2021 – Debevoise Data Blog

Announcement

The Debevoise Data Blog Receives a Top Ten Ranking in Its Second Year

By: Avi Gesser and HJ Brehmer December 31, 2021

In June 2020, Debevoise’s Data Strategy and Security practice group launched the Debevoise Data Blog, where we regularly publish our insights on developments and trends in cybersecurity, artificial intelligence, and…

CCPA

Getting Ready for 2023: What Companies Can Do Now to Prepare for New Privacy Laws

By: Jeremy Feigelson, Avi Gesser, Johanna Skrzypczyk, Michael Bloom, Michael R. Roberts, Tricia Reville and Kate Saba December 16, 2021

The Virginia Consumer Data Protection Act (“VCDPA”) and amendments to the California Consumer Privacy Act (“CCPA”)—enshrined in the California Privacy Rights Act (“CPRA”)—take effect on January 1, 2023. In addition,…

Artificial Intelligence

Webcast – Cybersecurity and AI Whistleblowers

By: Avi Gesser, Anna Gressel, Jyotin Hamid and Maeve O'Connor December 15, 2021

On December 16, 2021, Anna Gressel and Avi Gesser from our Data Strategy and Security Group were joined by Maeve O’Connor and Jyotin Hamid of our Commercial Litigation Group for a special…

Announcement

The New York DFS Issues Guidance on Multifactor Authentication

By: Luke Dembosky, Avi Gesser, Jeremy Feigelson, Alexandra P. Swain, Parker Eudy and Noah L. Schwartz December 13, 2021

On December 7, 2021, the New York Department of Financial Services (“DFS”) released new guidance on multifactor authentication (“MFA”), indicating that it is increasing its review of MFA during examinations,…

Automated Decision Making

China Publishes New Draft Regulations on Data Security

By: Luke Dembosky, Avi Gesser, Mark Johnson, Philip Rohlik, Ralph Sellar, Johanna Skrzypczyk, Martha Hirst, Mengyi Xu and Eva Yue Niu December 9, 2021

On November 14, 2021, the Cyberspace Administration of China (“CAC”) released the draft “Network Data Security Management Regulations” (the “Draft Regulations”) for public comment. The Draft Regulations have major implications…

Announcement

AI, FinTech and Racial Equity — Takeaways from a Recent World Bank Panel (Recording Now Available)

By: Avi Gesser, Anna Gressel and Frank Colleluori December 2, 2021

On November 10, 2021, Avi Gesser and Anna Gressel from Debevoise’s Data Strategy and Security Group shared their insights as part of a World Bank panel on FinTech and Racial…

Announcement

Debevoise Authors 2022 Edition of the PLI Privacy Law Answer Book

By: Luke Dembosky, Jeremy Feigelson, Jyotin Hamid, Satish Kini, Henry Lebowitz, Maura Kathleen Monaghan, David A. O'Neil, Jim Pastore, David Sarratt, Jeffrey P. Cunard, Christopher Garrett, Kim Le, Tricia Bozyk Sherno, Johanna Skrzypczyk, Javier Alvarez-Oviedo, HJ Brehmer, Frank Colleluori, Josie Dikkers, Martha Hirst and Alexandra Mogul December 1, 2021

The Data Strategy and Security team at Debevoise & Plimpton LLP has authored the 2022 edition of the Privacy Law Answer Book (Practising Law Institute, 2021), a user-friendly guide to…

Crypto

Regulators Publish Joint Statement Summarizing Results of Inter-agency Crypto Sprint

By: Alison Hashmall, Caroline Novogrod Swett, Taylor Richards and Chen Xu November 23, 2021

The inter-agency crypto-asset policy sprint initiative has finally taken off. This morning the Federal Reserve Board, the Federal Deposit Insurance Corporation and the Office of the Comptroller of the Currency…

Announcement

Banking Regulators Finalize 36-Hour Data Breach Notification Rule

By: Luke Dembosky, Avi Gesser, Satish Kini, Gregory Lyons, Johanna Skrzypczyk, Christopher S. Ford, Alexandra Mogul and Erik Rubinstein November 23, 2021

On November 18, 2021, federal banking regulators published a Final Rule that imposes new notification requirements on banking organizations for certain cybersecurity incidents. Most significantly, the Final Rule requires that…

CISA

An Overview of Proposed Cybersecurity Legislation: Which Incidents Are Covered, Who Counts as Critical Infrastructure, and What New Obligations Are Created?

By: Luke Dembosky, Avi Gesser, HJ Brehmer and Stephanie Thomas November 22, 2021

On November 15, 2021, President Biden signed the Infrastructure Investment and Jobs Act into law, authorizing $1.2 trillion for infrastructure spending, including approximately $2 billion for various federal cybersecurity projects.…