There were a few European data protection developments in February that companies may want to have on their radar. These include a draft adequacy decision for EU-UK data transfer, renewed…
Earlier this week, Debevoise published an overview of the SEC’s Division of Examination Priorities for 2021. Today, we’re taking a deeper dive into one aspect of those priorities: cybersecurity as it…
Last year, we discussed the first enforcement action brought by the New York State Department of Financial Services (“DFS”), which involved charges against First American Title Insurance Company. That hearing…
Virginia has just become the second U.S. state with a comprehensive privacy law, with Governor Ralph Northam’s signing of the Virginia Consumer Data Protection Act (“VCDPA”) on March 2, 2021.…
On March 3, 2021, Anna Gressel and Avi Gesser from our Data Strategy and Security Group had a very interesting conversation on AI regulation with Kaitlin Asrow, Fintech Policy Advisor…
On February 4 and 11, 2021, Robin L. Barton of the Hedge Fund Law Report published a two-part article on the risks of business email compromise scams: Eleven Lessons From…
Companies face increasing cybersecurity and AI risk from third-party vendors. Cybersecurity risks arise when companies share sensitive personal data or company information with their vendors or when their vendors have…
Introduction For those following emerging artificial intelligence (“AI”) regulations and enforcement closely, one issue of great interest is remedies. In particular: in what circumstances, if any, would regulators or courts…
On January 6, 2021, Avi Gesser and Anna Gressel from Debevoise’s Data Strategy and Security Group and Keith Slattery from Debevoise’s Insurance Group has an insightful conversation with Stefan Toi…
On January 12, Judge James Boasberg of the U.S. District Court for the District of Columbia granted plaintiff Guo Wengui’s motion to compel production of a report (the “Report”)—and related…