Search Results: Litigation & Enforcement

Thirty-Six Hour Breach Notification Rule Puts Banking Organizations on Notice

In response to the growing threat to financial stability posed by cybersecurity incidents, the Office of the Comptroller of the Currency (OCC), the U.S. Department of the Treasury, the Federal Reserve Board, and the Federal Deposit Insurance Corporation (FDIC) (collectively, the “agencies”) published a rule titled “Computer-Security Incident Notification Requirements…

Read More

NYDFS Issues Ransomware Guidance Aimed at Combatting Rising Cyber Threats

The exponential rise in ransomware attacks in the past year has everyone on high alert, not least of which are regulators. Following on the heels of a June 2, 2021 White House memo addressing ransomware prevention, on June 30, 2021 the New York Department of Financial Services (“NYDFS”) issued new ransomware guidance of its…

Read More

Biden Executive Order Likely to Push Private Sector Forward on Cybersecurity

On May 12, President Biden signed an Executive Order on Improving the Nation’s Cybersecurity. The order comes on the heels of a number of recent widely reported cybersecurity crises, including the Solar Winds and Microsoft Exchange compromises, that brought renewed attention to the glaring gaps in supply chain security. By wading into the issue of software…

Read More

What To Expect From NYC’s Tenant Data Privacy Act

New York City tenants harboring “big brother” concerns over landlords abusing data collected through smart access (i.e., keyless entry) systems will soon be able to rest easier. Following California, Virginia, and the British Virgin Islands, the New York City Council recently became the latest legislative body to pass privacy legislation with the Tenant Data…

Read More

Despite Legalization, Cannabis Retailers Still Face Telecom Backlash

On April 12, New Mexico became the 17th state in the U.S. to legalize the recreational use of cannabis by people 21 years old or older, paving the way for the emergence of a multitude of cannabis dispensaries looking to cash in on what may become one of the nation’s largest…

Read More

Late Breach Notice In Europe Leads To Nearly €500k Fine

On 31 March 2021 the Dutch Data Protection Authority (DPA) announced that it fined the online reservation platform Booking.com €475,000 for failing to notify the DPA of a data breach within the timeline established in the GDPR. The decision signals European regulators’ growing scrutiny of how companies exercise discretion in incident response decisions….

Read More

Biometric And Facial Recognition Technology In The U.S.: What’s In Store For 2021?

Regulation of the collection and use of biometric data is on the rise, a trend which is likely to continue through 2021 and beyond. Currently, three states have laws that regulate what private businesses can do with biometric data, and nearly a dozen other states and cities have proposed bills…

Read More

UK ICO Confirms Transfers Of Data To SEC In The Public Interest

The UK Information Commissioner’s Office (“ICO”) has published a letter sent to the U.S. Securities and Exchange Commission. The ICO confirms that it is possible for SEC regulated UK firms to transfer personal data to the U.S. where the transfer is necessary for important reasons of public interest (the derogation in Article…

Read More