For full functionality of this site it is necessary to enable JavaScript.
Here are the instructions to help you enable JavaScript in your web browser
.
Search...
Search
Search for "
" on Law Report Group
HOME
TOPICS
ABOUT US
Search
T
ake a t
rial
|
Login
Home
Topics A-Z
Regulations & Enforcement
Data Security
Data Privacy
In-House Essentials
Checklists
Events
About Us
Subscribe
Regulations & Enforcement
Legislation
Investigations and Actions
Regulatory Bodies
Jan. 15, 2025
Children’s Privacy Grows Up: Examining New Laws That Now Protect Older Teens
Jan. 15, 2025
Navigating Ever-Increasing State AI Laws and Regulations
Jan. 8, 2025
Website Privacy Compliance Statistics and Practical Takeaways
Dec. 18, 2024
SEC Stresses Cybersecurity, AI and Crypto in Its 2025 Exam Priorities
Dec. 11, 2024
Preparing for U.S. State Law Privacy Compliance in 2025
Dec. 11, 2024
Deciphering the New CPPA Proposed Regulations for Data Brokers
Dec. 4, 2024
Preparing for Compliance With CFPB’s Final Personal Financial Data Rights Rule
Dec. 4, 2024
SEC Charges Four Companies for Misleading Cyber Incident Disclosures: Lessons on Contents and Procedures
Nov. 20, 2024
SEC Charges Four Companies for Misleading Cyber Incident Disclosures: New Expectations?
Nov. 20, 2024
CFTC’s Report Calls for Engagement and Development of AI Risk Management Frameworks
Nov. 13, 2024
GDPR Enforcement’s New Phase: Navigating Privacy Investigations in Europe
Nov. 13, 2024
Unpacking the Second Circuit’s Bombshell VPPA Ruling
Nov. 6, 2024
GDPR Enforcement’s New Phase: More Predictability, and New Rules on the Way
Oct. 30, 2024
Emerging Issues in Workplace Privacy: Regulations and Compliance Strategies
Oct. 30, 2024
What to Know (and Do) About DOJ’s Efforts to Identify and Prosecute Cybersecurity Fraud Under the False Claims Act
Oct. 23, 2024
Aftermath of the Ninth Circuit BIPA Liability Shake‑Up in
Zellmer v. Meta
Oct. 16, 2024
Deciphering California’s Pioneering Mandate for an AI Nutrition Label
Oct. 9, 2024
Loyal to a Fault? Customer Loyalty Programs in the Age of Comprehensive Privacy Laws
Oct. 2, 2024
FTC and State Enforcers Reveal What’s Next and What to Do About It
Sep. 25, 2024
Outgoing CPPA Board Member Discusses Rulemaking and Looming Privacy Issues
Sep. 25, 2024
FTC Signals Stricter Children’s Enforcement in NGL Labs Settlement: Compliance Lessons
Sep. 18, 2024
SEC Penalizes Adviser for Failing to Preserve Off-Channel Communications
Sep. 18, 2024
FTC Signals Stricter Children’s Enforcement in NGL Labs Settlement: Key Violations and Settlement Terms
Sep. 11, 2024
Takeaways and Looming Questions After Ninth Circuit Cuts DPIA From California’s Age-Appropriate Design Code
Aug. 21, 2024
What Texas’ Record $1.4‑Billion Deal With Meta Portends for Biometric Data Capture and Use
Aug. 14, 2024
AI Offers Clear Value for AML, but the Path Forward Is Murky
Aug. 7, 2024
Jarkesy
and
Loper
: Bombshells or Busts?
Jul. 24, 2024
What Regulated Companies Need to Know About the SEC’s Final Amendments to Regulation S‑P
Jul. 24, 2024
Compliance Program Implementation: Compliance Calendars and Testing
Jul. 24, 2024
Implications of
Loper Bright
: Impacts on Congress, Courts and Agencies
Jul. 17, 2024
Implications of
Loper Bright
: Demise of
Chevron
Deference and Effect on Cyber and Privacy Enforcement
Jul. 10, 2024
Implications of the New E.U. AML Directive
Jul. 10, 2024
A Framework for Materiality Determinations Under SEC’s Cyber Incident Disclosure Rules
Jun. 26, 2024
Measures for Complying With 19 (and Counting) State Privacy Laws
Jun. 19, 2024
Examining Distinctive Aspects of Minnesota’s Demanding New Privacy Law
Jun. 12, 2024
Privacy and Data Security Regulators Discuss Enforcement Priorities and Collaborative Efforts
Jun. 5, 2024
Preparing to Comply With the Protecting Americans’ Data From Foreign Adversaries Act
May 29, 2024
Testing Is an Integral Component of Compliance Programs
May 29, 2024
CISA’s Proposed Rule for Critical Infrastructure Cyber Incident Reporting: How Organizations Can Prepare and Engage
May 29, 2024
Navigating the Global Cross-Border Privacy Rules and Privacy Recognition for Processors Certification Systems
May 22, 2024
SEC Enforcement Actions Target “AI Washing”
May 22, 2024
Proposed Broad Private Right of Action Under a New Federal Privacy Law Could Be a Plaintiff’s Paradise
May 15, 2024
CISA’s Proposed Rule for Critical Infrastructure Cyber Incident Reporting: Analysis of Key Provisions
May 8, 2024
Survey Finds Cybersecurity Budgets Rising and Increased Incident Response Confidence
May 8, 2024
Takeaways From FTC’s Orders Targeting Digital Health Companies
May 1, 2024
Off-Channel Communications Are Not the Only Source of Electronic Recordkeeping Violations
Apr. 24, 2024
Examining Maryland’s Game-Changing Data Minimization Requirements
Apr. 24, 2024
Common Law Fraud and
SEC v. Jarkesy
: The Key Issue Underlying the Questions Presented
Apr. 17, 2024
AI Governance Strategies for Privacy Pros
Apr. 10, 2024
Latest SEC Sweep of Off‑Channel Communications Both Befuddles and Turns Up the Heat on Investment Advisers
Apr. 10, 2024
Practical Insights Direct From U.S. State Privacy Enforcers
Apr. 3, 2024
Addressing the Operational Complexities of Complying With the Washington My Health My Data Act
Apr. 3, 2024
Examining Utah’s Pioneering State AI Law
Mar. 27, 2024
SEC’s 2024 Regulatory Focus
Mar. 20, 2024
AI Drives Rise in Private Funds’ Use of Alternative Data
Mar. 13, 2024
Forecasting Potential Outcomes in
SEC v. Jarkesy
Based on Recent Oral Arguments
Mar. 13, 2024
Connecticut AG’s Report Highlights Enforcement Risks and Points to Action Steps for Companies
Mar. 6, 2024
Cybersecurity Practices for PE Sponsors and Their Portfolio Companies: Due Diligence and Post-Acquisition Efforts
Mar. 6, 2024
Lessons From California’s DoorDash Enforcement Action
Feb. 28, 2024
Cybersecurity Practices for PE Sponsors and Their Portfolio Companies: Incident Prevention and Response
Feb. 21, 2024
Legal and Ethical Issues in Use of Biometrics: Modality Selection, Implementation and State Laws
Feb. 14, 2024
Financial Services 2024 Privacy, Cybersecurity and AI Regulation Overview
Feb. 14, 2024
Nine Impacts of New Jersey and New Hampshire Privacy Laws
Feb. 7, 2024
Binance’s $4.3‑Billion Criminal Resolution Raises Questions on Crypto Guidance
Feb. 7, 2024
Progress? Recent Rulings Are One Step Forward, Two Steps Back for BIPA Defendants
Jan. 24, 2024
Emerging Cyber Threats and Defenses
Jan. 17, 2024
2024 SEC Examination Priorities: New Approaches to Old Areas of Concern
Jan. 17, 2024
Tracking Technologies: Privacy Regulation, Enforcement and Risk
Jan. 17, 2024
No Regulator Is an Island: Bermuda Commissioner Discusses New Privacy Law and Global Enforcement
Jan. 3, 2024
Amendment to NYDFS Cyber Regulation Brings New Mandates: First Compliance Steps
Jan. 3, 2024
Complying With the FTC’s Amended Safeguards Rule’s New Reporting Requirement
Jan. 3, 2024
SEC Director Offers Clarification on New Cyber Disclosure Regime
Dec. 13, 2023
A 2023 Cyber Regulation Look-Back and 2024 Risk-Management Strategies
Dec. 13, 2023
Amendment to NYDFS Cyber Regulation Brings New Mandates: Governance Provisions
Dec. 6, 2023
U.K. Penalizes Morgan Stanley for Lax Electronic Communications Practices
Nov. 29, 2023
Implications of EDPB Meta Ruling on Behavioral Advertising Practices
Nov. 15, 2023
Navigating SEC Cybersecurity Enforcement in a Post-SolarWinds World
Nov. 15, 2023
What the AI Executive Order Means for Companies: Examining Red‑Teaming Requirements
Nov. 8, 2023
What the AI Executive Order Means for Companies: Seven Key Takeaways
Nov. 1, 2023
Examining Security Mandates, Including California’s Draft Audit Regulations, in State Privacy Laws
Nov. 1, 2023
Compliance Challenges in Records Management
Oct. 25, 2023
Navigating Certification and Implementation Issues Under the U.S.-E.U. Data Privacy Framework
Oct. 25, 2023
U.K. Equifax Fine Calls for Stricter Parent-Subsidiary Data-Sharing Processes
Oct. 25, 2023
Private Actions Under the CPRA: Settlement Considerations and Mitigating Risk
Oct. 18, 2023
Private Actions Under the CPRA: Key Issues and Defense Strategies
Oct. 18, 2023
Current and Former Enforcement Staffs’ Tips for Litigating Against the SEC
Oct. 11, 2023
Shaping AI Policy to Address Risks to U.S. Citizens and National Security
Oct. 11, 2023
Benchmarking the Impact of State Privacy Laws on Digital Advertising
Oct. 4, 2023
Will California’s New Law Aimed at Data Brokers Require a “Delete Me” Button on All Websites?
Oct. 4, 2023
Understanding the Fiduciary Exception to Attorney-Client Privilege
Sep. 20, 2023
SEC and CFTC Continue to Penalize Firms for Electronic Communications Recordkeeping Violations
Sep. 13, 2023
Examining the Washington Attorney General’s FAQs on the My Health My Data Act
Sep. 13, 2023
Key Terms and Negotiation Issues in Data Processing Agreements
Sep. 6, 2023
E.U. Coordinated Enforcement Framework Focuses on DPOs
Sep. 6, 2023
Navigating the SEC’s Newly Adopted Cybersecurity Disclosure and Controls Regime
Aug. 9, 2023
Key Legal and Business Issues in AI-Related Contracts
Aug. 2, 2023
Navigating Evolving Data Breach Litigation and Regulatory Risks
Jul. 26, 2023
Bridging the Atlantic: E.U.‑U.S. Data Privacy Framework Practical Takeaways
Jul. 19, 2023
CJEU Decision Adds Antitrust Regulators As New GDPR Concern for Companies
Jul. 19, 2023
NYDFS Changes Its Cybersecurity Regulation Requirements Through Enforcement – Again
Jul. 19, 2023
CFTC Commissioner Shares Five Pillars of Cyber Resilience
Jul. 12, 2023
Analyzing 2023’s New State Privacy Laws: Oregon and Delaware Join the Strictest Tier
Jun. 28, 2023
SEC Steps Up Enforcement Actions Against Cryptocurrencies
Jun. 28, 2023
Analyzing 2023’s New State Privacy Laws: The First Six Plus Compliance Measures
Jun. 21, 2023
Xbox and Alexa COPPA Case Lessons: Avatars, Biometrics and Other New Expectations
Jun. 21, 2023
The Practical and Legal Complexities of Online Age Verification
Jun. 14, 2023
Deciphering California and U.K. Children’s Codes and Compliance Obligations
Jun. 14, 2023
Xbox and Alexa COPPA Case Lessons: Negotiating With the FTC Over Algorithms and Remedies
Jun. 7, 2023
“Risk to Resilience”: CFTC Commissioner Romero Discusses Climate and Cybercrime Risk
Jun. 7, 2023
Impact of State Privacy Laws on the Financial Services Sector
Jun. 7, 2023
Implications of CJEU Ruling on Compensation for GDPR Claims
May 31, 2023
How to Navigate the Rough Waters and Turning Tides of U.S. States’ Anti-ESG Movement and Europe’s Pro-ESG Measures (Part Two of Two)
May 31, 2023
Colorado Controllers: The Final (Rules’) Frontier
May 17, 2023
Practical Steps to Take Based on SEC’s Proposed Cybersecurity Risk Management Rule for Investment Advisers
May 17, 2023
Understanding Cyberattacks on Digital Asset Platforms
May 17, 2023
Meta and Epic Cases Show FTC Toughening Its Children’s Privacy Enforcement
May 10, 2023
Aggressive Washington Health Privacy Law: Ten Compliance Priorities
May 10, 2023
Making Sense of Evolving Regulations, Recent Enforcement Efforts and Antitrust Claims as to ESG Investing in the U.S. and E.U. (Part One of Two)
May 3, 2023
Aggressive Washington Privacy Law: Right to Sue and Onerous Consent Obligations
May 3, 2023
Landscape of On-Chain Asset Tokenization and Blockchain Technology’s Path Toward Maturity
Apr. 19, 2023
Expedia and Lululemon Privacy Pros Discuss Scaling Vendor Contracting for New Privacy Laws
Apr. 12, 2023
Complying With Europe’s Digital Services Act and Digital Markets Act
Apr. 12, 2023
Navigating the Intersection of Whistleblowing and China’s Data Protection Regime
Apr. 5, 2023
Website-Tracking Lawsuits: Takeaways From New Dismissals of Wiretap Claims
Mar. 29, 2023
Website-Tracking Lawsuits: A Guide to New Video Privacy Decisions Starring PBS and People.com
Mar. 29, 2023
Use of Alternative Data Continues to Grow, Says New Survey
Mar. 29, 2023
FTC’s BetterHelp Case Prescribes Stronger Privacy Practices
Mar. 22, 2023
Managing Legal Issues Arising From Use of ChatGPT and Generative AI: Industry Considerations and Practical Compliance Measures
Mar. 15, 2023
Managing Legal Issues Arising From Use of ChatGPT and Generative AI: E.U. and U.S. Privacy Law Considerations
Mar. 15, 2023
A Roadmap to the Final Regulations Under the CPRA
Mar. 15, 2023
SEC Modernizes Broker-Dealer Electronic Recordkeeping Rules
Mar. 8, 2023
BIPA Decisions Expand Potential Liability: What’s Next in Illinois and Other States?
Mar. 1, 2023
Getting Used to Zero Trust? Meet Zero Copy
Feb. 22, 2023
IAB Unveils Multistate Contract to Satisfy 2023 Laws’ Curbs on Targeted Ads
Feb. 22, 2023
Is Coinbase a Warning to Other Crypto Players?
Feb. 15, 2023
Impact of Emerging Technologies on Financial Crime Risk Management
Feb. 8, 2023
How to Comply With the CPRA’s Data Minimization Standards
Feb. 8, 2023
Data Breaches and the Private Credit Market: Post-Breach Considerations
Feb. 1, 2023
Key Privacy Issues for 2023
Feb. 1, 2023
Data Breaches and the Private Credit Market: Assessing Borrower Cyber Preparedness
Jan. 25, 2023
Transparency of Beneficial Ownership Clashes With U.K. Privacy Laws
Jan. 25, 2023
France’s Cookie Enforcement Against TikTok and Microsoft Highlights Common Compliance Missteps
Jan. 25, 2023
E.U. Regulators Bar Meta From Requiring Users to Pay With Their Data
Jan. 18, 2023
A Sensitive Time for Location Data: Tips to Address New Rules and Vendor Standards
Jan. 11, 2023
Ten Cybersecurity Resolutions for Financial Services Firms in 2023
Jan. 4, 2023
FTC and $391-Million State AG Case Put Location Data Enforcement on the Map
Dec. 14, 2022
The Importance of Being a PIPL Pleaser: Update and Predictions on China’s Data Protection Law One Year In
Dec. 7, 2022
Google Settlement Shows DOJ's Increased Focus on Data Preservation
Nov. 30, 2022
FTC’s Drizly Case Shows Regulators Are Ready to Police Data’s Expiration Dates
Nov. 16, 2022
Ransomware Evolution: Government Efforts and Cyber Insurance
Nov. 16, 2022
What the FAQ: Deciphering the European Commission Guidance on the New SCCs
Nov. 2, 2022
How the New E.U.-U.S. Data Privacy Framework Clears a Path for Transatlantic Business
Oct. 26, 2022
SEC and CFTC Wall Street Resolutions Highlight Need for Communication and Records Compliance
Oct. 26, 2022
Takeaways From the New Push for a Federal AI Law
Oct. 26, 2022
Navigating the Interplay of Breach Response and Breach Notification
Oct. 19, 2022
Held to Ransom: How Cyberattacks Can Become a Legal and Regulatory Odyssey for a Private Investment Fund
Oct. 19, 2022
A New Era of Cyber Incident Reporting and Cybersecurity Regulation: How Companies Should Prepare and Engage
Oct. 12, 2022
A New Era of Cyber Incident Reporting and Cybersecurity Regulation: Key Provisions
Sep. 28, 2022
Lessons From California’s First CCPA Enforcement Action
Sep. 28, 2022
Using Software Bills of Materials to Bolster Security in Contracting
Sep. 21, 2022
Trio of Settled Enforcement Actions Highlights SEC Concerns About Identity Theft Policies and Procedures
Sep. 14, 2022
Robinhood Resolution a First for Cryptocurrency Enforcement in NY
Sep. 14, 2022
Compliance Survey Finds Data Management Challenges, Rising Costs and Increasing Uptake of RegTech
Sep. 14, 2022
Shaping the BIPA Landscape: Avoiding Liability
Sep. 07, 2022
Four Steps to Secure Open-Source Software After CSRB’s Log4j Investigation
Aug. 17, 2022
Understanding and Implementing DoD’s Cybersecurity Requirements
Aug. 17, 2022
The SEC’s 2022 Reg Flex Agendas: Major Proposals and Ambitious Timelines
Aug. 10, 2022
Protecting Against Crypto Theft
Aug. 3, 2022
How to Prepare for the Cybersecurity Incident Reporting for Critical Infrastructure Act
Aug. 3, 2022
Cybersecurity Compliance Lessons From NYDFS’ Carnival Action
Jul. 27, 2022
Employee Data Under the CPRA: Rights Requests, Privacy Policies and Enforcement
Jul. 27, 2022
A Checklist to Help Fund Managers Assess Their Cybersecurity Programs
Jul. 20, 2022
Employee Data Under the CPRA: Key Rights and Restrictions
Jul. 13, 2022
CPRA Draft Regulations: Essential Takeaways and 10 Actions to Take Now
Jun. 29, 2022
Navigating the Intersection of Digital Assets and AML
Jun. 29, 2022
Present and Former SEC Officials Discuss the Commission’s Latest Examination and Enforcement Tactics and Priorities
Jun. 22, 2022
Fifth Circuit Decision Could Hamstring SEC Enforcement Abilities
Jun. 22, 2022
New AI Rules: States Require Notice and Records, Feds Urge Monitoring and Vetting
Jun. 15, 2022
Privacy and Security Regulators Discuss New Enforcement Proposals and Compliance Best Practices
Jun. 8, 2022
Regulation Looms for Sharing of Sensitive Financial Data
Jun. 1, 2022
FINRA Clarifies Stance on CCO Supervisory Liability
May 25, 2022
TV Privacy: Will the TV Industry Agree to Standardize Consent on Screen?
May 18, 2022
Navigating the Intersection of Blockchain and Data Privacy Laws
May 11, 2022
Party of Five: Connecticut Law Solidifies Consensus on State Privacy Standards
May 4, 2022
Effective Use of Privacy Impact Assessments
Apr. 27, 2022
SEC Proposes Cyber Risk Management Rules for Advisers
Apr. 27, 2022
Preparing for CPRA Compliance: Jurisdictional Focus or a More Holistic Approach?
Apr. 27, 2022
New Utah Privacy Law Marks a Shift in State Privacy Legislation
Apr. 20, 2022
FTC’s Khan and Phillips Deliver Views on Future of Data Privacy Enforcement
Apr. 20, 2022
Privacy Enforcers Across the Globe Band Together to Coordinate Investigations
Apr. 13, 2022
U.S., E.U. Announce Trans-Atlantic Data Privacy Framework: What Companies Can Do Now
Apr. 13, 2022
California AG Opinion Hands Companies New Tasks for AI, Data Maps, Marketing
Mar. 30, 2022
Drafting Data and Cybersecurity Provisions in Third-Party Vendor Agreements
Mar. 23, 2022
Implications of DOJ’s Pursuit of the Crypto-Laundering Couple
Mar. 23, 2022
Are “Privacy-First” Clean Rooms Safe From Regulators?
Mar. 16, 2022
Securing Emerging Technologies Without Hampering Innovation: Government Initiatives and How Companies Can Adapt
Mar. 9, 2022
A Look at the NSCP’s Firm and CCO Liability Framework
Mar. 9, 2022
Securing Emerging Technologies Without Hampering Innovation: Private Sector Challenges
Mar. 2, 2022
Blockchain Recordkeeping Stirs Privacy Concerns
Mar. 2, 2022
Navigating Post-
Schrems II
International Data Transfer Waters: SCCs and Supplementary Measures
Feb. 23, 2022
Navigating Post-
Schrems II
International Data Transfer Waters: Challenges and TIAs
Feb. 23, 2022
Ad Industry’s Third-Party Data Use Grew Despite Impending Cookie Shutdown
Feb. 16, 2022
The Privacy and Antitrust Paradox in the Age of Data
Feb. 9, 2022
Will It Be Goodbye Forever? Navigating Consumer Requests to Delete Personal Data
Feb. 2, 2022
Gensler Discusses the SEC’s Cyber Priorities
Feb. 2, 2022
Compliance Takeaways From the Latest GDPR Enforcement Statistics
Jan. 26, 2022
Personal Liability and Compliance Resourcing Are Top Concerns Among CCOs, Surveys Show
Jan. 26, 2022
More Regulators Accept New Tool to Streamline Companies’ Cyber Compliance
Jan. 19, 2022
Two European Regulators Warn Behavioral Advertising Skates on Thin Ice
Jan. 19, 2022
Privacy Resolutions for 2022
Jan. 12, 2022
SEC Chair Gensler’s Stance on Three Key Disclosure Areas and the Role of Individual Accountability in Enforcement Actions
Dec. 01, 2021
FTC Sets Wheels in Motion for a Broad Privacy Rule Restricting Data Collection
Nov. 17, 2021
Data Localization: Cybersecurity Challenges Abound
Nov. 17, 2021
Practical Approaches to Conducting Transfer Impact Assessments Under the GDPR
Nov. 17, 2021
How Financial Institutions Should Strengthen Their Data Security to Comply With FTC’s Updated Safeguards Rule
Nov. 10, 2021
Data Localization: New Compliance Headaches and Costs Across the Globe
Nov. 3, 2021
Data Localization: Laws Spread and Enforcement Rises
Nov. 3, 2021
In-House Insight on Handling Data Subject Access Requests Under Multiple Privacy Regimes
Oct. 27, 2021
Lessons From the WhatsApp Decision on GDPR Transparency Requirements: Compliance Foundations
Oct. 27, 2021
IOSCO Issues Final Guidance on AI and Machine Learning
Oct. 20, 2021
Collective Actions in the U.K. After
Lloyd v. Google
Oct. 20, 2021
Lessons From the WhatsApp Decision on GDPR Transparency Requirements: Enforcement Takeaways
Oct. 20, 2021
U.K. Data Privacy Officers Discuss Challenges and Concerns
Oct. 13, 2021
FINRA Report Outlines Growing Adoption of Cloud Computing by Securities Industry and Associated Regulatory Concerns
Oct. 13, 2021
China’s First Information Protection Law: Compliance Essentials
Oct. 6, 2021
Fund Managers Must Ensure Adequate Security Measures Under Safeguards Rule or Risk SEC Enforcement Action
Sep. 29, 2021
Value of Sponsors Implementing Portfolio Monitoring Models for ESG and Cybersecurity Issues
Sep. 29, 2021
SEC Cybersecurity Disclosure Enforcement Heats Up: Best Practices
Sep. 22, 2021
Examining the Intersection of Voiceprints and Data Privacy Laws
Sep. 22, 2021
SEC Cybersecurity Disclosure Enforcement Heats Up: Recent Developments
Sep. 8, 2021
What to Expect From the FCC and FTC Under the Biden Administration
Aug. 11, 2021
Complying With NYC’s New Biometrics Law
Aug. 11, 2021
Using RegTech for Compliance Efforts and Potential Benefits of Emerging Technologies
Aug. 4, 2021
Evaluating Privacy and Cybersecurity Risks in Emerging Technology Transactions: Artificial Intelligence and EdTech
Aug. 4, 2021
The Evolution, Status and Future of RegTech in the Private Funds Industry
Jul. 28, 2021
Incident Response in the Financial Services Industry
Jul. 21, 2021
Shedding Light on Dark Patterns: What Financial Institutions Need to Know
Jul. 21, 2021
Vaccines and Testing in the Post-Pandemic Workplace: Answers to the Tough Questions
Jul. 14, 2021
Personal Data Transfers After Year Zero: A More Appealing Set of EDPB Recommendations?
Jul. 14, 2021
Vaccines and Testing in the Post-Pandemic Workplace: Understanding the Legal Framework and Making a Balanced Plan
Jun. 30, 2021
Using RegTech to Enhance Compliance
Jun. 30, 2021
Personal Data Transfers After Year Zero: Are the New SCCs a Paradigm Shift?
Jun. 30, 2021
DOL Begins Cyber Audits to Protect U.S. Workers’ Retirement Savings
Jun. 23, 2021
How the NYDFS Drives Cybersecurity in the Financial Services Industry
Jun. 23, 2021
Colorado Privacy Law Finishes Third, but Could Become the New Standard
Jun. 23, 2021
Three Years In, GDPR Legal Landscape Remains in Flux
Jun. 16, 2021
The Impact of Recent Legislative and Litigation Trends on Commercial Use of De-Identified Data
Jun. 9, 2021
To “Cure” or Not to “Cure,” That Is the Question
Jun. 9, 2021
State AGs Share Breach Notification Tips and Latest Enforcement Concerns
Jun. 2, 2021
AI Compliance Playbook: Adapting the Three Lines Framework for AI Innovations
Jun. 2, 2021
U.K. Data Protection Regulator Smooths Way for Fund Managers to Transfer Data to SEC
May 26, 2021
SEC Commissioner Examines Regulatory Approach to Digital Assets
May 26, 2021
CISA and DHS Counsel Explain Cybersecurity Executive Order’s Key Provisions
May 5, 2021
Two Settlements Show NYDFS’ Hidden Power to Use Other States’ Breach Laws
Apr. 28, 2021
Implementing NSA-CISA-FBI Advisory Mitigation Tactics for Vulnerabilities Exploited by Russia
Apr. 28, 2021
AI Compliance Playbook: Understanding Algorithm Audits
Apr. 21, 2021
AI Compliance Playbook: Seven Questions to Ask Before Regulators or Reporters Do
Apr. 21, 2021
Supreme Court’s Facebook Decision Narrows Applicability of the TCPA, but Companies Are Not Home Free
Apr. 14, 2021
AI Compliance Playbook: Traditional Risk Controls for Cutting-Edge Algorithms
Apr. 7, 2021
Behind the Scenes: California AG’s Non-Public CCPA Inquiries
Apr. 7, 2021
Former Twitter and eBay Counsel Talks Overblown Fears, Third-Party Data Management, and CDA Section 230
Mar. 31, 2021
How Do You Put a System of Controls in Place When Your Target Keeps Moving?
Mar. 31, 2021
Managing Vendor Contracts From the Data Controller's Perspective
Mar. 31, 2021
KBR v. SFO
: Implications for Overseas Document Production
Mar. 24, 2021
Privacy and Security Provisions in Vendor Agreements: Key Data Processing Considerations
Mar. 24, 2021
Recommended Data Strategies As Google Swears Off Web Tracking
Mar. 17, 2021
Privacy and Security Provisions in Vendor Agreements: Assessing the Risks
Mar. 17, 2021
Virtual Currencies: Opening a New Avenue for Financial Crimes
Mar. 10, 2021
Preparing for the CPRA’s New Consumer Rights Requirements
Mar. 10, 2021
Familiar and Fresh Mandates in Virginia’s New Privacy Law
Mar. 3, 2021
Best Practices for Data Transfers in the Wake of
Schrems II
Feb. 17, 2021
A Fake Zoom Invite Hack: Eight More Lessons
Feb. 10, 2021
GDPR Lives On in the U.K. Post-Brexit
Feb. 10, 2021
A Fake Zoom Invite Hack: What Happened and Three Lessons
Feb. 10, 2021
What the New Information Security Reporting Standards Mean for Financial Institutions
Feb. 3, 2021
Expect Continuing Regulatory Focus on Cybersecurity and Data Protection in 2021
Feb. 3, 2021
Getting Started With CMMC: How to Prepare and What to Expect From the Assessment
Jan. 27, 2021
Getting Started With CMMC: Understanding Goals, Requirements and Challenges
Jan. 20, 2021
Disputed Twitter Fine Offers Breach Response Lessons
Jan. 20, 2021
Privacy Resolutions for 2021
Jan. 13, 2021
Can the Cybersecurity Industry Improve Cooperation to Beat Threats?
Jan. 6, 2021
Maintaining Privacy While Staying Competitive in an Evolving Regulatory Landscape
Jan. 6, 2021
Six Practical Tips for Building an Effective Privacy Risk Assessment Program
Jan. 6, 2021
Privacy and Security Risks in International Arbitration: Managing Remote Proceedings
Dec. 16, 2020
Privacy and Security Risks in International Arbitration: Threats and the Information Security Protocol
Dec. 16, 2020
How Will the Biden Administration’s Approach to Cybersecurity Impact the Private Sector?
Dec. 9, 2020
Strategies for Managing the Intersection of Cybersecurity and New Technologies
Dec. 9, 2020
What the New IoT Act Means for the Private Sector
Dec. 2, 2020
ICO Hones GDPR Enforcement Approach With Reduced Fines for British Airways, Marriott and Ticketmaster
Dec. 2, 2020
How CCOs Can Avoid Personal Liability for an Organization’s Compliance Failures
Nov. 18, 2020
Asset Disposal and Vendor Management Lessons From Morgan Stanley's OCC Settlement
Nov. 11, 2020
The Intelligent Workplace in the Age of a Pandemic: Six Privacy and Security Safeguards
Nov. 11, 2020
Understanding the World’s New Four-Letter Privacy Law: China’s PIPL
Nov. 4, 2020
Comparing U.S. and E.U. Approaches to Incident Response and Breach Notification
Oct. 28, 2020
The Intelligent Workplace in the Age of a Pandemic: Balancing Innovation and Risk
Oct. 21, 2020
Senior Commerce Official Discusses Supply Chain Security and Cyber Policy
Oct. 21, 2020
Steps to Take After OFAC and FinCEN’s Warnings on Ransomware Payoffs
Oct. 14, 2020
Top Priorities for Compliance With Brazil’s New Personal Data Protection Law
Oct. 14, 2020
H&M’s $41M GDPR Fine Underscores Importance of Employee Data Handling
Sep. 30, 2020
What to Expect From the CPRA – California’s New Proposed Privacy Law
Sep. 23, 2020
Identifying and Preventing Ransomware Attacks
Sep. 23, 2020
Apple Overhauls Privacy for iPhone Apps, but Will It Enforce Its Policies?
Sep. 9, 2020
Implementing the CCPA Regulations: Are You Ready?
Sep. 2, 2020
Business Continuity Plans, Budgets and More: Hot Compliance Topics for Investment Advisers
Sep. 2, 2020
After Death of the Cookie, New Advertising Strategies Raise Compliance Questions
Aug. 12, 2020
Six Compliance Lessons From NYDFS’ First Cybersecurity Regulation Enforcement Action
Aug. 12, 2020
Navigating China’s Cybersecurity Regulatory Maze
Aug. 5, 2020
Early EDPB Guidance in the Wake of
Schrems II
Signals Where E.U.-U.S. Data Transfers Are Headed
Aug. 5, 2020
CCPA and Online Ads: Contract and Compliance Consequences
Jul. 29, 2020
CCPA and Online Ads: Facebook Finally Acts, AG Starts Enforcement
Jul. 22, 2020
Ten Initial Steps for E.U. and U.S. Companies in Light of
Schrems II
Ruling
Jul. 15, 2020
Business Continuity Planning: How to Update a BCP With Lessons Learned From the Pandemic
Jul. 15, 2020
Back to the Table: CCPA Regulations Spark New Wave of Service-Provider Negotiations
Jun. 24, 2020
How to Comply With Key CCPA Notice and Consumer Request Requirements
Jun. 24, 2020
Balancing Privacy Rights and Innovation in Digital Contact Tracing
Jun. 24, 2020
Perspectives From the Public and Private Sectors on Information Sharing During COVID-19
Jun. 17, 2020
Privacy Settings May Serve as One-Step CCPA Opt-Out From Sale
Jun. 17, 2020
The (Im)Possibilities of Scientific Research Under the GDPR
Jun. 10, 2020
Are You Prepared for OCIE’s Sweep of Business Continuity Plans and Coronavirus Actions?
May 27, 2020
Recent Developments in E.U. Cybersecurity Regulation
May 20, 2020
Did Adtech Fix Its CCPA Problem? IAB’s GC Discusses New Contract for Data Sales
May 20, 2020
How to Facilitate a Safe and Privacy Compliant Return to Work: Policies and Protocols
May 13, 2020
How to Facilitate a Safe and Privacy Compliant Return to Work: Laws and Guidance
May 6, 2020
How Asset Managers and Others Can Mitigate Pandemic-Related Operational Risks and Maintain Business Continuity
Apr. 29, 2020
What Is the Potential Liability for Zoombombing, and How Safe Are Zoom Alternatives?
Apr. 29, 2020
Understanding Insider Trading Based on Data Breaches Amidst Heightened Regulatory Scrutiny
Apr. 22, 2020
GDPR Enforcement Lessons and New ICO Guidance on COVID‑19
Apr. 22, 2020
Morrisons
Ruling Lets U.K. Employers Off the Hook for Rogue Employee Data Leaks
Apr. 22, 2020
How Is COVID-19 Affecting Cybersecurity Risk, Readiness, Reporting and NYDFS Enforcement?
Apr. 15, 2020
Takeaways From Former FTC Officials on 2019 Enforcement Actions: Data Security Guidance and Enforcement Predictions
Apr. 15, 2020
Six Ways to Be Prepared for the SEC’s Focus on Cybersecurity and Resiliency
Apr. 8, 2020
Takeaways From Former FTC Officials on the Commission’s 2019 Enforcement: General, Financial and Children’s Privacy
Apr. 1, 2020
A
Considered
Cooperation Approach Is Vital in ICO Data Protection Audits
Mar. 25, 2020
Gauging the GDPR’s Global Reach
Mar. 25, 2020
Are Companies Turning a Blind Eye to Their Lost Data on the Dark Web?
Mar. 11, 2020
The Keys to Encryption: Legal and Regulatory Framework
Mar. 11, 2020
NIST’s New IoT Standard: Inspiring a Wave of New Device Security Guidance
Mar. 4, 2020
Safeguards for Proper Disposal of Hardware: Effective Inventories, Policies and Due Diligence
Mar. 4, 2020
NIST’s New IoT Standard: Boosting Security As States Launch Laws
Feb. 26, 2020
Safeguards for Proper Disposal of Hardware: Risks and Examiner Expectations
Feb. 19, 2020
Best Practices for Using Alternative Data: Mitigating Regulatory Risks
Feb. 19, 2020
Consciously Coupling: Tackling the Juxtaposition Between Adtech and Privacy
Feb. 12, 2020
How to Approach CCPA’s Under-16 Opt‑in Consent
Feb. 12, 2020
Best Practices for Using Alternative Data: Collection and Provider Management
Feb. 5, 2020
Defining, Implementing and Documenting “Reasonable Security”
Feb. 5, 2020
CCPA Litigation Risks: How to Avoid Claims Under Other Statutes
Jan. 29, 2020
Establishing a Foundation for Breach-Notification Compliance in a Sea of Privacy Laws
Jan. 22, 2020
How to Stem the Coming Tide of CCPA Private Litigation
Jan. 15, 2020
Key Compliance Considerations for Fund Managers Using Alternative Data
Jan. 8, 2020
Present and Former Regulators Discuss Current SEC and NFA Examination and Enforcement Environment
Dec. 18, 2019
Not Just the GDPR: Privacy Laws in Belarus, Russia, Switzerland, Turkey and Ukraine
Dec. 11, 2019
How to Handle E.U. Data Subject Access Requests
Dec. 11, 2019
Not Just GDPR: Examining the Other European Privacy Laws
Dec. 4, 2019
U.K. and U.S. Sign First E-Evidence Pact Under the CLOUD Act: A Look at the Privacy Protections
Nov. 20, 2019
U.K. and U.S. Sign First E-Evidence Pact Under the CLOUD Act: Fewer Hurdles, More Clarity and New Questions
Nov. 13, 2019
AI for Fund Managers and Beyond: Government Guidance
Nov. 13, 2019
Updating Cyber Policies to Align With Recent SEC Exams and Guidance
Nov. 13, 2019
Updating Vendor Agreements to Comply With CCPA: Non-Third Parties and Key Steps
Nov. 6, 2019
AI for Fund Managers and Beyond: How to Use It to Streamline Operations
Nov. 6, 2019
Updating Vendor Agreements to Comply With CCPA: Service-Provider Exemption and Corporate Approaches
Oct. 30, 2019
Broad but Limited Reach of GDPR Highlighted in ECJ Google Ruling on “Right to Be Forgotten”
Oct. 23, 2019
CFTC Issues $1.5-Million Fine After Phishing Attack
Oct. 23, 2019
ICO Enforcement Takeaways After Marriott and British Airways
Oct. 16, 2019
Portuguese DPA Holds Parts of Portuguese Data Protection Law Inconsistent With GDPR
Oct. 16, 2019
How Uber, eBay and Pitney Bowes Built Principles-Based Global Privacy Programs
Oct. 9, 2019
Does the GDPR Disadvantage Non-E.U. Companies? Addressing the Lead Supervisory Authority Dilemma (Part Two)
Oct. 9, 2019
CCPA Close-Up: Examining the GLBA Carve-Out and How Financial Institutions Can Evaluate Applicability
Oct. 2, 2019
CCPA Close-Up: Review of Amendments and How to Prepare for Compliance
Oct. 2, 2019
Does the GDPR Disadvantage Non-E.U. Companies? The Benefits of a Lead Supervisory Authority (Part One of Two)
Sep. 18, 2019
New York’s First Mandated Cybersecurity Standards: A Compliance Roadmap
Sep. 18, 2019
Far-Reaching Google and YouTube Settlement Offers COPPA Compliance Lessons
Sep. 11, 2019
New York’s New Cybersecurity Standards: Expanding Definitions and Requirements
Aug. 21, 2019
Examining Portugal’s GDPR Implementation Statute
Aug. 21, 2019
Third-Party Data Breaches Highlight the Importance of Vetting Vendors in Compliance With GDPR and CCPA
Jul. 17, 2019
How to Establish an Efficient Incident Response Plan
Jul. 17, 2019
Maine Enacts Sweeping Broadband Customer Privacy Law
Jul. 10, 2019
Parental Liability in the E.U.: Mitigating Liability at Various Stages of Portfolio Company Ownership
Jul. 10, 2019
Can GDPR Hinder AI Made in Europe?
Jul. 10, 2019
Implications of Nevada’s New Privacy Law
Jun. 26, 2019
Preparing for the Latest SEC Cyber Sweeps
Jun. 26, 2019
Parental Liability in the E.U.: Rebuttable Presumption of Decisive Influence and Four Misconceptions About Avoiding Liability
Jun. 19, 2019
Kids, Privacy & Legal Compliance
Jun. 19, 2019
Parental Liability in the E.U.: “Undertakings” and Potential Scope of Risk for Parent Entities
Jun. 12, 2019
CCPA Priorities: Tackling Data Subject Rights Requests and Vendors
Jun. 5, 2019
FINRA RegTech Conference Reviews AI, RegTech Adoption and Compliance Challenges (Part Two of Two)
Jun. 5, 2019
CCPA Priorities: Turning Legislation Prep Into a Program Shift
Jun. 5, 2019
Irish Data Protection Commissioner Helen Dixon on Breach Notification, the Role of the DPO and a U.S. Privacy Law
May 29, 2019
FINRA RegTech Conference Examines Digital Identification, Suspicious Activity Reporting and Machine Learning
May 29, 2019
Irish DPC Helen Dixon on GDPR Enforcement Hurdles One Year In
May 22, 2019
Deputy Assistant Attorney General Seeks to Dispel CLOUD Act Misunderstandings One Year In
May 15, 2019
ECJ Confirms Direct Parental Liability for Civil Damages for Subsidiary Antitrust or GDPR Violations
May 8, 2019
Lessons From FTC 2018 Privacy and Data Security Update: Hearings, Reports and 2019 Predictions
May 8, 2019
Understanding Regulatory Technology: Current Uses and Deployment Considerations
May 1, 2019
Understanding Regulatory Technology: Tools, Challenges and Regulators’ Views
May 1, 2019
Lessons From FTC 2018 Privacy and Data Security Update: Financial Privacy, COPPA and International Enforcement
Apr. 24, 2019
Lessons From FTC's 2018 Privacy and Data Security Update: Enforcement Takeaways
Apr. 17, 2019
GPEN Report Highlights Key Areas for Data Privacy Improvement
Apr. 10, 2019
Combatting Privacy Issues Arising From Geolocation Data Use: Five Risk-Mitigation Strategies
Apr. 10, 2019
Utah Act Increases Restrictions on Access to Third-Party Data
Apr. 3, 2019
Combatting Privacy Issues Arising From Geolocation Data Use: Understanding the Legal Landscape
Mar. 27, 2019
Companies May Need to Re-Examine Approach to Breach Response Preparedness According to Experian Survey
Mar. 20, 2019
COPPA Compliance Lessons Following Musical.ly’s $5.7 Million FTC Settlement
Mar. 13, 2019
Mitigating the Risks of Open-Source Software
Mar. 13, 2019
Takeaways From 2018 COPPA Developments and a Forward-Thinking Approach to Compliance
Mar. 6, 2019
Benefits and Risks of Open-Source Software and How the Financial Sector Is Using It
Mar. 6, 2019
The NYDFS’ Cybersecurity Regulation’s Third-Party Requirement and Beyond
Mar. 6, 2019
Preparing for the CCPA: Best Practices and Understanding Enforcement
Feb. 27, 2019
U.K. Employers on the Hook for Rogue Employee Data Leaks Post-
Morrison
Feb. 27, 2019
Preparing for the CCPA: Securing Buy-In and Setting the Scope
Feb. 20, 2019
ACA Aponix-NSCP Cyber Survey Finds Growing Numbers of Security Incidents, Cloud Use and Regulatory Burdens
Feb. 13, 2019
FINRA Report Addresses Common Cybersecurity Risks and Recommends Mitigation Measures
Feb. 6, 2019
Examining the New Requirements and Broad Definition of Data Broker Under Vermont’s New Law
Feb. 6, 2019
Analyzing Early GDPR Enforcement: France
Jan. 30, 2019
Analyzing Early GDPR Enforcement: U.K. and Austria
Jan. 30, 2019
How Healthcare and Other Industries Can Use the HHS Cybersecurity Practices Guidance
Jan. 23, 2019
Analyzing Early GDPR Enforcement: Portugal and Germany
Jan. 23, 2019
Illinois Federal Court Denies Standing in BIPA Claim Against Google
Jan. 23, 2019
Massachusetts Breach Notification Law 2.0: More Protections for Consumers, More Requirements for Businesses
Jan. 16, 2019
How a New Ethics Rule and Error in Manafort Case Highlight the Importance of Lawyers’ Technology Competence
Jan. 16, 2019
GDPR Provides Model for Privacy and Security Laws in Latin America and Asia (Part Two of Two)
Jan. 9, 2019
FTC Data Security Hearing Examines M&A Cybersecurity Risks and Promoting Better Policies
Jan. 9, 2019
GDPR Provides Model for Privacy and Security Laws in Latin America and Asia (Part One of Two)
Dec. 12, 2018
Illinois Appellate Decision Creates Split on Standing to Sue Under BIPA
Dec. 12, 2018
Understanding the Potential Implications of Pennsylvania’s Newly Recognized Common Law Duty to Protect Personal Information
Dec. 12, 2018
Implications of a Dynamic Regulatory and Threat Environment on E.U. and U.S. Cyber Insurance Markets
Dec. 5, 2018
Insights From Uber: Building Bridges Between Legal and Engineering
Nov. 28, 2018
Insights From Uber: An Inside Look at Its Privacy Team Structure and How Legal and Tech Collaborated on Its Differential Privacy Tool
Nov. 28, 2018
SEC Officials and the Defense Bar Talk Cybersecurity Enforcement Trends and Takeaways From Recent Cases
Nov. 28, 2018
The Growing Role of State AGs in Privacy Enforcement
Nov. 7, 2018
How to Improve Risk Analysis in the Wake of the Anthem’s Record Settlement
Nov. 7, 2018
How GoDaddy Built an Effective Privacy Program
Oct. 31, 2018
How to Comply With Canada’s New Privacy Breach Reporting and Record-Keeping Rules
Oct. 31, 2018
SEC Report on Business Email Compromise Signals That It May Pursue Insufficient Internal Controls Cases
Oct. 24, 2018
Unregistered Crypto Asset Fund Hit With Multiple Securities Laws Violations by SEC
Oct. 24, 2018
California Enacts Groundbreaking IoT Law and Requires Disclosure of Bot Use
Oct. 24, 2018
The Hidden Requirements in NYDFS’ Cybersecurity Regulation
Oct. 17, 2018
Regulating AI: U.S., E.U. and Industry Laws and Guidance
Oct. 10, 2018
Lessons From the SEC’s First Red Flags Rule Settlement
Sep. 26, 2018
Five Takeaways From the Fiserv Wake-Up Call
Sep. 19, 2018
Ohio Adopts Pioneering Cybersecurity Safe Harbor for Companies
Sep. 12, 2018
Colorado’s Revised Cybersecurity Law Clarifies and Strengthens Existing Requirements
Sep. 12, 2018
Information Sharing in the Private Sector: Lessons From the Financial Services Industry
Sep. 5, 2018
How the GDPR Will Affect Private Funds’ Use of Alternative Data
Aug. 22, 2018
A Fund Manager’s Roadmap to Big Data: Privacy Concerns, Third Parties and Drones
Aug. 15, 2018
A Fund Manager’s Roadmap to Big Data: MNPI, Web Scraping and Data Quality
Aug. 8, 2018
U.K.’s Cyber Essentials Provide a Window Into GDPR Security Infrastructure Requirements
Aug. 8, 2018
Essential Cyber, Tech and Privacy M&A Due Diligence Considerations
Jul. 25, 2018
GDPR Essentials for the Financial Sector: Staying Compliant and Special Challenges (Part Three of Three)
Jul. 18, 2018
Overcoming Barriers to Cross-Border Data Flows, Contract Provisions and Other Digital Transformation Issues
Jul. 18, 2018
GDPR Essentials for the Financial Sector: Compliance Steps (Part Two of Three)
Jul. 18, 2018
What to Expect From California’s Expansive Privacy Legislation
Jul. 11, 2018
GDPR Essentials for the Financial Sector: Benchmarking and Assessing the Risks (Part One of Three)
Jul. 11, 2018
Is Encryption Obligatory? HHS Upholds Texas Hospital $4.3M HIPAA Fine
Jun. 27, 2018
Implementation of NIS Directive Commences Unprecedented E.U.-Wide Cybersecurity Regime
Jun. 27, 2018
What Are the GDPR’s Implications for Alternative Investment Managers? (Part Two of Two)
Jun. 20, 2018
What Are the GDPR’s Implications for Alternative Investment Managers? (Part One of Two)
Jun. 13, 2018
CFTC Commissioner Encourages Formation of Self-Regulatory Organization for Cryptocurrency Spot Platforms
Jun. 6, 2018
Analyzing New and Amended State Breach Notification Laws
Jun. 6, 2018
Beyond GDPR: The E.U.’s Expanding Cybersecurity Regime
May 30, 2018
Understanding the Intersection of Law and Artificial Intelligence
May 16, 2018
How to Ensure GDPR-Compliant Third-Party Relationships
May 16, 2018
Countdown to GDPR Enforcement: Final Steps and Looking Ahead
May 9, 2018
The Right to Be Forgotten: English High Court Details When Google Must Delist Links to Crimes
May 9, 2018
How Financial Services Firms Should Structure Their Cybersecurity Programs
May 2, 2018
Direct From the Irish Data Commissioner: GDPR Enforcement Priorities (Part Two of Two)
Apr. 25, 2018
Direct From the Irish Data Protection Commissioner: Supervising Facebook (Part One of Two)
Apr. 11, 2018
Breaking the Cloud: CLOUD Act Brings Data Held Overseas Under U.S. Jurisdiction
Apr. 11, 2018
Virtual Currencies Ruled Commodities Under the Commodities Exchange Act by District Court
Mar. 28, 2018
Singapore Focuses on Critical Infrastructure With New Cybersecurity Law
Mar. 28, 2018
Evaluating Cybersecurity Coverage in Light of the GDPR
Mar. 28, 2018
EY Global Data Analytics Survey Finds Lack of GDPR Preparedness and Need for Cross-Functional Collaboration
Mar. 28, 2018
Beware of False Friends: A Hedge Fund Manager’s Guide to Social Engineering Fraud
Mar. 14, 2018
How Will the GDPR Affect Due Diligence?
Mar. 14, 2018
FTC Enters Into Stiff Settlement With PayPal for Venmo’s Deceptive Practices, but Eases up on a 2009 Sears Order
Mar. 14, 2018
Developing an Effective Third-Party Management Program
Feb. 28, 2018
The GDPR’s Data Subject Rights and Why They Matter
Feb. 28, 2018
How South Korea Regulates Cryptocurrency and Why U.S. Lawyers and Investors Should Take Notice
Feb. 28, 2018
SEC Confirms Cyber Disclosure Expectations in New Guidance
Feb. 28, 2018
Financial Firms Must Supervise Their IT Providers to Avoid CFTC Enforcement Action
Feb. 14, 2018
Virtual Currencies Present Significant Risk and Opportunity, Demanding Focus From Regulators, According to CFTC Chair
Feb. 14, 2018
Dynamic Regulations and Shareholder Actions Guide the Board’s Shifting Role in Cyber (Part Two of Two)
Feb. 14, 2018
Using Technology to Comply With the GDPR
Feb. 14, 2018
NY AG and HHS Flex Regulatory Muscles in Recent Protected Health Information Breach Settlements
Oct. 14, 2015
Privacy and Data Security Considerations for Life Sciences and Health Technology Companies (Part One of Two)
Jan. 31, 2018
Lessons and Trends From FTC’s 2017 Privacy and Data Security Update: Enforcement Actions (Part One of Two)
Jan. 31, 2018
Biometric Data Protection Laws and Litigation Strategies (Part One of Two)
Jan. 31, 2018
Dynamic Regulations and Shareholder Actions Guide the Board’s Shifting Role in Cyber (Part One of Two)
Jan. 17, 2018
How Blockchain Will Continue to Revolutionize the Private Funds Sector in 2018
Jan. 17, 2018
Deadline Passes for DoD Contractors and Subcontractors to Provide “Adequate Security”: Are They Ready?
Jan. 17, 2018
A Practical Look at the GDPR’s Data Breach Notification Provision
Dec. 20, 2017
Electronic Signatures: Implementation Considerations for the Financial Sector (Part Two of Two)
Dec. 20, 2017
Five Months Until GDPR Enforcement: Addressing Tricky Questions and Answers
Dec. 6, 2017
Actions Under Biometric Privacy Laws Highlight Related Risks
Dec. 6, 2017
Electronic Signatures: Implementation Considerations for the Financial Sector (Part One of Two)
Nov. 8, 2017
E.U. Data Regulators Weigh in on GDPR Prep in Asia and Across the Globe
Oct. 25, 2017
Survey Finds Cybersecurity Preparedness of Alternative Asset Managers to be Inadequate Relative to Traditional Asset Managers and Broker-Dealers
Oct. 25, 2017
Privacy Shield Survives First Annual Review
Oct. 11, 2017
Reconciling Data Localization Laws and the Global Flow of Information
Sep. 27, 2017
FTC Settlements in Privacy Shield Cases and With Lenovo Over Use of “Man-in-the-Middle” Software Highlight Vigorous Enforcement Efforts
Sep. 27, 2017
New Criteria for Employee Monitoring Practices in Light of ECHR Decision
Sep. 27, 2017
Deloitte Survey Shows Getting Skilled Cybersecurity Talent and Addressing Cyber Threats Among the Top Challenges for Financial Institutions
Sep. 13, 2017
Focus on Children’s Privacy by FTC and Plaintiffs Calls for Prioritizing COPPA
Aug. 23, 2017
Inside Advice on the Growing Cyber Insurance Market for the Financial Sector
Aug. 23, 2017
SEC Report Cites Cybersecurity Progress Along With Gaps in Training and Compliance
Aug. 23, 2017
Implications and Analysis of the E.U.-Canada Data Sharing Agreement Rejection
Aug. 9, 2017
Overcoming the Challenges and Reaping the Benefits of Multi-Factor Authentication in the Financial Sector (Part Two of Two)
Aug. 9, 2017
What the Financial Sector Should Know to Recognize and Combat Cyber Threats (Part Two of Two)
Aug. 9, 2017
Identifying and Managing Third-Party Cybersecurity Risks for Asset Managers
Jun. 3, 2015
Navigating Data Breaches and Regulatory Compliance for Employee Benefit Plans
Jul. 26, 2017
International Law Playing Cybersecurity Catch-Up (Part Two of Two)
Jul. 26, 2017
How the CCO Can Use SEC Guidance to Tackle Cyber Threats
Jul. 26, 2017
Overcoming the Challenges and Reaping the Benefits of Multi-Factor Authentication in the Financial Sector (Part One of Two)
Jul. 12, 2017
Synthesizing New York and Colorado’s Trailblazing Data Security Regulations for Financial Firms
Jul. 12, 2017
Navigating the Intersection of ERISA Fiduciary Duties and Cybersecurity Risk
Jul. 12, 2017
Blockchain and the Financial Services Industry: Potential Impediments to Its Eventual Adoption (Part Three of Three)
Jun. 28, 2017
Surveys Show Cyber Risk Remains High for Financial Services Despite Preventative Steps
Jun. 28, 2017
How Financial Service Providers Can Use Blockchain to Improve Operations and Compliance (Part Two of Three)
Jun. 28, 2017
Three Takeaways From Congress’s Cross-Border Data Hearings
Jun. 14, 2017
Are New York’s Cyber Regulations a “Game Changer” for Hedge Fund Managers?
Jun. 14, 2017
Basics of the Blockchain Technology and How the Financial Sector Is Currently Employing It (Part One of Three)
May 31, 2017
One Year Until GDPR Enforcement: Five Steps Companies Should Take Now
May 17, 2017
Executive Order on Cybersecurity Signed Amidst Massive Worldwide Ransomware Attack
May 17, 2017
Tracking Data and Maximizing Its Potential
May 3, 2017
European Data Protection Supervisor Offers Advice on Privacy Shield Review and GDPR Preparation
May 3, 2017
Practical and Innovative Permissioning Within the Framework of Europe’s Upcoming Data Protection Regulations
May 3, 2017
Infrastructure Cybersecurity Challenges: A View Through the Oil and Gas Pipeline Lens
May 3, 2017
SEC Officials Flesh Out Cybersecurity Enforcement and Examination Priorities (Part One of Two)
Apr. 19, 2017
Effective and Compliant Employee Monitoring (Part Two of Two)
Apr. 19, 2017
How to Ensure Cyber Risks Do Not Derail an IPO
Apr. 5, 2017
Effective and Compliant Employee Monitoring (Part One of Two)
Apr. 5, 2017
Best Practices for Mitigating Compliance Risks When Investment Advisers Use Social Media
Apr. 5, 2017
A Discussion With Ireland’s Data Protection Commissioner Helen Dixon About GDPR Compliance Strategies (Part Two of Two)
Mar. 22, 2017
A Discussion With Ireland’s Data Protection Commissioner Helen Dixon About GDPR Compliance Strategies (Part One of Two)
Mar. 8, 2017
What Covered Financial Entities Need to Know About New York’s New Cybersecurity Regulations
Feb. 22, 2017
Marsh and FireEye Take the Pulse of European Cybersecurity Climate
Feb. 22, 2017
Lessons for Connected Devices From the FTC’s Warning Against Unexpected Data Collection
Feb. 8, 2017
Lessons From the Continued Uptick in HIPAA Enforcements
Feb. 8, 2017
Getting to Know the DPO and How to Adapt Corporate Structure to Comply With GDPR Requirements for the Role (Part Two of Two)
Feb. 8, 2017
How Fund Managers Can Prepare for Investor Cybersecurity Due Diligence
Jan. 25, 2017
Preparing to Meet the Deadlines of DFS’ Revised New York Cybersecurity Regulation
Jan. 25, 2017
Triaging Security Projects in the Current Legal Landscape
Jan. 25, 2017
Getting to Know the DPO and Adapting Corporate Structure to Comply With the GDPR (Part One of Two)
Jan. 25, 2017
FINRA Emphasizes the Importance of Proper Electronic Record Storage in Enforcement Actions
Jan. 11, 2017
Privacy, Security Risks and Applicable Regulatory Regimes of Smart TVs
Jan. 11, 2017
FTC Priorities for 2017 and Beyond
Jan. 11, 2017
Ten Cybersecurity Priorities for 2017
Dec. 14, 2016
FINRA Lays Out Cyber Expectations in Action Against Broker-Dealer
Dec. 14, 2016
Navigating Data Privacy Laws in Cross-Border Investigations
Dec. 14, 2016
Presidential Commission Recommends Ways For Public and Private Sectors to Improve Cybersecurity
Dec. 14, 2016
Advice From Compliance Officers on Getting the C-Suite to Show You the Money for Your Data Privacy Program
Nov. 16, 2016
WilmerHale Attorneys Explain the Evolving Cybersecurity Environment of the Energy Sector
Nov. 16, 2016
Navigating U.S. and E.U. Cybersecurity Requirements
Nov. 2, 2016
Navigating the Early Months of Privacy Shield Certification Amidst Uncertainty
Oct. 5, 2016
Examining Newly Released Privacy and Security Guidance for the Fast-Driving Development of Autonomous Cars
Oct. 19, 2016
How the Financial Services Industry Can Handle Cybersecurity Threats, Acquisition Diligence and Breach Response
Oct. 19, 2016
SEC Emphasizes Protecting Information From More Than Just Cyber Threats in Deutsche Bank Case
Oct. 5, 2016
FCA Director Lays Out Cybersecurity Expectations for Financial Services Firms
Sep. 21, 2016
Steps Financial Institutions Should Take to Meet New York’s Proposed Cybersecurity Regulation
Sep. 7, 2016
Navigating Online Identity Management’s Risks and Regulations
Aug. 3, 2016
Second Circuit Quashes Warrant for Microsoft to Produce Email Content Stored Overseas
Aug. 3, 2016
Is Pokémon Go Pushing the Bounds of Mobile App Privacy and Security?
Aug. 3, 2016
Procedures for Hedge Fund Managers to Safeguard Trade Secrets From Rogue Employees
Jul. 20, 2016
Key Requirements of the Newly Approved Privacy Shield
Jul. 20, 2016
How the Financial Services Industry Can Manage Cyber Risk
Jul. 20, 2016
Challenges Facing Chief Privacy Officers
Jul. 6, 2016
How Will Brexit Affect U.K. Data Protection and Privacy Laws?
Jul. 6, 2016
Enforcing Consumer Consent: FTC Focuses on Location Tracking and Children’s Privacy
Jun. 22, 2016
Morgan Stanley Action Signals SEC’s Continued Enforcement of Safeguards Rule
May 11, 2016
SEC Teaches Broker-Dealer a Lesson About Keeping Business Emails Secure
Apr. 27, 2016
Mitigating the Risks of Using Social Media in the Workplace
Apr. 27, 2016
Designing Privacy Policies for Products and Devices in the Internet of Things
Apr. 27, 2016
Federal Judge Offers Advice on Litigating Data Privacy, Security Breach and TCPA Class Action Suits
Apr. 13, 2016
Ten Steps to Minimize Data Privacy and Security Risk and Maximize Compliance
Mar. 30, 2016
Steps for Companies to Take This Week, This Month and This Year to Meet the Challenges of International Cyberspace Governance
Mar. 30, 2016
Securing Connected Medical Devices to Ensure Regulatory Compliance and Customer Safety (Part One of Two)
Mar. 30, 2016
In-House and Outside Counsel Offer Strategies for Navigating the TCPA, Avoiding Litigation and Responding to Breaches
Mar. 16, 2016
Making Sense of Cybersecurity and Privacy Developments in the E.U.
Mar. 16, 2016
How Financial Service Providers Can Address Common Cybersecurity Threats
Mar. 2, 2016
Expert Advice on Newly Effective NFA Cybersecurity Requirements for Market Participants
Mar. 2, 2016
Synthesizing Breach Notification Laws in the U.S. and Across the Globe
Feb. 17, 2016
White House Lays Out Its Broad Cybersecurity Initiatives
Feb. 17, 2016
HIPAA Privacy Rule Permits Disclosures to Firearm Background Check System
Feb. 17, 2016
Deal Struck to Maintain the Transatlantic Data Flow
Feb. 17, 2016
Legal and Regulatory Expectations for Mobile Device Privacy and Security (Part Two of Two)
Feb. 3, 2016
Legal and Regulatory Expectations for Mobile Device Privacy and Security (Part One of Two)
Feb. 3, 2016
Safe Harbor 2.0 Agreement Reached
Jan. 20, 2016
Navigating FCA and SEC Cybersecurity Expectations (Part Two of Two)
Jan. 20, 2016
The E.U.’s New Rules: Latham & Watkins Partner Gail Crawford Discusses the Network Information Security Directive and the General Data Protection Regulation
Jan. 20, 2016
What OFAC’s New Cyber-Related Sanctions Regulations Mean for Companies
Jan. 6, 2016
Opportunities and Challenges of the Long-Awaited Cybersecurity Act of 2015
Jan. 6, 2016
How the Financial Services Sector Can Meet the Cybersecurity Challenge: A Plan for Building a Cyber-Compliance Program (Part Two of Two)
Jan. 6, 2016
Cybersecurity and Whistleblowing Converge in a New Wave of SEC Activity
Jan. 6, 2016
Navigating FCA and SEC Cybersecurity Expectations (Part One of Two)
Jan. 6, 2016
Keeping Up with Technology and Regulatory Changes in Online Advertising to Mitigate Risks
Jan. 6, 2016
FTC Director Analyzes Its Most Significant 2015 Cyber Cases and Provides a Sneak Peek Into 2016
Dec. 9, 2015
How the Financial Services Sector Can Meet the Cybersecurity Challenge: A Snapshot of the Regulatory Landscape (Part One of Two)
Dec. 9, 2015
Year-End HIPAA Settlements May Signal More Aggressive Enforcement by HHS
Dec. 9, 2015
The Multifaceted Role of In-House Counsel in Cybersecurity
Nov. 11, 2015
What Companies Can Learn from Cybersecurity Resources in Pittsburgh
Nov. 11, 2015
California Law Enforcement Faces Higher Bar in Acquiring Electronic Information
Nov. 11, 2015
Liability Lessons from Data Breach Enforcement Actions
Nov. 11, 2015
New NFA Notice Provides Cybersecurity Guidance to Futures and Derivatives Market
Oct. 28, 2015
Federal Courts Offer a Modern Interpretation of the VHS-Era Video Privacy Protection Act
Oct. 28, 2015
Mastercard and U.S. Bancorp Execs Share Tips for Awareness and Prevention of Mushrooming Cyber Risk (Part Two of Two)
Oct. 28, 2015
Privacy and Data Security Considerations for Life Sciences and Health Technology Companies (Part Two of Two)
Oct. 28, 2015
Orrick Attorneys Explain California’s New Specific Standards for Breach Notification
Oct. 28, 2015
How the Department of Commerce Can Help Companies Address Cybersecurity and Corruption Concerns
Oct. 14, 2015
Dangerous Harbor: Analyzing the European Court of Justice Ruling
Oct. 14, 2015
Mastercard and U.S. Bancorp Execs Share Tips for Awareness and Prevention of Mushrooming Cyber Risk (Part One of Two)
Sep. 30, 2015
What the OCIE Cybersecurity Risk Alert Means for Investment Advisers and Broker-Dealers
Sep. 30, 2015
Investment Adviser Penalized for Weak Cyber Polices; OCIE Issues Investor Alert
Sep. 16, 2015
Learning from the Target Data Breach About Effective Third-Party Risk Management (Part One of Two)
Sep. 16, 2015
How the Legal Industry Is Sharing Information to Combat Cyber Threats
Aug. 26, 2015
The Development of E-Currency and Its Potential Impact on the Future
Aug. 26, 2015
Seeking Solutions to Cross-Border Data Realities
Aug. 26, 2015
FTC Weighs In on the Security of Health Care Data on the Cloud
Aug. 12, 2015
Navigating the Evolving Mobile Arena Landscape (Part Two of Two)
Aug. 12, 2015
Can an Employee Be Liable for Inadvertently Providing Security Details to a Fraudulent Caller?
Jul. 15, 2015
Understanding and Mitigating Liability Under the Children’s Online Privacy Protection Act
Jul. 1, 2015
Coordinating Legal and Security Teams in the Current Cybersecurity Landscape (Part One of Two)
Jul. 1, 2015
Regulatory Compliance and Practical Elements of Cybersecurity Testing for Fund Managers (Part Two of Two)
Jul. 1, 2015
SEC Commissioner Says Public-Private Partnership Is Key to Effective Cybersecurity
Jul. 1, 2015
What Companies Need to Know About the FCC’s Actions Against Unwanted Calls and Texts
Jun. 17, 2015
Regulatory Compliance and Practical Elements of Cybersecurity Testing for Fund Managers (Part One of Two)
May 20, 2015
After a Cyber Breach, What Laws Are in Play and Who Is Enforcing Them?
May 20, 2015
Analyzing and Mitigating Cybersecurity Risks to Investment Managers (Part Two of Two)
May 6, 2015
Gibson Dunn Attorneys Discuss the Impact of Obama’s Executive Order Creating New Tools to Fight Cyber Attacks
May 6, 2015
Analyzing and Mitigating Cybersecurity Threats to Investment Managers (Part One of Two)
Apr. 22, 2015
Steps to Take Following a Healthcare Data Breach
Apr. 22, 2015
Debunking Cybersecurity Myths and Setting Program Goals for the Financial Services Industry
Apr. 8, 2015
ECJ Hearing on Safe Harbor Challenges How U.S. Companies Handle European Data
Apr. 8, 2015
The SEC’s Two Primary Theories in Cybersecurity Enforcement Actions
Jan. 15, 2025
Children’s Privacy Grows Up: Examining New Laws That Now Protect Older Teens
Jan. 15, 2025
Navigating Ever-Increasing State AI Laws and Regulations
Jan. 8, 2025
How to Adjust to the FTC’s Crackdown on Sensitive Location Data
Jan. 8, 2025
Loose Lips Sink Ships: Maintaining Confidentiality in Investigations
Dec. 18, 2024
SEC Stresses Cybersecurity, AI and Crypto in Its 2025 Exam Priorities
Dec. 18, 2024
Advertising Opt‑Outs Drive New Privacy Strategies in 2025
Dec. 11, 2024
DOJ’s 2024 Edits to the ECCP: Speaking Up, Compliance Resources and Lessons Learned
Dec. 4, 2024
Preparing for Compliance With CFPB’s Final Personal Financial Data Rights Rule
Dec. 4, 2024
SEC Charges Four Companies for Misleading Cyber Incident Disclosures: Lessons on Contents and Procedures
Nov. 20, 2024
SEC Charges Four Companies for Misleading Cyber Incident Disclosures: New Expectations?
Nov. 20, 2024
DOJ’s 2024 Edits to the ECCP: Data Analytics to Find Risks and Measure Effectiveness
Nov. 13, 2024
GDPR Enforcement’s New Phase: Navigating Privacy Investigations in Europe
Nov. 6, 2024
GDPR Enforcement’s New Phase: More Predictability, and New Rules on the Way
Nov. 6, 2024
DOJ’s 2024 Edits to the ECCP: Some History and AI Expectations
Oct. 30, 2024
What to Know (and Do) About DOJ’s Efforts to Identify and Prosecute Cybersecurity Fraud Under the False Claims Act
Oct. 30, 2024
Emerging Issues in Workplace Privacy: Regulations and Compliance Strategies
Oct. 23, 2024
Answers to Six Key Questions About How Enforcers View Gatekeepers
Oct. 16, 2024
Deciphering California’s Pioneering Mandate for an AI Nutrition Label
Oct. 16, 2024
Meeting DOJ Expectations Post-Resolution Requires Realism and Accountability
Oct. 9, 2024
Emojis and Video Communications: Compliance Practices to Overcome Recordkeeping Challenges
Oct. 9, 2024
Loyal to a Fault? Customer Loyalty Programs in the Age of Comprehensive Privacy Laws
Oct. 9, 2024
What CCOs Should Know About the DOJ’s Efforts to Curtail Criminal Use of AI
Oct. 2, 2024
Emojis and Video Communications: The Next Frontier of SEC Scrutiny?
Oct. 2, 2024
FTC and State Enforcers Reveal What’s Next and What to Do About It
Sep. 25, 2024
FTC Signals Stricter Children’s Enforcement in NGL Labs Settlement: Compliance Lessons
Sep. 18, 2024
SEC Penalizes Adviser for Failing to Preserve Off-Channel Communications
Sep. 18, 2024
FTC Signals Stricter Children’s Enforcement in NGL Labs Settlement: Key Violations and Settlement Terms
Sep. 11, 2024
CrowdStrike Outage: A Test of Form PF Current Report Procedures
Sep. 11, 2024
Takeaways and Looming Questions After Ninth Circuit Cuts DPIA From California’s Age-Appropriate Design Code
Sep. 4, 2024
Navigating Government Investigations of Privacy Practices
Aug. 21, 2024
What Texas’ Record $1.4‑Billion Deal With Meta Portends for Biometric Data Capture and Use
Aug. 21, 2024
Navigating U.S. Privacy Laws in Internal Investigations
Aug. 14, 2024
SolarWinds
Decision: Practical Takeaways for Cyber Communications
Aug. 7, 2024
Jarkesy
and
Loper
: Bombshells or Busts?
Aug. 7, 2024
How Privacy Efforts Can Boost Revenue
Aug. 7, 2024
SolarWinds
Decision: Court Narrows Case, but SEC’s Surviving Claims Alarm CISOs
Jul. 31, 2024
Challenges, Risks and Future of the CISO Role
Jul. 24, 2024
What Regulated Companies Need to Know About the SEC’s Final Amendments to Regulation S‑P
Jul. 24, 2024
Implications of
Loper Bright
: Impacts on Congress, Courts and Agencies
Jul. 17, 2024
FCC Forfeiture Orders Underline Need for Vigilance on Geolocation Sharing
Jul. 17, 2024
Thoughts From DOJ Experts on Using Data Analytics to Strengthen Compliance Programs
Jul. 17, 2024
Implications of
Loper Bright
: Demise of
Chevron
Deference and Effect on Cyber and Privacy Enforcement
Jul. 10, 2024
Key Implications and Practical Cyber Program Lessons From SEC’s R.R. Donnelley Settlement
Jul. 10, 2024
A Framework for Materiality Determinations Under SEC’s Cyber Incident Disclosure Rules
Jun. 26, 2024
Measures for Complying With 19 (and Counting) State Privacy Laws
Jun. 19, 2024
Examining Distinctive Aspects of Minnesota’s Demanding New Privacy Law
Jun. 19, 2024
Navigating Recent Changes to China’s Data Privacy Laws in Internal Investigations
Jun. 12, 2024
Privacy and Data Security Regulators Discuss Enforcement Priorities and Collaborative Efforts
May 29, 2024
Testing Is an Integral Component of Compliance Programs
May 22, 2024
How the FTC Non‑Compete Ban Could Impact CPOs, CCOs and Other Top Executives
May 22, 2024
SEC Enforcement Actions Target “AI Washing”
May 8, 2024
Takeaways From FTC’s Orders Targeting Digital Health Companies
May 8, 2024
Survey Finds Cybersecurity Budgets Rising and Increased Incident Response Confidence
May 1, 2024
Navigating Ransomware’s Challenges
May 1, 2024
Off-Channel Communications Are Not the Only Source of Electronic Recordkeeping Violations
Apr. 24, 2024
Common Law Fraud and
SEC v. Jarkesy
: The Key Issue Underlying the Questions Presented
Apr. 17, 2024
AI Governance Strategies for Privacy Pros
Apr. 10, 2024
Practical Insights Direct From U.S. State Privacy Enforcers
Apr. 10, 2024
Latest SEC Sweep of Off‑Channel Communications Both Befuddles and Turns Up the Heat on Investment Advisers
Apr. 3, 2024
Crafting Effective Mobile Device Policies to Satisfy Regulatory Expectations
Mar. 27, 2024
SEC’s 2024 Regulatory Focus
Mar. 20, 2024
Court Hands FTC Grounds to Curb Data Broker Sales
Mar. 13, 2024
Fostering Collaboration and Communication Between Security and Compliance
Mar. 13, 2024
Forecasting Potential Outcomes in
SEC v. Jarkesy
Based on Recent Oral Arguments
Mar. 13, 2024
Connecticut AG’s Report Highlights Enforcement Risks and Points to Action Steps for Companies
Mar. 6, 2024
Lessons From California’s DoorDash Enforcement Action
Feb. 28, 2024
Data Retention and Destruction Lessons From FTC’s Blackbaud Case
Feb. 28, 2024
Legal and Ethical Issues in Use of Biometrics: FIDO, Identity-Proofing and Other Options
Feb. 21, 2024
Legal and Ethical Issues in Use of Biometrics: Modality Selection, Implementation and State Laws
Feb. 14, 2024
Financial Services 2024 Privacy, Cybersecurity and AI Regulation Overview
Feb. 14, 2024
Mitigating CISO Personal Liability Post-SolarWinds
Feb. 14, 2024
Nine Impacts of New Jersey and New Hampshire Privacy Laws
Feb. 7, 2024
Binance’s $4.3‑Billion Criminal Resolution Raises Questions on Crypto Guidance
Feb. 7, 2024
Avoiding Pitfalls in Cyber Insurance Applications and Claims
Jan. 31, 2024
FTC’s Rite Aid Order: Expanded Algorithm Disgorgement and a Compliance Roadmap
Jan. 24, 2024
FTC’s Rite Aid Order: A Strong Message to Users of Biometrics and AI
Jan. 24, 2024
Emerging Cyber Threats and Defenses
Jan. 17, 2024
2024 SEC Examination Priorities: New Approaches to Old Areas of Concern
Jan. 10, 2024
How Companies Can Identify and Prevent Unlawful Dark Patterns
Jan. 3, 2024
SEC Director Offers Clarification on New Cyber Disclosure Regime
Jan. 3, 2024
Complying With the FTC’s Amended Safeguards Rule’s New Reporting Requirement
Dec. 13, 2023
A 2023 Cyber Regulation Look-Back and 2024 Risk-Management Strategies
Dec. 13, 2023
Navigating a Breach As a Third-Party Service Provider: Notifications, Network Decisions and Preserving Privilege
Dec. 6, 2023
U.K. Penalizes Morgan Stanley for Lax Electronic Communications Practices
Nov. 15, 2023
Navigating SEC Cybersecurity Enforcement in a Post-SolarWinds World
Nov. 1, 2023
Compliance Challenges in Records Management
Nov. 1, 2023
Examining Security Mandates, Including California’s Draft Audit Regulations, in State Privacy Laws
Oct. 25, 2023
U.K. Equifax Fine Calls for Stricter Parent-Subsidiary Data-Sharing Processes
Oct. 18, 2023
Current and Former Enforcement Staffs’ Tips for Litigating Against the SEC
Oct. 18, 2023
Private Actions Under the CPRA: Key Issues and Defense Strategies
Oct. 11, 2023
Former SEC Officials Discuss Aggressive Enforcement Climate
Oct. 4, 2023
Understanding the Fiduciary Exception to Attorney-Client Privilege
Sep. 27, 2023
Changes Brewing for Enforceability of Non‑Compete Provisions
Sep. 20, 2023
SEC and CFTC Continue to Penalize Firms for Electronic Communications Recordkeeping Violations
Sep. 6, 2023
Navigating the SEC’s Newly Adopted Cybersecurity Disclosure and Controls Regime
Aug. 16, 2023
Recent Developments in SEC, DOJ and Civil Litigation Efforts Targeting Off-Channel Electronic Communications
Aug. 2, 2023
Navigating Evolving Data Breach Litigation and Regulatory Risks
Jul. 19, 2023
NYDFS Changes Its Cybersecurity Regulation Requirements Through Enforcement – Again
Jul. 12, 2023
SEC Remains Focused on Off-Channel Communications
Jul. 12, 2023
Analyzing 2023’s New State Privacy Laws: Oregon and Delaware Join the Strictest Tier
Jun. 28, 2023
SEC Steps Up Enforcement Actions Against Cryptocurrencies
Jun. 21, 2023
Agency Power and Adjudication: The
Government Seeks Supreme Court Review of
Jarkesy v. SEC
Jun. 21, 2023
Xbox and Alexa COPPA Case Lessons: Avatars, Biometrics and Other New Expectations
Jun. 14, 2023
Xbox and Alexa COPPA Case Lessons: Negotiating With the FTC Over Algorithms and Remedies
Jun. 14, 2023
Messaging Apps Come Under Increasing Regulatory Scrutiny
May 31, 2023
How CPOs Communicate Privacy’s Value to the Board
May 31, 2023
How to Navigate the Rough Waters and Turning Tides of U.S. States’ Anti-ESG Movement and Europe’s Pro-ESG Measures (Part Two of Two)
May 17, 2023
Practical Steps to Take Based on SEC’s Proposed Cybersecurity Risk Management Rule for Investment Advisers
May 17, 2023
Meta and Epic Cases Show FTC Toughening Its Children’s Privacy Enforcement
May 17, 2023
Understanding Cyberattacks on Digital Asset Platforms
May 10, 2023
Making Sense of Evolving Regulations, Recent Enforcement Efforts and Antitrust Claims as to ESG Investing in the U.S. and E.U. (Part One of Two)
May 10, 2023
Supreme Court: District Courts Have Jurisdiction to Hear Constitutional Challenges to ALJ Regimes
Apr. 26, 2023
Tips for Working With Cyber Insurance Carriers Following a Ransomware Event
Mar. 29, 2023
FTC’s BetterHelp Case Prescribes Stronger Privacy Practices
Mar. 22, 2023
ECJ Ruling Expands Legal Professional Privilege
Mar. 15, 2023
SEC Modernizes Broker-Dealer Electronic Recordkeeping Rules
Mar. 8, 2023
What Employers Should Know About the FTC’s Proposed Ban on Non-Compete Provisions
Jan. 18, 2023
Scrutiny Over Dark Patterns Presents Further Challenges in Online Contracting
Jan. 18, 2023
Electronic Communications, Cooperation Standards and Other Emerging Trends in the SEC’s Oversight of Private Funds
Jan. 11, 2023
Something’s Gotta Give: Navigating Auditor Inquiries in Investigations (Part Two of Two)
Jan. 4, 2023
FTC and $391-Million State AG Case Put Location Data Enforcement on the Map
Jan. 4, 2023
Something’s Gotta Give: Navigating Auditor Inquiries in Investigations (Part One of Two)
Dec. 14, 2022
Recent FTC Cases Highlight Evolving Regulatory Expectations in the Use of Multi-Factor Authentication
Dec. 7, 2022
Google Settlement Shows DOJ's Increased Focus on Data Preservation
Dec. 7, 2022
Checklist for Preserving Privilege of Forensic Analyses Post Breach
Nov. 30, 2022
Understanding and Implementing Privacy Audits
Nov. 30, 2022
FTC’s Drizly Case Shows Regulators Are Ready to Police Data’s Expiration Dates
Nov. 16, 2022
Ransomware Evolution: Government Efforts and Cyber Insurance
Nov. 9, 2022
Ransomware Evolution: Growing Threats and Response Considerations
Nov. 9, 2022
Lessons From the Conviction of Uber’s Former CISO
Nov. 2, 2022
Revised Monaco Memo Affects Compensation, Clawbacks and Monitorships
Oct. 26, 2022
SEC and CFTC Wall Street Resolutions Highlight Need for Communication and Records Compliance
Oct. 26, 2022
Navigating the Interplay of Breach Response and Breach Notification
Oct. 12, 2022
How the Revised Monaco Memo Alters Deal Making and Strategy
Oct. 5, 2022
A PR Blitz as DOJ Fine-Tunes Its Corporate Enforcement Policies
Sep. 28, 2022
Lessons From California’s First CCPA Enforcement Action
Sep. 21, 2022
Trio of Settled Enforcement Actions Highlights SEC Concerns About Identity Theft Policies and Procedures
Aug. 17, 2022
SEC Cyber Rules: How to Prepare for the New 10-K Disclosure Mandates
Aug. 17, 2022
The SEC’s 2022 Reg Flex Agendas: Major Proposals and Ambitious Timelines
Aug. 10, 2022
Tips for How In-House Counsel Can Navigate Typical Ethical Dilemmas and Conflicts of Interest (Part Two of Two)
Aug. 10, 2022
SEC Cyber Rules: How to Prepare for the New 8-K Incident Mandate
Aug. 3, 2022
Importance of In-House Counsel Discerning Their Client and Managing Evolving Attorney-Client Privilege Issues (Part One of Two)
Aug. 3, 2022
Cybersecurity Compliance Lessons From NYDFS’ Carnival Action
Jul. 20, 2022
Looking Back on the Breach: Fundamentals of Preserving Privilege of Forensic Analyses in the Wake of a Data Breach
Jul. 20, 2022
Corporate Compliance and Enforcement Hot Topics With IBM VP Una Dean
Jun. 29, 2022
Lessons From CISA for In-House Counsel on Mitigating and Managing MSP Breach Threats
Jun. 29, 2022
Present and Former SEC Officials Discuss the Commission’s Latest Examination and Enforcement Tactics and Priorities
Jun. 22, 2022
Learning From Twitter’s $150-Million Privacy Disclosure Mistakes
Jun. 22, 2022
Fifth Circuit Decision Could Hamstring SEC Enforcement Abilities
Jun. 15, 2022
Privacy and Security Regulators Discuss New Enforcement Proposals and Compliance Best Practices
Jun. 8, 2022
Revised DOJ Guidance Clarifies Liability Protections for Good-Faith Security Research
Jun. 8, 2022
Regulation Looms for Sharing of Sensitive Financial Data
May 18, 2022
TV Privacy: Can Old Remotes Handle New Consent Requirements?
May 11, 2022
Party of Five: Connecticut Law Solidifies Consensus on State Privacy Standards
Apr. 27, 2022
SEC Proposes Cyber Risk Management Rules for Advisers
Apr. 27, 2022
New Utah Privacy Law Marks a Shift in State Privacy Legislation
Apr. 20, 2022
FTC’s Khan and Phillips Deliver Views on Future of Data Privacy Enforcement
Apr. 13, 2022
California AG Opinion Hands Companies New Tasks for AI, Data Maps, Marketing
Apr. 6, 2022
Takeaways From the SEC’s Enhanced Cybersecurity Disclosure Regime for Public Companies
Mar. 30, 2022
The Parallels and Distinctions Between Investigations and Culture Reviews
Mar. 23, 2022
Implications of DOJ’s Pursuit of the Crypto-Laundering Couple
Mar. 9, 2022
A Look at the NSCP’s Firm and CCO Liability Framework
Mar. 9, 2022
Examining the Burdens and Benefits of a Remote Regulatory Environment
Mar. 2, 2022
Prioritizing Public-Private Partnerships in an Increasingly Complex Regulatory Environment
Feb. 16, 2022
The Privacy and Antitrust Paradox in the Age of Data
Feb. 9, 2022
Will It Be Goodbye Forever? Navigating Consumer Requests to Delete Personal Data
Feb. 2, 2022
Gensler Discusses the SEC’s Cyber Priorities
Jan. 26, 2022
Personal Liability and Compliance Resourcing Are Top Concerns Among CCOs, Surveys Show
Jan. 19, 2022
Privacy Resolutions for 2022
Jan. 12, 2022
SEC Chair Gensler’s Stance on Three Key Disclosure Areas and the Role of Individual Accountability in Enforcement Actions
Dec. 01, 2021
FTC Sets Wheels in Motion for a Broad Privacy Rule Restricting Data Collection
Nov. 17, 2021
How Financial Institutions Should Strengthen Their Data Security to Comply With FTC’s Updated Safeguards Rule
Oct. 6, 2021
Fund Managers Must Ensure Adequate Security Measures Under Safeguards Rule or Risk SEC Enforcement Action
Sep. 29, 2021
Value of Sponsors Implementing Portfolio Monitoring Models for ESG and Cybersecurity Issues
Sep. 29, 2021
SEC Cybersecurity Disclosure Enforcement Heats Up: Best Practices
Sep. 22, 2021
SEC Cybersecurity Disclosure Enforcement Heats Up: Recent Developments
Sep. 8, 2021
Electronic Communications: Useful Training Techniques and Policies and Procedures to Adopt
Sep. 8, 2021
What to Expect From the FCC and FTC Under the Biden Administration
Aug. 18, 2021
Electronic Communications: Current Technological Landscape and Relevant Regulatory Measures
Aug. 11, 2021
Evaluating Privacy and Cybersecurity Risks In Emerging Technology Transactions: Biometrics, Fintech and Cryptocurrency
Jul. 28, 2021
Incident Response in the Financial Services Industry
Jul. 21, 2021
Shedding Light on Dark Patterns: What Financial Institutions Need to Know
Jun. 23, 2021
Colorado Privacy Law Finishes Third, but Could Become the New Standard
Jun. 9, 2021
To “Cure” or Not to “Cure,” That Is the Question
Jun. 9, 2021
Post-COVID Compliance Strategies: White Collar Investigations and Enforcement
Jun. 9, 2021
State AGs Share Breach Notification Tips and Latest Enforcement Concerns
Apr. 21, 2021
Supreme Court’s Facebook Decision Narrows Applicability of the TCPA, but Companies Are Not Home Free
Apr. 14, 2021
AI Compliance Playbook: Traditional Risk Controls for Cutting-Edge Algorithms
Apr. 7, 2021
Behind the Scenes: California AG’s Non-Public CCPA Inquiries
Mar. 31, 2021
How Do You Put a System of Controls in Place When Your Target Keeps Moving?
Mar. 10, 2021
Preparing for the CPRA’s New Consumer Rights Requirements
Mar. 10, 2021
Familiar and Fresh Mandates in Virginia’s New Privacy Law
Mar. 3, 2021
Preserving the Privilege for In-House Counsel: Internal Investigations and Depositions
Mar. 3, 2021
Six Ways to Address Privacy Concerns in Biometric Vendor Contracts
Feb. 24, 2021
Preserving the Privilege for In-House Counsel: Communications and Common Issues
Feb. 17, 2021
Wray Highlights Benefits of FBI Coordination With Public and Private Sectors
Feb. 3, 2021
Expect Continuing Regulatory Focus on Cybersecurity and Data Protection in 2021
Jan. 27, 2021
Steps to Protect Privilege for Data Breach Forensic Reports
Jan. 20, 2021
Privacy Resolutions for 2021
Jan. 20, 2021
eDiscovery in Multi-Jurisdictional Investigations: Preparing to Play Multi-Level Chess
Jan. 6, 2021
Privacy and Security Risks in International Arbitration: Managing Remote Proceedings
Dec. 16, 2020
Privacy and Security Risks in International Arbitration: Threats and the Information Security Protocol
Dec. 16, 2020
How Will the Biden Administration’s Approach to Cybersecurity Impact the Private Sector?
Dec. 2, 2020
How CCOs Can Avoid Personal Liability for an Organization’s Compliance Failures
Nov. 18, 2020
SEC Commissioner Peirce Shares Views on Personal Liability for CCOs
Nov. 4, 2020
Comparing U.S. and E.U. Approaches to Incident Response and Breach Notification
Sep. 30, 2020
Learning From the “Holes” in Dunkin’s Security to Mitigate Brute-Force Attacks
Sep. 23, 2020
Data Breaches, Leaked Documents and the Attorney-Client Privilege: Can the Bell Really Be Unrung?
Aug. 5, 2020
CCPA and Online Ads: Contract and Compliance Consequences
Jul. 29, 2020
Remote Forensic Data Collection Steps Into the Spotlight
Jul. 29, 2020
CCPA and Online Ads: Facebook Finally Acts, AG Starts Enforcement
Jul. 15, 2020
Back to the Table: CCPA Regulations Spark New Wave of Service-Provider Negotiations
Jul. 15, 2020
Business Continuity Planning: How to Update a BCP With Lessons Learned From the Pandemic
Jun. 24, 2020
How to Comply With Key CCPA Notice and Consumer Request Requirements
Jun. 17, 2020
Privacy Settings May Serve as One-Step CCPA Opt-Out From Sale
Jun. 10, 2020
After Capital One Ruling, How Will Companies Protect Forensic Reports?
Jun. 10, 2020
Are You Prepared for OCIE’s Sweep of Business Continuity Plans and Coronavirus Actions?
Jun. 3, 2020
Preserving Privilege in Audits and Internal Investigations
May 20, 2020
FTC and ICO Commissioners Discuss the Problems With Pandemic Tech and Their Enforcement Approaches
May 20, 2020
How to Facilitate a Safe and Privacy Compliant Return to Work: Policies and Protocols
May 20, 2020
Did Adtech Fix Its CCPA Problem? IAB’s GC Discusses New Contract for Data Sales
May 13, 2020
How to Facilitate a Safe and Privacy Compliant Return to Work: Laws and Guidance
May 6, 2020
Managing Ransomware’s Mutation Into a Public Data Breach
Apr. 29, 2020
Understanding Insider Trading Based on Data Breaches Amidst Heightened Regulatory Scrutiny
Apr. 15, 2020
Takeaways From Former FTC Officials on 2019 Enforcement Actions: Data Security Guidance and Enforcement Predictions
Apr. 15, 2020
Six Ways to Be Prepared for the SEC’s Focus on Cybersecurity and Resiliency
Apr. 8, 2020
Takeaways From Former FTC Officials on the Commission’s 2019 Enforcement: General, Financial and Children’s Privacy
Apr. 8, 2020
DOJ Guidance on How Companies Should Pursue Stolen Data on the Dark Web
Apr. 1, 2020
Investigation Strategies During Social Distancing
Mar. 18, 2020
Business Considerations for Responding to the Coronavirus Outbreak
Mar. 11, 2020
NIST’s New IoT Standard: Inspiring a Wave of New Device Security Guidance
Mar. 4, 2020
Safeguards for Proper Disposal of Hardware: Effective Inventories, Policies and Due Diligence
Mar. 4, 2020
NIST’s New IoT Standard: Boosting Security As States Launch Laws
Feb. 26, 2020
Safeguards for Proper Disposal of Hardware: Risks and Examiner Expectations
Feb. 5, 2020
Defining, Implementing and Documenting “Reasonable Security”
Jan. 8, 2020
Present and Former Regulators Discuss Current SEC and NFA Examination and Enforcement Environment
Jan. 8, 2020
Eight Data Security Best Practices Revealed by Recent AG and FTC Enforcement Actions
Dec. 18, 2019
A New Norm: Prescriptive FTC Settlement With InfoTrax Addresses Reasonable Security Measures
Dec. 18, 2019
FTC Spyware Takedown Highlights Employee Monitoring Privacy Shifts
Nov. 20, 2019
Present and Former SEC Attorneys and Defense Counsel Discuss Cyber Disclosure and Cyber Enforcement
Nov. 13, 2019
Updating Cyber Policies to Align With Recent SEC Exams and Guidance
Oct. 23, 2019
CFTC Issues $1.5-Million Fine After Phishing Attack
Oct. 9, 2019
DOJ Spotlights Emerging Issues and Protection Strategies Around Business Email Compromise Attacks
Sep. 25, 2019
Vulnerability Disclosure Policies: A Cost-Effective Best Practice for Cybersecurity
Sep. 18, 2019
Far-Reaching Google and YouTube Settlement Offers COPPA Compliance Lessons
Sep. 18, 2019
Strategies and Tactics for Developing an Effective Tabletop Exercise (Part One of Two)
Sep. 11, 2019
Lessons From Equifax on How to Mitigate Post-Breach Legal Liability
Aug. 21, 2019
Facebook’s $100-Million Privacy and Security Disclosure Mistakes
Aug. 7, 2019
How Facebook’s $5-Billion FTC Settlement Is Shaping Compliance Expectations
Aug. 7, 2019
Lessons From SDNY Ruling on How to Preserve Privileged Communications With Attorney Consultants
Jul. 31, 2019
Learning From the Equifax Settlement
Jul. 24, 2019
Equifax and Facebook Settlements Overshadow More Routine FTC Summer Settlements
Jun. 26, 2019
Preparing for the Latest SEC Cyber Sweeps
May 22, 2019
Court Reconsiders November 2018 Order and Issues Preliminary Injunction Against ICO
May 8, 2019
Lessons From FTC 2018 Privacy and Data Security Update: Hearings, Reports and 2019 Predictions
May 1, 2019
Lessons From FTC 2018 Privacy and Data Security Update: Financial Privacy, COPPA and International Enforcement
Apr. 24, 2019
SEC Risk Alert Highlights Policy Design and Implementation Failures and Roadmaps Future Enforcement
Apr. 24, 2019
Lessons From FTC's 2018 Privacy and Data Security Update: Enforcement Takeaways
Apr. 10, 2019
Insights From a Former SEC Counsel on Regulating Digital Assets
Apr. 10, 2019
Utah Act Increases Restrictions on Access to Third-Party Data
Apr. 10, 2019
Combatting Privacy Issues Arising From Geolocation Data Use: Five Risk-Mitigation Strategies
Apr. 3, 2019
FCA Evaluates Firms’ Cyber Resilience
Apr. 3, 2019
Combatting Privacy Issues Arising From Geolocation Data Use: Understanding the Legal Landscape
Mar. 20, 2019
COPPA Compliance Lessons Following Musical.ly’s $5.7 Million FTC Settlement
Mar. 20, 2019
Increased Post-Breach Discovery Turns Spotlight on Privilege
Mar. 13, 2019
Takeaways From 2018 COPPA Developments and a Forward-Thinking Approach to Compliance
Feb. 27, 2019
Preserving Privilege in Communications Involving In-House Counsel
Feb. 20, 2019
ACA Aponix-NSCP Cyber Survey Finds Growing Numbers of Security Incidents, Cloud Use and Regulatory Burdens
Feb. 13, 2019
Reducing Risk in the Dawn of Equifax and Other Cyber-Related Securities Fraud Class Actions
Jan. 30, 2019
How Healthcare and Other Industries Can Use the HHS Cybersecurity Practices Guidance
Jan. 9, 2019
FTC Data Security Hearing Examines M&A Cybersecurity Risks and Promoting Better Policies
Dec. 5, 2018
Answers to Four Critical Questions on Privilege in Internal Investigations
Nov. 28, 2018
The Growing Role of State AGs in Privacy Enforcement
Nov. 28, 2018
SEC Officials and the Defense Bar Talk Cybersecurity Enforcement Trends and Takeaways From Recent Cases
Nov. 14, 2018
A Roadmap to Preparing for and Managing a Cyber Investigation
Nov. 7, 2018
How to Improve Risk Analysis in the Wake of the Anthem’s Record Settlement
Oct. 31, 2018
SEC Report on Business Email Compromise Signals That It May Pursue Insufficient Internal Controls Cases
Oct. 24, 2018
Unregistered Crypto Asset Fund Hit With Multiple Securities Laws Violations by SEC
Oct. 10, 2018
Lessons From the SEC’s First Red Flags Rule Settlement
Oct. 3, 2018
Lax Privacy Policies, Security Measures and Vendor Oversight Lead to FTC Settlement for Mobile Phone Manufacturer
Aug. 1, 2018
Staying Current With Geolocation Restrictions
Jul. 25, 2018
Implications of the Supreme Court’s
Carpenter
Decision on the Treatment of Cellphone Location Records
Jul. 18, 2018
What to Expect From California’s Expansive Privacy Legislation
Jul. 11, 2018
Is Encryption Obligatory? HHS Upholds Texas Hospital $4.3M HIPAA Fine
Jun. 20, 2018
Managing Cyber Investigations: A CISO and In-House Counsel Discuss Best Practices for Real-Life Scenarios
Jun. 13, 2018
The Devil Is in the Details:
LabMD
Imposes Limitations on the FTC’s Enforcement Authority
Jun. 6, 2018
Analyzing New and Amended State Breach Notification Laws
May 30, 2018
Understanding the Intersection of Law and Artificial Intelligence
May 9, 2018
How Financial Services Firms Should Structure Their Cybersecurity Programs
May 2, 2018
SEC $35-Million Yahoo Settlement Carries Breach Disclosure Lessons
May 2, 2018
Lessons on Litigation Privilege in Internal Investigations from the U.K.’s
Bilta v. Royal Bank of Scotland
Case
Mar. 28, 2018
FTC Recommends Greater Transparency, Better Recordkeeping and Further Streamlining of Mobile Security Practices
Mar. 14, 2018
How Will the GDPR Affect Due Diligence?
Mar. 14, 2018
FTC Enters Into Stiff Settlement With PayPal for Venmo’s Deceptive Practices, but Eases up on a 2009 Sears Order
Feb. 28, 2018
SEC Confirms Cyber Disclosure Expectations in New Guidance
Feb. 28, 2018
Financial Firms Must Supervise Their IT Providers to Avoid CFTC Enforcement Action
Feb. 28, 2018
FCA Head of Technology Outlines Regulator’s Cybersecurity Expectations and Three Key Lessons
Feb. 14, 2018
NY AG and HHS Flex Regulatory Muscles in Recent Protected Health Information Breach Settlements
Feb. 14, 2018
Lessons and Trends From FTC’s 2017 Privacy and Data Security Update: Workshops and Guidance (Part Two of Two)
Jan. 31, 2018
Lessons and Trends From FTC’s 2017 Privacy and Data Security Update: Enforcement Actions (Part One of Two)
Jan. 31, 2018
Biometric Data Protection Laws and Litigation Strategies (Part One of Two)
Dec. 20, 2017
Effective M&A Contract Drafting and Internal Cyber Diligence and Disclosure
Dec. 20, 2017
SEC Takes Aggressive Action Against Allegedly Fraudulent ICO
Dec. 6, 2017
Online Tax Prep Service TaxSlayer Settles FTC Allegations of Privacy and Security Rules
Dec. 6, 2017
Gathering and Analyzing Compliance Data
Oct. 25, 2017
Privacy Shield Survives First Annual Review
Oct. 25, 2017
Survey Finds Cybersecurity Preparedness of Alternative Asset Managers to be Inadequate Relative to Traditional Asset Managers and Broker-Dealers
Oct. 11, 2017
FTC Launches Stick With Security Series, Adding Detail and Guidance to Its Start With Security Guide (Part Two of Two)
Sep. 27, 2017
FTC Settlements in Privacy Shield Cases and With Lenovo Over Use of “Man-in-the-Middle” Software Highlight Vigorous Enforcement Efforts
Sep. 27, 2017
SEC Hack Will Not Prevent It From Sharpening Cybersecurity Enforcement
Sep. 13, 2017
Focus on Children’s Privacy by FTC and Plaintiffs Calls for Prioritizing COPPA
Sep. 13, 2017
Dispelling Myths About When Attorney-Client Privilege Applies to Communications With In-House Counsel
Sep. 13, 2017
FTC Launches Stick With Security Series, Adding Detail and Guidance to Its Start With Security Guide (Part One of Two)
Aug. 23, 2017
Uber Settlement Highlights Benefits of a Privacy Impact Assessment
Aug. 9, 2017
Nestlé Employee Convictions Highlight Interconnectivity of Chinese Data Privacy and Bribery Laws
Jul. 26, 2017
How the CCO Can Use SEC Guidance to Tackle Cyber Threats
May 31, 2017
Reacting Quickly With a Nimble Incident Response Plan
May 31, 2017
Takeaways From State AGs’ Record-Breaking Target Data Breach Settlement
May 17, 2017
SEC Officials Flesh Out Cybersecurity Enforcement and Examination Priorities (Part Two of Two)
May 3, 2017
SEC Officials Flesh Out Cybersecurity Enforcement and Examination Priorities (Part One of Two)
Apr. 19, 2017
How to Walk the Tightrope of Cooperation and Privilege When Facing Government Investigations and Parallel Litigation
Apr. 19, 2017
Goodbye to the Blame Game: Forging the Connection Between Companies and Law Enforcement in Incident Response
Apr. 5, 2017
Multimillion-Dollar Scheme Serves As Backdrop for Lessons on Preventing and Mitigating Phishing Attacks
Apr. 5, 2017
Data Preservation and Collection During a Government Data Breach Investigation
Apr. 5, 2017
Effective and Compliant Employee Monitoring (Part One of Two)
Apr. 5, 2017
Best Practices for Mitigating Compliance Risks When Investment Advisers Use Social Media
Mar. 22, 2017
Assessing Regulatory Responsibility When Reporting Postmarket Cybersecurity “Corrections” to the FDA
Mar. 8, 2017
Protecting Attorney-Client Privilege and Attorney Work Product While Cooperating With the Government: Implications for Collateral Litigation (Part Three of Three)
Feb. 22, 2017
Protecting Attorney-Client Privilege and Attorney Work Product While Cooperating with the Government: Strategies to Minimize Risks During Cooperation (Part Two of Three)
Feb. 22, 2017
Lessons for Connected Devices From the FTC’s Warning Against Unexpected Data Collection
Feb. 8, 2017
Protecting Attorney-Client Privilege and Attorney Work Product While Cooperating With the Government: Establishing Privilege and Work Product in an Investigation (Part One of Three)
Feb. 8, 2017
Lessons From the Continued Uptick in HIPAA Enforcements
Jan. 25, 2017
FTC Data Security Enforcement Year-In-Review: Do We Know What “Reasonable” Security Is Yet?
Jan. 25, 2017
FINRA Emphasizes the Importance of Proper Electronic Record Storage in Enforcement Actions
Jan. 11, 2017
FTC Priorities for 2017 and Beyond
Dec. 14, 2016
FINRA Lays Out Cyber Expectations in Action Against Broker-Dealer
Nov. 30, 2016
How to Respond to Law Enforcement Demands for Geolocation Data and Data Stored Abroad
Nov. 30, 2016
Attorney-Consultant Privilege? Structuring and Implementing the
Kovel
Arrangement (Part Two of Two)
Nov. 16, 2016
Attorney-Consultant Privilege? Key Considerations for Invoking the
Kovel
Doctrine (Part One of Two)
Nov. 16, 2016
Complying With New Rules as the FCC Forges Its Role in Privacy and Data Security
Nov. 2, 2016
FBI Veteran Discusses Using Law Enforcement’s Cyber Resources to Improve Security and Obtain Board Buy-In
Nov. 2, 2016
Demystifying the FTC’s Reasonableness Requirement in the Context of the NIST Cybersecurity Framework (Part Two of Two)
Oct. 19, 2016
SEC Emphasizes Protecting Information From More Than Just Cyber Threats in Deutsche Bank Case
Oct. 19, 2016
Demystifying the FTC’s Reasonableness Requirement in the Context of the NIST Cybersecurity Framework (Part One of Two)
Oct. 5, 2016
FCA Director Lays Out Cybersecurity Expectations for Financial Services Firms
Sep. 21, 2016
Managing Data Privacy Challenges While Conducting Due Diligence and Investigations in China (Part Two of Two)
Aug. 24, 2016
Takeaways From the FTC’s Revival of the LabMD Action
Aug. 24, 2016
Maximizing the Benefits of Big Data Within Permissible Bounds
Aug. 3, 2016
Key Post-Breach Shareholder Litigation, Disclosure and Insurance Selection Considerations
Aug. 3, 2016
Is Pokémon Go Pushing the Bounds of Mobile App Privacy and Security?
Aug. 3, 2016
Six State Secrets and Data Privacy Considerations in Chinese Internal Investigations
Jul. 6, 2016
Law Enforcement on Cybersecurity Matters: Corporate Friend or Foe? (Part Two of Two)
Jul. 6, 2016
Enforcing Consumer Consent: FTC Focuses on Location Tracking and Children’s Privacy
Jul. 6, 2016
Understanding the Far-Reaching Impact of Chinese State Secrets Laws on Data Flow
Jun. 22, 2016
Assistant Attorney General Leslie Caldwell Addresses the Challenges of Cross-Border Cooperation and Electronic Evidence Gathering
Jun. 22, 2016
Law Enforcement on Cybersecurity Matters: Corporate Friend or Foe? (Part One of Two)
Jun. 22, 2016
How to Avoid Common Mistakes and Manage the First 48 Hours Post-Breach
Jun. 22, 2016
Morgan Stanley Action Signals SEC’s Continued Enforcement of Safeguards Rule
Jun. 8, 2016
Eight Attributes In-House Counsel Look For in Outside Cybersecurity Counsel
Jun. 8, 2016
Securing the Connected Car: Privacy, Security and Self-Regulation
May 25, 2016
Key Considerations for Public Companies for Mitigating and Disclosing Cybersecurity Risks
May 25, 2016
Foreign Attorneys Share Insight on Data Privacy and Privilege in Multinational Investigations
May 11, 2016
SEC Teaches Broker-Dealer a Lesson About Keeping Business Emails Secure
Apr. 27, 2016
A Guide to Developing and Implementing a Successful Cyber Incident Response Plan: From Data Mapping to Evaluation (Part One of Three)
Apr. 27, 2016
Regulators Speak Candidly About Cybersecurity Trends, Priorities and Coordination
Apr. 27, 2016
Mitigating the Risks of Using Social Media in the Workplace
Apr. 13, 2016
Ten Steps to Minimize Data Privacy and Security Risk and Maximize Compliance
Apr. 13, 2016
Securing Connected Medical Devices to Ensure Regulatory Compliance and Customer Safety (Part Two of Two)
Apr. 13, 2016
The Regulators’ View of Best Practices for Social Media and Mobile Apps
Apr. 13, 2016
Picking up the Pieces After a Cyber Attack and Understanding Sources of Liability
Mar. 30, 2016
Securing Connected Medical Devices to Ensure Regulatory Compliance and Customer Safety (Part One of Two)
Mar. 16, 2016
A Behind-the-Curtains View of FTC Security and Privacy Expectations
Mar. 16, 2016
FCC Flexes Its Muscles With Proposed Broadband Privacy Rules and Verizon Settlement
Mar. 16, 2016
CSIS’ James Lewis Discusses Balancing Law Enforcement and Privacy
Mar. 2, 2016
Prosecuting Borderless Cyber Crime Through Proactive Law Enforcement and Private Sector Cooperation
Mar. 2, 2016
Synthesizing Breach Notification Laws in the U.S. and Across the Globe
Feb. 3, 2016
Legal and Regulatory Expectations for Mobile Device Privacy and Security (Part One of Two)
Feb. 3, 2016
The FTC’s Big Data Report Helps Companies Maximize Benefits While Staying Compliant
Feb. 3, 2016
So, You Just Got a Letter From the FTC: A Guide for Attorneys (Part Two of Two)
Jan. 20, 2016
So, You Just Got a Letter From the FTC: A Guide for Attorneys (Part One of Two)
Jan. 20, 2016
Navigating FCA and SEC Cybersecurity Expectations (Part Two of Two)
Jan. 6, 2016
FTC Director Analyzes Its Most Significant 2015 Cyber Cases and Provides a Sneak Peek Into 2016
Jan. 6, 2016
Cybersecurity and Whistleblowing Converge in a New Wave of SEC Activity
Jan. 6, 2016
Navigating FCA and SEC Cybersecurity Expectations (Part One of Two)
Dec. 9, 2015
How the Financial Services Sector Can Meet the Cybersecurity Challenge: A Snapshot of the Regulatory Landscape (Part One of Two)
Dec. 9, 2015
Avoiding Privacy Pitfalls While Using Social Media for Internal Investigations
Dec. 9, 2015
Year-End HIPAA Settlements May Signal More Aggressive Enforcement by HHS
Dec. 9, 2015
Proactive Steps to Protect Your Company in Anticipation of Future Data Security Litigation (Part Two of Two)
Nov. 25, 2015
FTC Loses Its First Data Security Case
Nov. 25, 2015
Proactive Steps to Protect Your Company in Anticipation of Future Data Security Litigation (Part One of Two)
Nov. 25, 2015
FTC Chair Addresses the Agency’s Data Privacy Concerns with Cross-Device Tracking
Nov. 11, 2015
Liability Lessons from Data Breach Enforcement Actions
Nov. 11, 2015
Target
Privilege Decision Delivers Guidance for Post-Data Breach Internal Investigations
Nov. 11, 2015
California Law Enforcement Faces Higher Bar in Acquiring Electronic Information
Sep. 30, 2015
What the OCIE Cybersecurity Risk Alert Means for Investment Advisers and Broker-Dealers
Sep. 30, 2015
Investment Adviser Penalized for Weak Cyber Polices; OCIE Issues Investor Alert
Sep. 16, 2015
Examining Evolving Legal Ethics in the Age of the Cloud, Mobile Devices and Social Media (Part Two of Two)
Sep. 16, 2015
Tackling Cybersecurity and Data Privacy Issues in Mergers and Acquisitions (Part One of Two)
Aug. 26, 2015
FTC Weighs In on the Security of Health Care Data on the Cloud
Aug. 26, 2015
Seeking Solutions to Cross-Border Data Realities
Aug. 26, 2015
In the
Wyndham
Case, the Third Circuit Gives the FTC a Green Light to Regulate Cybersecurity Practices
Aug. 26, 2015
Meeting Expectations for SEC Disclosures of Cybersecurity Risks and Incidents (Part Two of Two)
Aug. 12, 2015
Meeting Expectations for SEC Disclosures of Cybersecurity Risks and Incidents (Part One of Two)
Aug. 12, 2015
Navigating the Evolving Mobile Arena Landscape (Part Two of Two)
Jul. 29, 2015
Analyzing and Complying with Cyber Law from Different Vantage Points (Part Two of Two)
Jul. 15, 2015
Understanding and Mitigating Liability Under the Children’s Online Privacy Protection Act
Jul. 15, 2015
The FTC Asserts Its Jurisdiction and Provides Ten Steps to Enhance Cybersecurity
Jul. 15, 2015
How to Prevent and Manage Ransomware Attacks (Part One of Two)
Jul. 15, 2015
Conflicting Views of Safety, Vulnerability and Privacy Fuel Encryption Debate
Jul. 1, 2015
SEC Commissioner Says Public-Private Partnership Is Key to Effective Cybersecurity
Jul. 1, 2015
What Companies Need to Know About the FCC’s Actions Against Unwanted Calls and Texts
Jul. 1, 2015
Preserving Privilege Before and After a Cybersecurity Incident (Part Two of Two)
Jul. 1, 2015
Cybersecurity and Information Governance Considerations in Mergers and Acquisitions
Jul. 1, 2015
Regulatory Compliance and Practical Elements of Cybersecurity Testing for Fund Managers (Part Two of Two)
Jun. 17, 2015
Preserving Privilege Before and After a Cybersecurity Incident (Part One of Two)
Jun. 17, 2015
In a Candid Conversation, FBI Director James Comey Discusses Cooperation among Domestic and International Cybersecurity Law Enforcement Communities (Part Two of Two)
Jun. 17, 2015
Model Cybersecurity Contract Terms and Guidance for Investment Managers to Manage Their Third-Party Vendors
Jun. 17, 2015
Regulatory Compliance and Practical Elements of Cybersecurity Testing for Fund Managers (Part One of Two)
Jun. 3, 2015
In a Candid Conversation, FBI Director James Comey Talks About the “Evil Layer Cake” of Cybersecurity Threats (Part One of Two)
Jun. 3, 2015
Private and Public Sector Perspectives on Producing Data to the Government
May 20, 2015
After a Cyber Breach, What Laws Are in Play and Who Is Enforcing Them?
May 20, 2015
Weil Gotshal Attorneys Advise on Key Ways to Anticipate and Counter Cyber Threats
May 6, 2015
The SEC’s Updated Cybersecurity Guidance Urges Program Assessments
May 6, 2015
Analyzing and Mitigating Cybersecurity Threats to Investment Managers (Part One of Two)
May 6, 2015
Top Private Practitioners and Public Officials Detail Hot Topics in Cybersecurity and Best Practices for Government Investigations
Apr. 22, 2015
FCC Makes Its Mark on Cybersecurity Enforcement with Record Data Breach Settlement
Apr. 22, 2015
Debunking Cybersecurity Myths and Setting Program Goals for the Financial Services Industry
Apr. 8, 2015
The SEC’s Two Primary Theories in Cybersecurity Enforcement Actions
FTC
FTC
Jan. 15, 2025
Children’s Privacy Grows Up: Examining New Laws That Now Protect Older Teens
Nov. 13, 2024
Unpacking the Second Circuit’s Bombshell VPPA Ruling
Oct. 30, 2024
Emerging Issues in Workplace Privacy: Regulations and Compliance Strategies
Oct. 2, 2024
FTC and State Enforcers Reveal What’s Next and What to Do About It
Sep. 25, 2024
FTC Signals Stricter Children’s Enforcement in NGL Labs Settlement: Compliance Lessons
Sep. 18, 2024
FTC Signals Stricter Children’s Enforcement in NGL Labs Settlement: Key Violations and Settlement Terms
Sep. 4, 2024
Navigating Government Investigations of Privacy Practices
Aug. 7, 2024
How Privacy Efforts Can Boost Revenue
Jul. 17, 2024
Implications of
Loper Bright
: Demise of
Chevron
Deference and Effect on Cyber and Privacy Enforcement
Jun. 12, 2024
Privacy and Data Security Regulators Discuss Enforcement Priorities and Collaborative Efforts
May 22, 2024
How the FTC Non‑Compete Ban Could Impact CPOs, CCOs and Other Top Executives
May 8, 2024
Takeaways From FTC’s Orders Targeting Digital Health Companies
Apr. 17, 2024
AI Governance Strategies for Privacy Pros
Mar. 20, 2024
Court Hands FTC Grounds to Curb Data Broker Sales
Feb. 28, 2024
Data Retention and Destruction Lessons From FTC’s Blackbaud Case
Feb. 28, 2024
Legal and Ethical Issues in Use of Biometrics: FIDO, Identity-Proofing and Other Options
Feb. 21, 2024
Legal and Ethical Issues in Use of Biometrics: Modality Selection, Implementation and State Laws
Feb. 14, 2024
Mitigating CISO Personal Liability Post-SolarWinds
Feb. 14, 2024
Financial Services 2024 Privacy, Cybersecurity and AI Regulation Overview
Jan. 31, 2024
FTC’s Rite Aid Order: Expanded Algorithm Disgorgement and a Compliance Roadmap
Jan. 24, 2024
FTC’s Rite Aid Order: A Strong Message to Users of Biometrics and AI
Jan. 10, 2024
How Companies Can Identify and Prevent Unlawful Dark Patterns
Jan. 3, 2024
Complying With the FTC’s Amended Safeguards Rule’s New Reporting Requirement
Sep. 27, 2023
Changes Brewing for Enforceability of Non‑Compete Provisions
Aug. 2, 2023
Navigating Evolving Data Breach Litigation and Regulatory Risks
Jun. 21, 2023
Xbox and Alexa COPPA Case Lessons: Avatars, Biometrics and Other New Expectations
Jun. 14, 2023
Xbox and Alexa COPPA Case Lessons: Negotiating With the FTC Over Algorithms and Remedies
May 17, 2023
Meta and Epic Cases Show FTC Toughening Its Children’s Privacy Enforcement
Apr. 5, 2023
Website-Tracking Lawsuits: Takeaways From New Dismissals of Wiretap Claims
Mar. 29, 2023
Website-Tracking Lawsuits: A Guide to New Video Privacy Decisions Starring PBS and People.com
Mar. 29, 2023
FTC’s BetterHelp Case Prescribes Stronger Privacy Practices
Mar. 8, 2023
What Employers Should Know About the FTC’s Proposed Ban on Non-Compete Provisions
Jan. 18, 2023
Scrutiny Over Dark Patterns Presents Further Challenges in Online Contracting
Jan. 4, 2023
FTC and $391-Million State AG Case Put Location Data Enforcement on the Map
Dec. 14, 2022
Recent FTC Cases Highlight Evolving Regulatory Expectations in the Use of Multi-Factor Authentication
Nov. 30, 2022
Understanding and Implementing Privacy Audits
Nov. 30, 2022
FTC’s Drizly Case Shows Regulators Are Ready to Police Data’s Expiration Dates
Jun. 22, 2022
Learning From Twitter’s $150-Million Privacy Disclosure Mistakes
Jun. 15, 2022
Privacy and Security Regulators Discuss New Enforcement Proposals and Compliance Best Practices
May 18, 2022
TV Privacy: Can Old Remotes Handle New Consent Requirements?
Apr. 20, 2022
FTC’s Khan and Phillips Deliver Views on Future of Data Privacy Enforcement
Feb. 16, 2022
The Privacy and Antitrust Paradox in the Age of Data
Jan. 19, 2022
Privacy Resolutions for 2022
Dec. 01, 2021
FTC Sets Wheels in Motion for a Broad Privacy Rule Restricting Data Collection
Nov. 17, 2021
How Financial Institutions Should Strengthen Their Data Security to Comply With FTC’s Updated Safeguards Rule
Sep. 8, 2021
What to Expect From the FCC and FTC Under the Biden Administration
Aug. 11, 2021
Evaluating Privacy and Cybersecurity Risks In Emerging Technology Transactions: Biometrics, Fintech and Cryptocurrency
Jul. 21, 2021
Shedding Light on Dark Patterns: What Financial Institutions Need to Know
Jun. 9, 2021
State AGs Share Breach Notification Tips and Latest Enforcement Concerns
Mar. 31, 2021
How Do You Put a System of Controls in Place When Your Target Keeps Moving?
Mar. 3, 2021
Six Ways to Address Privacy Concerns in Biometric Vendor Contracts
Jan. 20, 2021
Privacy Resolutions for 2021
Sep. 30, 2020
Learning From the “Holes” in Dunkin’s Security to Mitigate Brute-Force Attacks
May 20, 2020
FTC and ICO Commissioners Discuss the Problems With Pandemic Tech and Their Enforcement Approaches
May 20, 2020
How to Facilitate a Safe and Privacy Compliant Return to Work: Policies and Protocols
May 13, 2020
How to Facilitate a Safe and Privacy Compliant Return to Work: Laws and Guidance
Apr. 15, 2020
Takeaways From Former FTC Officials on 2019 Enforcement Actions: Data Security Guidance and Enforcement Predictions
Apr. 8, 2020
Takeaways From Former FTC Officials on the Commission’s 2019 Enforcement: General, Financial and Children’s Privacy
Feb. 5, 2020
Defining, Implementing and Documenting “Reasonable Security”
Jan. 8, 2020
Eight Data Security Best Practices Revealed by Recent AG and FTC Enforcement Actions
Dec. 18, 2019
FTC Spyware Takedown Highlights Employee Monitoring Privacy Shifts
Dec. 18, 2019
A New Norm: Prescriptive FTC Settlement With InfoTrax Addresses Reasonable Security Measures
Sep. 25, 2019
Vulnerability Disclosure Policies: A Cost-Effective Best Practice for Cybersecurity
Sep. 18, 2019
Far-Reaching Google and YouTube Settlement Offers COPPA Compliance Lessons
Sep. 11, 2019
Lessons From Equifax on How to Mitigate Post-Breach Legal Liability
Aug. 7, 2019
How Facebook’s $5-Billion FTC Settlement Is Shaping Compliance Expectations
Jul. 31, 2019
Learning From the Equifax Settlement
Jul. 24, 2019
Equifax and Facebook Settlements Overshadow More Routine FTC Summer Settlements
May 8, 2019
Lessons From FTC 2018 Privacy and Data Security Update: Hearings, Reports and 2019 Predictions
May 1, 2019
Lessons From FTC 2018 Privacy and Data Security Update: Financial Privacy, COPPA and International Enforcement
Apr. 24, 2019
Lessons From FTC's 2018 Privacy and Data Security Update: Enforcement Takeaways
Apr. 10, 2019
Combatting Privacy Issues Arising From Geolocation Data Use: Five Risk-Mitigation Strategies
Apr. 3, 2019
Combatting Privacy Issues Arising From Geolocation Data Use: Understanding the Legal Landscape
Mar. 20, 2019
COPPA Compliance Lessons Following Musical.ly’s $5.7 Million FTC Settlement
Mar. 13, 2019
Takeaways From 2018 COPPA Developments and a Forward-Thinking Approach to Compliance
Jan. 9, 2019
FTC Data Security Hearing Examines M&A Cybersecurity Risks and Promoting Better Policies
Oct. 3, 2018
Lax Privacy Policies, Security Measures and Vendor Oversight Lead to FTC Settlement for Mobile Phone Manufacturer
Aug. 1, 2018
Staying Current With Geolocation Restrictions
Jun. 13, 2018
The Devil Is in the Details:
LabMD
Imposes Limitations on the FTC’s Enforcement Authority
May 30, 2018
Understanding the Intersection of Law and Artificial Intelligence
Mar. 28, 2018
FTC Recommends Greater Transparency, Better Recordkeeping and Further Streamlining of Mobile Security Practices
Mar. 14, 2018
FTC Enters Into Stiff Settlement With PayPal for Venmo’s Deceptive Practices, but Eases up on a 2009 Sears Order
Feb. 14, 2018
Lessons and Trends From FTC’s 2017 Privacy and Data Security Update: Workshops and Guidance (Part Two of Two)
Jan. 31, 2018
Lessons and Trends From FTC’s 2017 Privacy and Data Security Update: Enforcement Actions (Part One of Two)
Dec. 6, 2017
Online Tax Prep Service TaxSlayer Settles FTC Allegations of Privacy and Security Rules
Oct. 25, 2017
Privacy Shield Survives First Annual Review
Oct. 11, 2017
FTC Launches Stick With Security Series, Adding Detail and Guidance to Its Start With Security Guide (Part Two of Two)
Sep. 27, 2017
FTC Settlements in Privacy Shield Cases and With Lenovo Over Use of “Man-in-the-Middle” Software Highlight Vigorous Enforcement Efforts
Sep. 13, 2017
Focus on Children’s Privacy by FTC and Plaintiffs Calls for Prioritizing COPPA
Sep. 13, 2017
FTC Launches Stick With Security Series, Adding Detail and Guidance to Its Start With Security Guide (Part One of Two)
Aug. 23, 2017
Uber Settlement Highlights Benefits of a Privacy Impact Assessment
Feb. 22, 2017
Lessons for Connected Devices From the FTC’s Warning Against Unexpected Data Collection
Jan. 25, 2017
FTC Data Security Enforcement Year-In-Review: Do We Know What “Reasonable” Security Is Yet?
Jan. 11, 2017
FTC Priorities for 2017 and Beyond
Jan. 11, 2017
Privacy, Security Risks and Applicable Regulatory Regimes of Smart TVs
Nov. 2, 2016
Demystifying the FTC’s Reasonableness Requirement in the Context of the NIST Cybersecurity Framework (Part Two of Two)
Oct. 19, 2016
Demystifying the FTC’s Reasonableness Requirement in the Context of the NIST Cybersecurity Framework (Part One of Two)
Aug. 24, 2016
Takeaways From the FTC’s Revival of the LabMD Action
Aug. 24, 2016
Maximizing the Benefits of Big Data Within Permissible Bounds
Aug. 3, 2016
Is Pokémon Go Pushing the Bounds of Mobile App Privacy and Security?
Jul. 6, 2016
Enforcing Consumer Consent: FTC Focuses on Location Tracking and Children’s Privacy
Jun. 8, 2016
Securing the Connected Car: Privacy, Security and Self-Regulation
Apr. 27, 2016
Mitigating the Risks of Using Social Media in the Workplace
Apr. 13, 2016
Ten Steps to Minimize Data Privacy and Security Risk and Maximize Compliance
Apr. 13, 2016
Picking up the Pieces After a Cyber Attack and Understanding Sources of Liability
Mar. 16, 2016
A Behind-the-Curtains View of FTC Security and Privacy Expectations
Feb. 3, 2016
The FTC’s Big Data Report Helps Companies Maximize Benefits While Staying Compliant
Feb. 3, 2016
So, You Just Got a Letter From the FTC: A Guide for Attorneys (Part Two of Two)
Feb. 3, 2016
Legal and Regulatory Expectations for Mobile Device Privacy and Security (Part One of Two)
Jan. 20, 2016
So, You Just Got a Letter From the FTC: A Guide for Attorneys (Part One of Two)
Jan. 6, 2016
FTC Director Analyzes Its Most Significant 2015 Cyber Cases and Provides a Sneak Peek Into 2016
Nov. 25, 2015
Proactive Steps to Protect Your Company in Anticipation of Future Data Security Litigation (Part One of Two)
Nov. 25, 2015
FTC Loses Its First Data Security Case
Nov. 25, 2015
FTC Chair Addresses the Agency’s Data Privacy Concerns with Cross-Device Tracking
Nov. 11, 2015
Liability Lessons from Data Breach Enforcement Actions
Oct. 28, 2015
Federal Courts Offer a Modern Interpretation of the VHS-Era Video Privacy Protection Act
Sep. 16, 2015
Tackling Cybersecurity and Data Privacy Issues in Mergers and Acquisitions (Part One of Two)
Aug. 26, 2015
In the
Wyndham
Case, the Third Circuit Gives the FTC a Green Light to Regulate Cybersecurity Practices
Aug. 26, 2015
FTC Weighs In on the Security of Health Care Data on the Cloud
Aug. 12, 2015
Navigating the Evolving Mobile Arena Landscape (Part Two of Two)
Jul. 15, 2015
Understanding and Mitigating Liability Under the Children’s Online Privacy Protection Act
Jul. 15, 2015
The FTC Asserts Its Jurisdiction and Provides Ten Steps to Enhance Cybersecurity
DOJ
DOJ
Dec. 11, 2024
DOJ’s 2024 Edits to the ECCP: Speaking Up, Compliance Resources and Lessons Learned
Nov. 20, 2024
DOJ’s 2024 Edits to the ECCP: Data Analytics to Find Risks and Measure Effectiveness
Nov. 6, 2024
DOJ’s 2024 Edits to the ECCP: Some History and AI Expectations
Oct. 30, 2024
What to Know (and Do) About DOJ’s Efforts to Identify and Prosecute Cybersecurity Fraud Under the False Claims Act
Oct. 16, 2024
Meeting DOJ Expectations Post-Resolution Requires Realism and Accountability
Oct. 9, 2024
What CCOs Should Know About the DOJ’s Efforts to Curtail Criminal Use of AI
Jul. 17, 2024
Thoughts From DOJ Experts on Using Data Analytics to Strengthen Compliance Programs
Apr. 3, 2024
Crafting Effective Mobile Device Policies to Satisfy Regulatory Expectations
Mar. 13, 2024
Fostering Collaboration and Communication Between Security and Compliance
Feb. 14, 2024
Mitigating CISO Personal Liability Post-SolarWinds
Feb. 7, 2024
Binance’s $4.3‑Billion Criminal Resolution Raises Questions on Crypto Guidance
Nov. 1, 2023
Compliance Challenges in Records Management
Oct. 18, 2023
Current and Former Enforcement Staffs’ Tips for Litigating Against the SEC
Dec. 7, 2022
Google Settlement Shows DOJ's Increased Focus on Data Preservation
Nov. 16, 2022
Ransomware Evolution: Government Efforts and Cyber Insurance
Nov. 9, 2022
Ransomware Evolution: Growing Threats and Response Considerations
Nov. 9, 2022
Lessons From the Conviction of Uber’s Former CISO
Nov. 2, 2022
Revised Monaco Memo Affects Compensation, Clawbacks and Monitorships
Oct. 12, 2022
How the Revised Monaco Memo Alters Deal Making and Strategy
Oct. 5, 2022
A PR Blitz as DOJ Fine-Tunes Its Corporate Enforcement Policies
Jun. 8, 2022
Revised DOJ Guidance Clarifies Liability Protections for Good-Faith Security Research
Mar. 23, 2022
Implications of DOJ’s Pursuit of the Crypto-Laundering Couple
Mar. 2, 2022
Prioritizing Public-Private Partnerships in an Increasingly Complex Regulatory Environment
Dec. 2, 2020
How CCOs Can Avoid Personal Liability for an Organization’s Compliance Failures
Apr. 8, 2020
DOJ Guidance on How Companies Should Pursue Stolen Data on the Dark Web
Oct. 9, 2019
DOJ Spotlights Emerging Issues and Protection Strategies Around Business Email Compromise Attacks
Apr. 10, 2019
Utah Act Increases Restrictions on Access to Third-Party Data
Apr. 5, 2017
Multimillion-Dollar Scheme Serves As Backdrop for Lessons on Preventing and Mitigating Phishing Attacks
Jul. 6, 2016
Law Enforcement on Cybersecurity Matters: Corporate Friend or Foe? (Part Two of Two)
Jun. 22, 2016
Assistant Attorney General Leslie Caldwell Addresses the Challenges of Cross-Border Cooperation and Electronic Evidence Gathering
May 6, 2015
Top Private Practitioners and Public Officials Detail Hot Topics in Cybersecurity and Best Practices for Government Investigations
FBI
FBI
Jan. 24, 2024
Emerging Cyber Threats and Defenses
Mar. 2, 2022
Prioritizing Public-Private Partnerships in an Increasingly Complex Regulatory Environment
Feb. 17, 2021
Wray Highlights Benefits of FBI Coordination With Public and Private Sectors
May 6, 2020
Managing Ransomware’s Mutation Into a Public Data Breach
Oct. 9, 2019
DOJ Spotlights Emerging Issues and Protection Strategies Around Business Email Compromise Attacks
Apr. 10, 2019
Utah Act Increases Restrictions on Access to Third-Party Data
Jul. 25, 2018
Implications of the Supreme Court’s
Carpenter
Decision on the Treatment of Cellphone Location Records
Apr. 19, 2017
Goodbye to the Blame Game: Forging the Connection Between Companies and Law Enforcement in Incident Response
Nov. 2, 2016
FBI Veteran Discusses Using Law Enforcement’s Cyber Resources to Improve Security and Obtain Board Buy-In
Jul. 6, 2016
Law Enforcement on Cybersecurity Matters: Corporate Friend or Foe? (Part Two of Two)
Mar. 16, 2016
CSIS’ James Lewis Discusses Balancing Law Enforcement and Privacy
Mar. 2, 2016
Prosecuting Borderless Cyber Crime Through Proactive Law Enforcement and Private Sector Cooperation
Jul. 15, 2015
How to Prevent and Manage Ransomware Attacks (Part One of Two)
Jul. 15, 2015
Conflicting Views of Safety, Vulnerability and Privacy Fuel Encryption Debate
Jun. 17, 2015
In a Candid Conversation, FBI Director James Comey Discusses Cooperation among Domestic and International Cybersecurity Law Enforcement Communities (Part Two of Two)
Jun. 3, 2015
In a Candid Conversation, FBI Director James Comey Talks About the “Evil Layer Cake” of Cybersecurity Threats (Part One of Two)
FCC
FCC
Jul. 17, 2024
FCC Forfeiture Orders Underline Need for Vigilance on Geolocation Sharing
Sep. 8, 2021
What to Expect From the FCC and FTC Under the Biden Administration
Apr. 21, 2021
Supreme Court’s Facebook Decision Narrows Applicability of the TCPA, but Companies Are Not Home Free
Nov. 16, 2016
Complying With New Rules as the FCC Forges Its Role in Privacy and Data Security
Apr. 27, 2016
Regulators Speak Candidly About Cybersecurity Trends, Priorities and Coordination
Mar. 16, 2016
FCC Flexes Its Muscles With Proposed Broadband Privacy Rules and Verizon Settlement
Feb. 3, 2016
Legal and Regulatory Expectations for Mobile Device Privacy and Security (Part One of Two)
Jan. 6, 2016
FTC Director Analyzes Its Most Significant 2015 Cyber Cases and Provides a Sneak Peek Into 2016
Jul. 1, 2015
What Companies Need to Know About the FCC’s Actions Against Unwanted Calls and Texts
May 20, 2015
After a Cyber Breach, What Laws Are in Play and Who Is Enforcing Them?
Apr. 22, 2015
FCC Makes Its Mark on Cybersecurity Enforcement with Record Data Breach Settlement
HHS
HHS
May 8, 2024
Takeaways From FTC’s Orders Targeting Digital Health Companies
Aug. 9, 2023
Key Legal and Business Issues in AI-Related Contracts
Mar. 29, 2023
FTC’s BetterHelp Case Prescribes Stronger Privacy Practices
Oct. 26, 2022
Navigating the Interplay of Breach Response and Breach Notification
Jul. 21, 2021
Vaccines and Testing in the Post-Pandemic Workplace: Answers to the Tough Questions
Jul. 14, 2021
Vaccines and Testing in the Post-Pandemic Workplace: Understanding the Legal Framework and Making a Balanced Plan
Jan. 30, 2019
How Healthcare and Other Industries Can Use the HHS Cybersecurity Practices Guidance
Jan. 9, 2019
FTC Data Security Hearing Examines M&A Cybersecurity Risks and Promoting Better Policies
Nov. 7, 2018
How to Improve Risk Analysis in the Wake of the Anthem’s Record Settlement
Sep. 12, 2018
Colorado’s Revised Cybersecurity Law Clarifies and Strengthens Existing Requirements
Aug. 8, 2018
Essential Cyber, Tech and Privacy M&A Due Diligence Considerations
Jul. 11, 2018
Is Encryption Obligatory? HHS Upholds Texas Hospital $4.3M HIPAA Fine
Feb. 14, 2018
NY AG and HHS Flex Regulatory Muscles in Recent Protected Health Information Breach Settlements
Oct. 14, 2015
Privacy and Data Security Considerations for Life Sciences and Health Technology Companies (Part One of Two)
Jun. 3, 2015
Navigating Data Breaches and Regulatory Compliance for Employee Benefit Plans
Feb. 8, 2017
Lessons From the Continued Uptick in HIPAA Enforcements
Mar. 30, 2016
Securing Connected Medical Devices to Ensure Regulatory Compliance and Customer Safety (Part One of Two)
Feb. 17, 2016
HIPAA Privacy Rule Permits Disclosures to Firearm Background Check System
Dec. 9, 2015
Year-End HIPAA Settlements May Signal More Aggressive Enforcement by HHS
Nov. 11, 2015
What Companies Can Learn from Cybersecurity Resources in Pittsburgh
Oct. 28, 2015
Privacy and Data Security Considerations for Life Sciences and Health Technology Companies (Part Two of Two)
Aug. 26, 2015
FTC Weighs In on the Security of Health Care Data on the Cloud
May 20, 2015
After a Cyber Breach, What Laws Are in Play and Who Is Enforcing Them?
Apr. 22, 2015
Steps to Take Following a Healthcare Data Breach
SEC
SEC
Dec. 18, 2024
SEC Stresses Cybersecurity, AI and Crypto in Its 2025 Exam Priorities
Dec. 4, 2024
SEC Charges Four Companies for Misleading Cyber Incident Disclosures: Lessons on Contents and Procedures
Nov. 20, 2024
SEC Charges Four Companies for Misleading Cyber Incident Disclosures: New Expectations?
Oct. 23, 2024
Answers to Six Key Questions About How Enforcers View Gatekeepers
Oct. 16, 2024
Meeting DOJ Expectations Post-Resolution Requires Realism and Accountability
Oct. 9, 2024
Emojis and Video Communications: Compliance Practices to Overcome Recordkeeping Challenges
Oct. 2, 2024
Emojis and Video Communications: The Next Frontier of SEC Scrutiny?
Sep. 18, 2024
SEC Penalizes Adviser for Failing to Preserve Off-Channel Communications
Sep. 11, 2024
CrowdStrike Outage: A Test of Form PF Current Report Procedures
Sep. 4, 2024
Navigating Government Investigations of Privacy Practices
Aug. 14, 2024
SolarWinds
Decision: Practical Takeaways for Cyber Communications
Aug. 7, 2024
Jarkesy
and
Loper
: Bombshells or Busts?
Aug. 7, 2024
SolarWinds
Decision: Court Narrows Case, but SEC’s Surviving Claims Alarm CISOs
Jul. 31, 2024
Challenges, Risks and Future of the CISO Role
Jul. 24, 2024
Implications of
Loper Bright
: Impacts on Congress, Courts and Agencies
Jul. 24, 2024
What Regulated Companies Need to Know About the SEC’s Final Amendments to Regulation S‑P
Jul. 17, 2024
Thoughts From DOJ Experts on Using Data Analytics to Strengthen Compliance Programs
Jul. 17, 2024
Implications of
Loper Bright
: Demise of
Chevron
Deference and Effect on Cyber and Privacy Enforcement
Jul. 10, 2024
Key Implications and Practical Cyber Program Lessons From SEC’s R.R. Donnelley Settlement
Jul. 10, 2024
A Framework for Materiality Determinations Under SEC’s Cyber Incident Disclosure Rules
May 29, 2024
Testing Is an Integral Component of Compliance Programs
May 22, 2024
SEC Enforcement Actions Target “AI Washing”
May 8, 2024
Survey Finds Cybersecurity Budgets Rising and Increased Incident Response Confidence
May 1, 2024
Navigating Ransomware’s Challenges
May 1, 2024
Off-Channel Communications Are Not the Only Source of Electronic Recordkeeping Violations
Apr. 24, 2024
Common Law Fraud and
SEC v. Jarkesy
: The Key Issue Underlying the Questions Presented
Apr. 10, 2024
Latest SEC Sweep of Off‑Channel Communications Both Befuddles and Turns Up the Heat on Investment Advisers
Apr. 3, 2024
Crafting Effective Mobile Device Policies to Satisfy Regulatory Expectations
Mar. 27, 2024
SEC’s 2024 Regulatory Focus
Mar. 13, 2024
Forecasting Potential Outcomes in
SEC v. Jarkesy
Based on Recent Oral Arguments
Feb. 14, 2024
Mitigating CISO Personal Liability Post-SolarWinds
Feb. 14, 2024
Financial Services 2024 Privacy, Cybersecurity and AI Regulation Overview
Jan. 17, 2024
2024 SEC Examination Priorities: New Approaches to Old Areas of Concern
Jan. 3, 2024
SEC Director Offers Clarification on New Cyber Disclosure Regime
Dec. 13, 2023
A 2023 Cyber Regulation Look-Back and 2024 Risk-Management Strategies
Dec. 6, 2023
U.K. Penalizes Morgan Stanley for Lax Electronic Communications Practices
Nov. 15, 2023
Navigating SEC Cybersecurity Enforcement in a Post-SolarWinds World
Nov. 1, 2023
Compliance Challenges in Records Management
Oct. 18, 2023
Current and Former Enforcement Staffs’ Tips for Litigating Against the SEC
Oct. 11, 2023
Former SEC Officials Discuss Aggressive Enforcement Climate
Sep. 20, 2023
SEC and CFTC Continue to Penalize Firms for Electronic Communications Recordkeeping Violations
Sep. 6, 2023
Navigating the SEC’s Newly Adopted Cybersecurity Disclosure and Controls Regime
Aug. 16, 2023
Recent Developments in SEC, DOJ and Civil Litigation Efforts Targeting Off-Channel Electronic Communications
Aug. 2, 2023
Navigating Evolving Data Breach Litigation and Regulatory Risks
Jul. 12, 2023
SEC Remains Focused on Off-Channel Communications
Jun. 28, 2023
SEC Steps Up Enforcement Actions Against Cryptocurrencies
Jun. 21, 2023
Agency Power and Adjudication: The
Government Seeks Supreme Court Review of
Jarkesy v. SEC
Jun. 14, 2023
Messaging Apps Come Under Increasing Regulatory Scrutiny
May 31, 2023
How CPOs Communicate Privacy’s Value to the Board
May 31, 2023
How to Navigate the Rough Waters and Turning Tides of U.S. States’ Anti-ESG Movement and Europe’s Pro-ESG Measures (Part Two of Two)
May 17, 2023
Practical Steps to Take Based on SEC’s Proposed Cybersecurity Risk Management Rule for Investment Advisers
May 17, 2023
Understanding Cyberattacks on Digital Asset Platforms
May 10, 2023
Making Sense of Evolving Regulations, Recent Enforcement Efforts and Antitrust Claims as to ESG Investing in the U.S. and E.U. (Part One of Two)
May 10, 2023
Supreme Court: District Courts Have Jurisdiction to Hear Constitutional Challenges to ALJ Regimes
Mar. 15, 2023
SEC Modernizes Broker-Dealer Electronic Recordkeeping Rules
Jan. 18, 2023
Electronic Communications, Cooperation Standards and Other Emerging Trends in the SEC’s Oversight of Private Funds
Sep. 21, 2022
Trio of Settled Enforcement Actions Highlights SEC Concerns About Identity Theft Policies and Procedures
Aug. 17, 2022
The SEC’s 2022 Reg Flex Agendas: Major Proposals and Ambitious Timelines
Aug. 17, 2022
SEC Cyber Rules: How to Prepare for the New 10-K Disclosure Mandates
Aug. 10, 2022
SEC Cyber Rules: How to Prepare for the New 8-K Incident Mandate
Jun. 29, 2022
Present and Former SEC Officials Discuss the Commission’s Latest Examination and Enforcement Tactics and Priorities
Jun. 22, 2022
Fifth Circuit Decision Could Hamstring SEC Enforcement Abilities
Jun. 15, 2022
Privacy and Security Regulators Discuss New Enforcement Proposals and Compliance Best Practices
Apr. 27, 2022
SEC Proposes Cyber Risk Management Rules for Advisers
Apr. 6, 2022
Takeaways From the SEC’s Enhanced Cybersecurity Disclosure Regime for Public Companies
Mar. 9, 2022
A Look at the NSCP’s Firm and CCO Liability Framework
Mar. 9, 2022
Examining the Burdens and Benefits of a Remote Regulatory Environment
Mar. 2, 2022
Prioritizing Public-Private Partnerships in an Increasingly Complex Regulatory Environment
Feb. 2, 2022
Gensler Discusses the SEC’s Cyber Priorities
Jan. 26, 2022
Personal Liability and Compliance Resourcing Are Top Concerns Among CCOs, Surveys Show
Jan. 12, 2022
SEC Chair Gensler’s Stance on Three Key Disclosure Areas and the Role of Individual Accountability in Enforcement Actions
Oct. 6, 2021
Fund Managers Must Ensure Adequate Security Measures Under Safeguards Rule or Risk SEC Enforcement Action
Sep. 29, 2021
Value of Sponsors Implementing Portfolio Monitoring Models for ESG and Cybersecurity Issues
Sep. 29, 2021
SEC Cybersecurity Disclosure Enforcement Heats Up: Best Practices
Sep. 22, 2021
SEC Cybersecurity Disclosure Enforcement Heats Up: Recent Developments
Sep. 8, 2021
Electronic Communications: Useful Training Techniques and Policies and Procedures to Adopt
Aug. 18, 2021
Electronic Communications: Current Technological Landscape and Relevant Regulatory Measures
Jul. 28, 2021
Incident Response in the Financial Services Industry
Jun. 9, 2021
Post-COVID Compliance Strategies: White Collar Investigations and Enforcement
Dec. 2, 2020
How CCOs Can Avoid Personal Liability for an Organization’s Compliance Failures
Nov. 18, 2020
SEC Commissioner Peirce Shares Views on Personal Liability for CCOs
Jul. 15, 2020
Business Continuity Planning: How to Update a BCP With Lessons Learned From the Pandemic
Jun. 10, 2020
Are You Prepared for OCIE’s Sweep of Business Continuity Plans and Coronavirus Actions?
Apr. 29, 2020
Understanding Insider Trading Based on Data Breaches Amidst Heightened Regulatory Scrutiny
Apr. 15, 2020
Six Ways to Be Prepared for the SEC’s Focus on Cybersecurity and Resiliency
Mar. 18, 2020
Business Considerations for Responding to the Coronavirus Outbreak
Mar. 4, 2020
Safeguards for Proper Disposal of Hardware: Effective Inventories, Policies and Due Diligence
Feb. 26, 2020
Safeguards for Proper Disposal of Hardware: Risks and Examiner Expectations
Jan. 8, 2020
Present and Former Regulators Discuss Current SEC and NFA Examination and Enforcement Environment
Nov. 20, 2019
Present and Former SEC Attorneys and Defense Counsel Discuss Cyber Disclosure and Cyber Enforcement
Nov. 13, 2019
Updating Cyber Policies to Align With Recent SEC Exams and Guidance
Aug. 21, 2019
Facebook’s $100-Million Privacy and Security Disclosure Mistakes
Aug. 7, 2019
Lessons From SDNY Ruling on How to Preserve Privileged Communications With Attorney Consultants
Jun. 26, 2019
Preparing for the Latest SEC Cyber Sweeps
May 22, 2019
Court Reconsiders November 2018 Order and Issues Preliminary Injunction Against ICO
Apr. 24, 2019
SEC Risk Alert Highlights Policy Design and Implementation Failures and Roadmaps Future Enforcement
Apr. 10, 2019
Insights From a Former SEC Counsel on Regulating Digital Assets
Feb. 20, 2019
ACA Aponix-NSCP Cyber Survey Finds Growing Numbers of Security Incidents, Cloud Use and Regulatory Burdens
Feb. 13, 2019
Reducing Risk in the Dawn of Equifax and Other Cyber-Related Securities Fraud Class Actions
Nov. 28, 2018
SEC Officials and the Defense Bar Talk Cybersecurity Enforcement Trends and Takeaways From Recent Cases
Oct. 31, 2018
SEC Report on Business Email Compromise Signals That It May Pursue Insufficient Internal Controls Cases
Oct. 24, 2018
Unregistered Crypto Asset Fund Hit With Multiple Securities Laws Violations by SEC
Oct. 10, 2018
Lessons From the SEC’s First Red Flags Rule Settlement
May 9, 2018
How Financial Services Firms Should Structure Their Cybersecurity Programs
May 2, 2018
SEC $35-Million Yahoo Settlement Carries Breach Disclosure Lessons
Feb. 28, 2018
SEC Confirms Cyber Disclosure Expectations in New Guidance
Dec. 20, 2017
SEC Takes Aggressive Action Against Allegedly Fraudulent ICO
Dec. 20, 2017
Effective M&A Contract Drafting and Internal Cyber Diligence and Disclosure
Oct. 25, 2017
Survey Finds Cybersecurity Preparedness of Alternative Asset Managers to be Inadequate Relative to Traditional Asset Managers and Broker-Dealers
Sep. 27, 2017
SEC Hack Will Not Prevent It From Sharpening Cybersecurity Enforcement
Jul. 26, 2017
How the CCO Can Use SEC Guidance to Tackle Cyber Threats
May 17, 2017
SEC Officials Flesh Out Cybersecurity Enforcement and Examination Priorities (Part Two of Two)
May 3, 2017
SEC Officials Flesh Out Cybersecurity Enforcement and Examination Priorities (Part One of Two)
Apr. 5, 2017
Best Practices for Mitigating Compliance Risks When Investment Advisers Use Social Media
Oct. 19, 2016
SEC Emphasizes Protecting Information From More Than Just Cyber Threats in Deutsche Bank Case
Aug. 24, 2016
Maximizing the Benefits of Big Data Within Permissible Bounds
Aug. 3, 2016
Key Post-Breach Shareholder Litigation, Disclosure and Insurance Selection Considerations
Jun. 22, 2016
Morgan Stanley Action Signals SEC’s Continued Enforcement of Safeguards Rule
May 25, 2016
Key Considerations for Public Companies for Mitigating and Disclosing Cybersecurity Risks
Mar. 2, 2016
Synthesizing Breach Notification Laws in the U.S. and Across the Globe
Jan. 20, 2016
Navigating FCA and SEC Cybersecurity Expectations (Part Two of Two)
Jan. 6, 2016
Cybersecurity and Whistleblowing Converge in a New Wave of SEC Activity
Aug. 26, 2015
Meeting Expectations for SEC Disclosures of Cybersecurity Risks and Incidents (Part Two of Two)
Aug. 12, 2015
Meeting Expectations for SEC Disclosures of Cybersecurity Risks and Incidents (Part One of Two)
Jul. 1, 2015
Cybersecurity and Information Governance Considerations in Mergers and Acquisitions
Jul. 1, 2015
Regulatory Compliance and Practical Elements of Cybersecurity Testing for Fund Managers (Part Two of Two)
Jun. 17, 2015
Regulatory Compliance and Practical Elements of Cybersecurity Testing for Fund Managers (Part One of Two)
Jun. 17, 2015
Model Cybersecurity Contract Terms and Guidance for Investment Managers to Manage Their Third-Party Vendors
May 20, 2015
After a Cyber Breach, What Laws Are in Play and Who Is Enforcing Them?
May 20, 2015
Weil Gotshal Attorneys Advise on Key Ways to Anticipate and Counter Cyber Threats
May 6, 2015
The SEC’s Updated Cybersecurity Guidance Urges Program Assessments
May 6, 2015
Analyzing and Mitigating Cybersecurity Threats to Investment Managers (Part One of Two)
Apr. 22, 2015
Debunking Cybersecurity Myths and Setting Program Goals for the Financial Services Industry
Apr. 8, 2015
The SEC’s Two Primary Theories in Cybersecurity Enforcement Actions
U.S. States
U.S. States
Jan. 15, 2025
Navigating Ever-Increasing State AI Laws and Regulations
Jan. 15, 2025
Children’s Privacy Grows Up: Examining New Laws That Now Protect Older Teens
Dec. 11, 2024
Preparing for U.S. State Law Privacy Compliance in 2025
Dec. 11, 2024
Deciphering the New CPPA Proposed Regulations for Data Brokers
Oct. 30, 2024
Emerging Issues in Workplace Privacy: Regulations and Compliance Strategies
Oct. 23, 2024
Aftermath of the Ninth Circuit BIPA Liability Shake‑Up in
Zellmer v. Meta
Oct. 16, 2024
Deciphering California’s Pioneering Mandate for an AI Nutrition Label
Oct. 9, 2024
Loyal to a Fault? Customer Loyalty Programs in the Age of Comprehensive Privacy Laws
Oct. 2, 2024
FTC and State Enforcers Reveal What’s Next and What to Do About It
Sep. 25, 2024
Outgoing CPPA Board Member Discusses Rulemaking and Looming Privacy Issues
Sep. 11, 2024
Takeaways and Looming Questions After Ninth Circuit Cuts DPIA From California’s Age-Appropriate Design Code
Sep. 4, 2024
Navigating Government Investigations of Privacy Practices
Aug. 21, 2024
What Texas’ Record $1.4‑Billion Deal With Meta Portends for Biometric Data Capture and Use
Jun. 26, 2024
Measures for Complying With 19 (and Counting) State Privacy Laws
Jun. 19, 2024
Examining Distinctive Aspects of Minnesota’s Demanding New Privacy Law
Jun. 12, 2024
Privacy and Data Security Regulators Discuss Enforcement Priorities and Collaborative Efforts
Apr. 24, 2024
Examining Maryland’s Game-Changing Data Minimization Requirements
Apr. 17, 2024
AI Governance Strategies for Privacy Pros
Apr. 10, 2024
Practical Insights Direct From U.S. State Privacy Enforcers
Apr. 3, 2024
Addressing the Operational Complexities of Complying With the Washington My Health My Data Act
Apr. 3, 2024
Examining Utah’s Pioneering State AI Law
Mar. 13, 2024
Connecticut AG’s Report Highlights Enforcement Risks and Points to Action Steps for Companies
Mar. 6, 2024
Lessons From California’s DoorDash Enforcement Action
Feb. 21, 2024
Legal and Ethical Issues in Use of Biometrics: Modality Selection, Implementation and State Laws
Feb. 14, 2024
Nine Impacts of New Jersey and New Hampshire Privacy Laws
Feb. 7, 2024
Progress? Recent Rulings Are One Step Forward, Two Steps Back for BIPA Defendants
Jan. 17, 2024
Tracking Technologies: Privacy Regulation, Enforcement and Risk
Nov. 1, 2023
Examining Security Mandates, Including California’s Draft Audit Regulations, in State Privacy Laws
Oct. 25, 2023
Private Actions Under the CPRA: Settlement Considerations and Mitigating Risk
Oct. 18, 2023
Private Actions Under the CPRA: Key Issues and Defense Strategies
Oct. 11, 2023
Benchmarking the Impact of State Privacy Laws on Digital Advertising
Oct. 4, 2023
Will California’s New Law Aimed at Data Brokers Require a “Delete Me” Button on All Websites?
Sep. 13, 2023
Examining the Washington Attorney General’s FAQs on the My Health My Data Act
Aug. 2, 2023
Navigating Evolving Data Breach Litigation and Regulatory Risks
Jul. 12, 2023
Analyzing 2023’s New State Privacy Laws: Oregon and Delaware Join the Strictest Tier
Jun. 28, 2023
Analyzing 2023’s New State Privacy Laws: The First Six Plus Compliance Measures
Jun. 7, 2023
Impact of State Privacy Laws on the Financial Services Sector
May 31, 2023
How to Navigate the Rough Waters and Turning Tides of U.S. States’ Anti-ESG Movement and Europe’s Pro-ESG Measures (Part Two of Two)
May 31, 2023
Colorado Controllers: The Final (Rules’) Frontier
May 10, 2023
Aggressive Washington Health Privacy Law: Ten Compliance Priorities
May 3, 2023
Aggressive Washington Privacy Law: Right to Sue and Onerous Consent Obligations
Apr. 19, 2023
Expedia and Lululemon Privacy Pros Discuss Scaling Vendor Contracting for New Privacy Laws
Mar. 22, 2023
Managing Legal Issues Arising From Use of ChatGPT and Generative AI: Industry Considerations and Practical Compliance Measures
Mar. 15, 2023
Managing Legal Issues Arising From Use of ChatGPT and Generative AI: E.U. and U.S. Privacy Law Considerations
Mar. 15, 2023
A Roadmap to the Final Regulations Under the CPRA
Mar. 8, 2023
BIPA Decisions Expand Potential Liability: What’s Next in Illinois and Other States?
Mar. 1, 2023
Getting Used to Zero Trust? Meet Zero Copy
Feb. 22, 2023
IAB Unveils Multistate Contract to Satisfy 2023 Laws’ Curbs on Targeted Ads
Feb. 8, 2023
How to Comply With the CPRA’s Data Minimization Standards
Feb. 8, 2023
Data Breaches and the Private Credit Market: Post-Breach Considerations
Feb. 1, 2023
Key Privacy Issues for 2023
Jan. 18, 2023
A Sensitive Time for Location Data: Tips to Address New Rules and Vendor Standards
Jan. 4, 2023
FTC and $391-Million State AG Case Put Location Data Enforcement on the Map
Nov. 30, 2022
FTC’s Drizly Case Shows Regulators Are Ready to Police Data’s Expiration Dates
Oct. 26, 2022
Navigating the Interplay of Breach Response and Breach Notification
Oct. 26, 2022
Takeaways From the New Push for a Federal AI Law
Sep. 28, 2022
Lessons From California’s First CCPA Enforcement Action
Sep. 14, 2022
Shaping the BIPA Landscape: Avoiding Liability
Jul. 27, 2022
Employee Data Under the CPRA: Rights Requests, Privacy Policies and Enforcement
Jul. 20, 2022
Employee Data Under the CPRA: Key Rights and Restrictions
Jul. 13, 2022
CPRA Draft Regulations: Essential Takeaways and 10 Actions to Take Now
Jun. 22, 2022
New AI Rules: States Require Notice and Records, Feds Urge Monitoring and Vetting
Jun. 15, 2022
Privacy and Security Regulators Discuss New Enforcement Proposals and Compliance Best Practices
May 25, 2022
TV Privacy: Will the TV Industry Agree to Standardize Consent on Screen?
May 11, 2022
Party of Five: Connecticut Law Solidifies Consensus on State Privacy Standards
Apr. 27, 2022
Preparing for CPRA Compliance: Jurisdictional Focus or a More Holistic Approach?
Apr. 27, 2022
New Utah Privacy Law Marks a Shift in State Privacy Legislation
Apr. 13, 2022
California AG Opinion Hands Companies New Tasks for AI, Data Maps, Marketing
Mar. 23, 2022
Are “Privacy-First” Clean Rooms Safe From Regulators?
Feb. 23, 2022
Ad Industry’s Third-Party Data Use Grew Despite Impending Cookie Shutdown
Feb. 16, 2022
The Privacy and Antitrust Paradox in the Age of Data
Feb. 9, 2022
Will It Be Goodbye Forever? Navigating Consumer Requests to Delete Personal Data
Jan. 19, 2022
Privacy Resolutions for 2022
Nov. 3, 2021
In-House Insight on Handling Data Subject Access Requests Under Multiple Privacy Regimes
Sep. 22, 2021
Examining the Intersection of Voiceprints and Data Privacy Laws
Aug. 11, 2021
Complying With NYC’s New Biometrics Law
Aug. 4, 2021
Evaluating Privacy and Cybersecurity Risks in Emerging Technology Transactions: Artificial Intelligence and EdTech
Jul. 21, 2021
Vaccines and Testing in the Post-Pandemic Workplace: Answers to the Tough Questions
Jul. 14, 2021
Vaccines and Testing in the Post-Pandemic Workplace: Understanding the Legal Framework and Making a Balanced Plan
Jun. 23, 2021
Colorado Privacy Law Finishes Third, but Could Become the New Standard
Jun. 23, 2021
How the NYDFS Drives Cybersecurity in the Financial Services Industry
Jun. 16, 2021
The Impact of Recent Legislative and Litigation Trends on Commercial Use of De-Identified Data
Jun. 9, 2021
To “Cure” or Not to “Cure,” That Is the Question
Jun. 9, 2021
State AGs Share Breach Notification Tips and Latest Enforcement Concerns
Apr. 7, 2021
Former Twitter and eBay Counsel Talks Overblown Fears, Third-Party Data Management, and CDA Section 230
Apr. 7, 2021
Behind the Scenes: California AG’s Non-Public CCPA Inquiries
Mar. 31, 2021
Managing Vendor Contracts From the Data Controller's Perspective
Mar. 31, 2021
How Do You Put a System of Controls in Place When Your Target Keeps Moving?
Mar. 24, 2021
Recommended Data Strategies As Google Swears Off Web Tracking
Mar. 17, 2021
Privacy and Security Provisions in Vendor Agreements: Assessing the Risks
Mar. 10, 2021
Preparing for the CPRA’s New Consumer Rights Requirements
Mar. 10, 2021
Familiar and Fresh Mandates in Virginia’s New Privacy Law
Feb. 3, 2021
Expect Continuing Regulatory Focus on Cybersecurity and Data Protection in 2021
Jan. 20, 2021
Privacy Resolutions for 2021
Nov. 4, 2020
Comparing U.S. and E.U. Approaches to Incident Response and Breach Notification
Sep. 30, 2020
Learning From the “Holes” in Dunkin’s Security to Mitigate Brute-Force Attacks
Sep. 30, 2020
What to Expect From the CPRA – California’s New Proposed Privacy Law
Sep. 23, 2020
Apple Overhauls Privacy for iPhone Apps, but Will It Enforce Its Policies?
Sep. 9, 2020
Implementing the CCPA Regulations: Are You Ready?
Sep. 2, 2020
After Death of the Cookie, New Advertising Strategies Raise Compliance Questions
Aug. 5, 2020
CCPA and Online Ads: Contract and Compliance Consequences
Jul. 29, 2020
CCPA and Online Ads: Facebook Finally Acts, AG Starts Enforcement
Jul. 15, 2020
Back to the Table: CCPA Regulations Spark New Wave of Service-Provider Negotiations
Jun. 24, 2020
How to Comply With Key CCPA Notice and Consumer Request Requirements
Jun. 17, 2020
Privacy Settings May Serve as One-Step CCPA Opt-Out From Sale
May 20, 2020
Did Adtech Fix Its CCPA Problem? IAB’s GC Discusses New Contract for Data Sales
May 20, 2020
How to Facilitate a Safe and Privacy Compliant Return to Work: Policies and Protocols
May 13, 2020
How to Facilitate a Safe and Privacy Compliant Return to Work: Laws and Guidance
Apr. 29, 2020
What Is the Potential Liability for Zoombombing, and How Safe Are Zoom Alternatives?
Mar. 25, 2020
Are Companies Turning a Blind Eye to Their Lost Data on the Dark Web?
Mar. 11, 2020
NIST’s New IoT Standard: Inspiring a Wave of New Device Security Guidance
Mar. 11, 2020
The Keys to Encryption: Legal and Regulatory Framework
Mar. 4, 2020
NIST’s New IoT Standard: Boosting Security As States Launch Laws
Feb. 19, 2020
Consciously Coupling: Tackling the Juxtaposition Between Adtech and Privacy
Feb. 12, 2020
How to Approach CCPA’s Under-16 Opt‑in Consent
Feb. 5, 2020
Defining, Implementing and Documenting “Reasonable Security”
Feb. 5, 2020
CCPA Litigation Risks: How to Avoid Claims Under Other Statutes
Jan. 29, 2020
Establishing a Foundation for Breach-Notification Compliance in a Sea of Privacy Laws
Jan. 22, 2020
How to Stem the Coming Tide of CCPA Private Litigation
Jan. 8, 2020
Eight Data Security Best Practices Revealed by Recent AG and FTC Enforcement Actions
Nov. 13, 2019
Updating Vendor Agreements to Comply With CCPA: Non-Third Parties and Key Steps
Nov. 6, 2019
Updating Vendor Agreements to Comply With CCPA: Service-Provider Exemption and Corporate Approaches
Oct. 16, 2019
How Uber, eBay and Pitney Bowes Built Principles-Based Global Privacy Programs
Oct. 9, 2019
CCPA Close-Up: Examining the GLBA Carve-Out and How Financial Institutions Can Evaluate Applicability
Oct. 2, 2019
CCPA Close-Up: Review of Amendments and How to Prepare for Compliance
Sep. 18, 2019
New York’s First Mandated Cybersecurity Standards: A Compliance Roadmap
Sep. 18, 2019
Far-Reaching Google and YouTube Settlement Offers COPPA Compliance Lessons
Sep. 11, 2019
New York’s New Cybersecurity Standards: Expanding Definitions and Requirements
Aug. 21, 2019
Third-Party Data Breaches Highlight the Importance of Vetting Vendors in Compliance With GDPR and CCPA
Jul. 17, 2019
Maine Enacts Sweeping Broadband Customer Privacy Law
Jul. 10, 2019
Implications of Nevada’s New Privacy Law
Jun. 19, 2019
Kids, Privacy & Legal Compliance
Jun. 12, 2019
CCPA Priorities: Tackling Data Subject Rights Requests and Vendors
Jun. 5, 2019
CCPA Priorities: Turning Legislation Prep Into a Program Shift
Apr. 10, 2019
Utah Act Increases Restrictions on Access to Third-Party Data
Mar. 20, 2019
COPPA Compliance Lessons Following Musical.ly’s $5.7 Million FTC Settlement
Mar. 13, 2019
Takeaways From 2018 COPPA Developments and a Forward-Thinking Approach to Compliance
Mar. 6, 2019
Preparing for the CCPA: Best Practices and Understanding Enforcement
Feb. 27, 2019
Preparing for the CCPA: Securing Buy-In and Setting the Scope
Feb. 6, 2019
Examining the New Requirements and Broad Definition of Data Broker Under Vermont’s New Law
Jan. 23, 2019
Illinois Federal Court Denies Standing in BIPA Claim Against Google
Jan. 23, 2019
Massachusetts Breach Notification Law 2.0: More Protections for Consumers, More Requirements for Businesses
Jan. 16, 2019
How a New Ethics Rule and Error in Manafort Case Highlight the Importance of Lawyers’ Technology Competence
Dec. 12, 2018
Illinois Appellate Decision Creates Split on Standing to Sue Under BIPA
Dec. 12, 2018
Understanding the Potential Implications of Pennsylvania’s Newly Recognized Common Law Duty to Protect Personal Information
Nov. 28, 2018
The Growing Role of State AGs in Privacy Enforcement
Oct. 24, 2018
California Enacts Groundbreaking IoT Law and Requires Disclosure of Bot Use
Oct. 24, 2018
The Hidden Requirements in NYDFS’ Cybersecurity Regulation
Sep. 19, 2018
Ohio Adopts Pioneering Cybersecurity Safe Harbor for Companies
Sep. 12, 2018
Colorado’s Revised Cybersecurity Law Clarifies and Strengthens Existing Requirements
Jul. 18, 2018
What to Expect From California’s Expansive Privacy Legislation
Jun. 6, 2018
Analyzing New and Amended State Breach Notification Laws
Feb. 14, 2018
Dynamic Regulations and Shareholder Actions Guide the Board’s Shifting Role in Cyber (Part Two of Two)
Feb. 14, 2018
NY AG and HHS Flex Regulatory Muscles in Recent Protected Health Information Breach Settlements
Jan. 31, 2018
Dynamic Regulations and Shareholder Actions Guide the Board’s Shifting Role in Cyber (Part One of Two)
Jan. 31, 2018
Biometric Data Protection Laws and Litigation Strategies (Part One of Two)
Dec. 20, 2017
Electronic Signatures: Implementation Considerations for the Financial Sector (Part Two of Two)
Dec. 6, 2017
Electronic Signatures: Implementation Considerations for the Financial Sector (Part One of Two)
Dec. 6, 2017
Actions Under Biometric Privacy Laws Highlight Related Risks
Jun. 3, 2015
Navigating Data Breaches and Regulatory Compliance for Employee Benefit Plans
Jul. 12, 2017
Synthesizing New York and Colorado’s Trailblazing Data Security Regulations for Financial Firms
Jun. 14, 2017
Are New York’s Cyber Regulations a “Game Changer” for Hedge Fund Managers?
May 31, 2017
Takeaways From State AGs’ Record-Breaking Target Data Breach Settlement
Apr. 5, 2017
Effective and Compliant Employee Monitoring (Part One of Two)
Mar. 8, 2017
What Covered Financial Entities Need to Know About New York’s New Cybersecurity Regulations
Feb. 22, 2017
Lessons for Connected Devices From the FTC’s Warning Against Unexpected Data Collection
Jan. 25, 2017
Preparing to Meet the Deadlines of DFS’ Revised New York Cybersecurity Regulation
Jan. 25, 2017
Triaging Security Projects in the Current Legal Landscape
Sep. 21, 2016
Steps Financial Institutions Should Take to Meet New York’s Proposed Cybersecurity Regulation
Sep. 7, 2016
Navigating Online Identity Management’s Risks and Regulations
Apr. 27, 2016
Mitigating the Risks of Using Social Media in the Workplace
Apr. 27, 2016
Regulators Speak Candidly About Cybersecurity Trends, Priorities and Coordination
Apr. 13, 2016
The Regulators’ View of Best Practices for Social Media and Mobile Apps
Mar. 30, 2016
Steps for Companies to Take This Week, This Month and This Year to Meet the Challenges of International Cyberspace Governance
Mar. 2, 2016
Synthesizing Breach Notification Laws in the U.S. and Across the Globe
Feb. 3, 2016
Legal and Regulatory Expectations for Mobile Device Privacy and Security (Part One of Two)
Jan. 6, 2016
Keeping Up with Technology and Regulatory Changes in Online Advertising to Mitigate Risks
Nov. 11, 2015
Liability Lessons from Data Breach Enforcement Actions
Nov. 11, 2015
California Law Enforcement Faces Higher Bar in Acquiring Electronic Information
Oct. 28, 2015
Privacy and Data Security Considerations for Life Sciences and Health Technology Companies (Part Two of Two)
Oct. 28, 2015
Orrick Attorneys Explain California’s New Specific Standards for Breach Notification
Sep. 16, 2015
Learning from the Target Data Breach About Effective Third-Party Risk Management (Part One of Two)
Aug. 12, 2015
Navigating the Evolving Mobile Arena Landscape (Part Two of Two)
May 20, 2015
After a Cyber Breach, What Laws Are in Play and Who Is Enforcing Them?
Global
Global
Nov. 13, 2024
GDPR Enforcement’s New Phase: Navigating Privacy Investigations in Europe
Nov. 6, 2024
GDPR Enforcement’s New Phase: More Predictability, and New Rules on the Way
Sep. 11, 2024
Cybersecurity Obligations in E.U.’s Digital Laws: Data Act, DORA and Compliance Steps
Sep. 4, 2024
Cybersecurity Obligations in E.U.’s Digital Laws: AI Act, CRA and NIS2
May 15, 2024
New E.U. Directive Expands Scope of Due Diligence
Apr. 10, 2024
Guidance on Addressing Compliance Challenges With the Newly Effective E.U. Digital Services Act
Jan. 17, 2024
No Regulator Is an Island: Bermuda Commissioner Discusses New Privacy Law and Global Enforcement
Jan. 10, 2024
E.U. Takes Lead on AI and Climate Change Via ESG Regulation
Nov. 29, 2023
Implications of EDPB Meta Ruling on Behavioral Advertising Practices
Oct. 25, 2023
U.K. Equifax Fine Calls for Stricter Parent-Subsidiary Data-Sharing Processes
Sep. 6, 2023
E.U. Coordinated Enforcement Framework Focuses on DPOs
Sep. 6, 2023
An Analysis of the Liberal and Strict Provisions in India’s New Privacy Law
Apr. 12, 2023
Complying With Europe’s Digital Services Act and Digital Markets Act
Jan. 25, 2023
France’s Cookie Enforcement Against TikTok and Microsoft Highlights Common Compliance Missteps
Jan. 25, 2023
Transparency of Beneficial Ownership Clashes With U.K. Privacy Laws
Jan. 25, 2023
E.U. Regulators Bar Meta From Requiring Users to Pay With Their Data
Dec. 14, 2022
The Importance of Being a PIPL Pleaser: Update and Predictions on China’s Data Protection Law One Year In
Nov. 16, 2022
What the FAQ: Deciphering the European Commission Guidance on the New SCCs
Apr. 20, 2022
Privacy Enforcers Across the Globe Band Together to Coordinate Investigations
Mar. 2, 2022
Navigating Post-
Schrems II
International Data Transfer Waters: SCCs and Supplementary Measures
Feb. 23, 2022
Navigating Post-
Schrems II
International Data Transfer Waters: Challenges and TIAs
Feb. 2, 2022
Compliance Takeaways From the Latest GDPR Enforcement Statistics
Jan. 19, 2022
Privacy Resolutions for 2022
Nov. 17, 2021
Data Localization: Cybersecurity Challenges Abound
Nov. 17, 2021
Practical Approaches to Conducting Transfer Impact Assessments Under the GDPR
Nov. 10, 2021
Data Localization: New Compliance Headaches and Costs Across the Globe
Nov. 3, 2021
Data Localization: Laws Spread and Enforcement Rises
Oct. 27, 2021
Lessons From the WhatsApp Decision on GDPR Transparency Requirements: Compliance Foundations
Oct. 20, 2021
Lessons From the WhatsApp Decision on GDPR Transparency Requirements: Enforcement Takeaways
Oct. 13, 2021
China’s First Information Protection Law: Compliance Essentials
Jul. 14, 2021
Personal Data Transfers After Year Zero: A More Appealing Set of EDPB Recommendations?
Jun. 30, 2021
Personal Data Transfers After Year Zero: Are the New SCCs a Paradigm Shift?
Jun. 23, 2021
Three Years In, GDPR Legal Landscape Remains in Flux
Jun. 2, 2021
U.K. Data Protection Regulator Smooths Way for Fund Managers to Transfer Data to SEC
Feb. 10, 2021
GDPR Lives On in the U.K. Post-Brexit
Feb. 3, 2021
Expect Continuing Regulatory Focus on Cybersecurity and Data Protection in 2021
Jan. 20, 2021
Privacy Resolutions for 2021
Jan. 20, 2021
Disputed Twitter Fine Offers Breach Response Lessons
Dec. 2, 2020
ICO Hones GDPR Enforcement Approach With Reduced Fines for British Airways, Marriott and Ticketmaster
Nov. 11, 2020
Understanding the World’s New Four-Letter Privacy Law: China’s PIPL
Nov. 4, 2020
Comparing U.S. and E.U. Approaches to Incident Response and Breach Notification
Oct. 14, 2020
Top Priorities for Compliance With Brazil’s New Personal Data Protection Law
Oct. 14, 2020
H&M’s $41M GDPR Fine Underscores Importance of Employee Data Handling
Aug. 12, 2020
Navigating China’s Cybersecurity Regulatory Maze
Aug. 5, 2020
Early EDPB Guidance in the Wake of
Schrems II
Signals Where E.U.-U.S. Data Transfers Are Headed
Jul. 22, 2020
Ten Initial Steps for E.U. and U.S. Companies in Light of
Schrems II
Ruling
May 27, 2020
Recent Developments in E.U. Cybersecurity Regulation
May 27, 2020
How to Facilitate a Safe and Privacy Compliant Return to Work: Contact Tracing
May 20, 2020
FTC and ICO Commissioners Discuss the Problems With Pandemic Tech and Their Enforcement Approaches
Apr. 29, 2020
The Pandemic Effect: How Compliance and Enforcement Are Evolving
Apr. 22, 2020
GDPR Enforcement Lessons and New ICO Guidance on COVID‑19
Apr. 22, 2020
Morrisons
Ruling Lets U.K. Employers Off the Hook for Rogue Employee Data Leaks
Apr. 1, 2020
A
Considered
Cooperation Approach Is Vital in ICO Data Protection Audits
Dec. 18, 2019
Not Just the GDPR: Privacy Laws in Belarus, Russia, Switzerland, Turkey and Ukraine
Dec. 11, 2019
Not Just GDPR: Examining the Other European Privacy Laws
Oct. 30, 2019
Broad but Limited Reach of GDPR Highlighted in ECJ Google Ruling on “Right to Be Forgotten”
Oct. 23, 2019
ICO Enforcement Takeaways After Marriott and British Airways
Oct. 23, 2019
A Glimpse at the New Cayman Islands Data Protection Law