Minimize Data Privacy and Security Risk and Maximize Compliance

Mar. 30, 2016

Securing Connected Medical Devices to Ensure Regulatory Compliance and Customer Safety (Part One of Two)

Mar. 30, 2016

In-House and Outside Counsel Offer Strategies for Navigating the TCPA, Avoiding Litigation and Responding to Breaches

Mar. 30, 2016

Steps for Companies to Take This Week, This Month and This Year to Meet the Challenges of International Cyberspace Governance

Mar. 16, 2016

Making Sense of Cybersecurity and Privacy Developments in the E.U.

Mar. 16, 2016

How Financial Service Providers Can Address Common Cybersecurity Threats

Mar. 2, 2016

Expert Advice on Newly Effective NFA Cybersecurity Requirements for Market Participants

Mar. 2, 2016

Synthesizing Breach Notification Laws in the U.S. and Across the Globe

Feb. 17, 2016

Deal Struck to Maintain the Transatlantic Data Flow

Feb. 17, 2016

White House Lays Out Its Broad Cybersecurity Initiatives

Feb. 17, 2016

Legal and Regulatory Expectations for Mobile Device Privacy and Security (Part Two of Two)

Feb. 17, 2016

HIPAA Privacy Rule Permits Disclosures to Firearm Background Check System

Feb. 3, 2016

Safe Harbor 2.0 Agreement Reached

Feb. 3, 2016

Legal and Regulatory Expectations for Mobile Device Privacy and Security (Part One of Two)

Jan. 20, 2016

The E.U.’s New Rules: Latham & Watkins Partner Gail Crawford Discusses the Network Information Security Directive and the General Data Protection Regulation

Jan. 20, 2016

What OFAC’s New Cyber-Related Sanctions Regulations Mean for Companies

Jan. 20, 2016

Navigating FCA and SEC Cybersecurity Expectations (Part Two of Two)

Jan. 6, 2016

Cybersecurity and Whistleblowing Converge in a New Wave of SEC Activity

Jan. 6, 2016

Navigating FCA and SEC Cybersecurity Expectations (Part One of Two)

Jan. 6, 2016

Keeping Up with Technology and Regulatory Changes in Online Advertising to Mitigate Risks

Jan. 6, 2016

Opportunities and Challenges of the Long-Awaited Cybersecurity Act of 2015

Jan. 6, 2016

FTC Director Analyzes Its Most Significant 2015 Cyber Cases and Provides a Sneak Peek Into 2016

Jan. 6, 2016

How the Financial Services Sector Can Meet the Cybersecurity Challenge: A Plan for Building a Cyber-Compliance Program (Part Two of Two)

Dec. 9, 2015

The Multifaceted Role of In-House Counsel in Cybersecurity

Dec. 9, 2015

Year-End HIPAA Settlements May Signal More Aggressive Enforcement by HHS

Dec. 9, 2015

How the Financial Services Sector Can Meet the Cybersecurity Challenge: A Snapshot of the Regulatory Landscape (Part One of Two)

Nov. 11, 2015

What Companies Can Learn from Cybersecurity Resources in Pittsburgh

Nov. 11, 2015

California Law Enforcement Faces Higher Bar in Acquiring Electronic Information

Nov. 11, 2015

New NFA Notice Provides Cybersecurity Guidance to Futures and Derivatives Market

Nov. 11, 2015

Liability Lessons from Data Breach Enforcement Actions

Oct. 28, 2015

How the Department of Commerce Can Help Companies Address Cybersecurity and Corruption Concerns

Oct. 28, 2015

Mastercard and U.S. Bancorp Execs Share Tips for Awareness and Prevention of Mushrooming Cyber Risk (Part Two of Two)

Oct. 28, 2015

Privacy and Data Security Considerations for Life Sciences and Health Technology Companies (Part Two of Two)

Oct. 28, 2015

Orrick Attorneys Explain California’s New Specific Standards for Breach Notification

Oct. 28, 2015

Federal Courts Offer a Modern Interpretation of the VHS-Era Video Privacy Protection Act

Oct. 14, 2015

Dangerous Harbor: Analyzing the European Court of Justice Ruling

Oct. 14, 2015

Mastercard and U.S. Bancorp Execs Share Tips for Awareness and Prevention of Mushrooming Cyber Risk (Part One of Two)

Sep. 30, 2015

What the OCIE Cybersecurity Risk Alert Means for Investment Advisers and Broker-Dealers

Sep. 30, 2015

Investment Adviser Penalized for Weak Cyber Polices; OCIE Issues Investor Alert

Sep. 16, 2015

How the Legal Industry Is Sharing Information to Combat Cyber Threats

Sep. 16, 2015

Learning from the Target Data Breach About Effective Third-Party Risk Management (Part One of Two)

Aug. 26, 2015

Seeking Solutions to Cross-Border Data Realities

Aug. 26, 2015

FTC Weighs In on the Security of Health Care Data on the Cloud

Aug. 26, 2015

The Development of E-Currency and Its Potential Impact on the Future

Aug. 12, 2015

Navigating the Evolving Mobile Arena Landscape (Part Two of Two)

Aug. 12, 2015

Can an Employee Be Liable for Inadvertently Providing Security Details to a Fraudulent Caller?

Jul. 15, 2015

Understanding and Mitigating Liability Under the Children’s Online Privacy Protection Act

Jul. 1, 2015

Regulatory Compliance and Practical Elements of Cybersecurity Testing for Fund Managers (Part Two of Two)

Jul. 1, 2015

What Companies Need to Know About the FCC’s Actions Against Unwanted Calls and Texts

Jul. 1, 2015

SEC Commissioner Says Public-Private Partnership Is Key to Effective Cybersecurity

Jul. 1, 2015

Coordinating Legal and Security Teams in the Current Cybersecurity Landscape (Part One of Two)

Jun. 17, 2015

Regulatory Compliance and Practical Elements of Cybersecurity Testing for Fund Managers (Part One of Two)

May 20, 2015

After a Cyber Breach, What Laws Are in Play and Who Is Enforcing Them?

May 20, 2015

Analyzing and Mitigating Cybersecurity Risks to Investment Managers (Part Two of Two)

May 6, 2015

Gibson Dunn Attorneys Discuss the Impact of Obama’s Executive Order Creating New Tools to Fight Cyber Attacks

May 6, 2015

Analyzing and Mitigating Cybersecurity Threats to Investment Managers (Part One of Two)

Apr. 22, 2015

Steps to Take Following a Healthcare Data Breach

Apr. 22, 2015

Debunking Cybersecurity Myths and Setting Program Goals for the Financial Services Industry

Apr. 8, 2015

ECJ Hearing on Safe Harbor Challenges How U.S. Companies Handle European Data

Apr. 8, 2015

The SEC’s Two Primary Theories in Cybersecurity Enforcement Actions

Most-Read Articles

Sep. 13, 2023
NYC AI Audit Law: What Five Companies Published – and How Others Avoid It
- Artificial Intelligence
Sep. 20, 2023
NYC AI Audit Law: A Best Practice Guide, From Choosing an Auditor to Avoiding Enforcement
- Artificial Intelligence
Aug. 30, 2023
Cyber and Privacy Program Checklists
- Publication Notice
Sep. 6, 2023
An Analysis of the Liberal and Strict Provisions in India’s New Privacy Law
- Global Enforcement
Jan. 5, 2022
Compliance Checklist for AI and Machine Learning
- Artificial Intelligence

Spotlight on Trailblazing Women

In honor of International Women’s Day, some of ION Analytics' editorial teams led by women interviewed notable women in the markets and industries we cover. In this part, the Cybersecurity Law Report highlighted notable women in compliance and hedge fund, data privacy and cybersecurity, and anti-corruption law, including Amii Barnard-Bahn, Abigail Bell, Genna Garver, Jane Horvath, Barbara Li, Amy Mushahwar, Mara Senn and Carol Widger. The interviews are here.