NYDFS Issues Ransomware Guidance Aimed at Combatting Rising Cyber Threats

The exponential rise in ransomware attacks in the past year has everyone on high alert, not least of which are regulators. Following on the heels of a June 2, 2021 White House memo addressing ransomware prevention, on June 30, 2021 the New York Department of Financial Services (“NYDFS”) issued new ransomware guidance of its…

Read More

Link to Video - Where Are We With Ransomware And Where Do We Go From Here?

In 2021, ransom and ransomware have been transformed from techno-speak to a topic on the tip of the tongue of every executive and business leader. High-profile attacks have disrupted American life as never before, but even ransomware events that don’t make the front page can be significant enough to cripple…

Read More

The Colorado Privacy Act Joins List of Comprehensive State Privacy Laws

On July 7, 2021, Colorado Governor Jared Polis signed the Colorado Privacy Act (“CPA”) into law. The CPA will take effect on July 1, 2023 and joins the California Consumer Privacy Act (“CCPA”), the California Privacy Rights Act (“CPRA”), and Virginia Consumer Data Protection Act (“VCDPA”) on a growing list of comprehensive state data privacy laws…

Read More

Gone Phishing? Wire Fraud Scams Continue Unabated Throughout 2021 So Far

By this point, most businesses that regularly send and receive funds electronically have heard about the risk of wire fraud scams in which an intruder changes wiring instructions and diverts funds to its own account, insidiously crafted to look like the proper account. But detecting these scams before they come…

Read More

Companies Can Protect Proprietary Data When Responding to CCPA Privacy Requests

Since its passage almost three years ago, the California Consumer Privacy Act (“CCPA”) has offered California-based consumers certain rights over the personal information companies collect and process about them. While responding to any request to exercise CCPA rights creates its own set of challenges, one right in particular – the right to…

Read More

Biden Executive Order Likely to Push Private Sector Forward on Cybersecurity

On May 12, President Biden signed an Executive Order on Improving the Nation’s Cybersecurity. The order comes on the heels of a number of recent widely reported cybersecurity crises, including the Solar Winds and Microsoft Exchange compromises, that brought renewed attention to the glaring gaps in supply chain security. By wading into the issue of software…

Read More

NYC Enacts Biometric Data Disclosure Rules and Restrictions

Millions of vaccinated Americans — now maskless — surely can’t wait to rekindle their love affair with their iPhone’s facial recognition technology. Meanwhile, these same people are probably less eager for the bars, restaurants, and theaters they visit to collect that same facial data and other biometric information without their…

Read More

What To Expect From NYC’s Tenant Data Privacy Act

New York City tenants harboring “big brother” concerns over landlords abusing data collected through smart access (i.e., keyless entry) systems will soon be able to rest easier. Following California, Virginia, and the British Virgin Islands, the New York City Council recently became the latest legislative body to pass privacy legislation with the Tenant Data…

Read More

What Happens In The British Virgin Islands, Stays In The British Virgin Islands

On 13 April 2021, the British Virgin Islands (“BVI” or “Virgin Islands”) became the latest jurisdiction to enact a comprehensive information privacy law when the territory published the Data Protection Act, 2021 (the “DPA 2021” or the “Act”) in its Official Gazette. Despite being a territory of the United Kingdom, the Virgin…

Read More

Setting A New Standard: Data Privacy and Corporate Social Responsibility

Corporate Social Responsibility (“CSR”) and Environmental, Social, and Governance (“ESG”) practices have increasingly become priorities for many organizations as they assess their obligations to their employees, customers, and the broader community. As companies work towards meeting these CSR and ESG objectives, one focus area is data rights and data privacy. Data…

Read More