Earlier this year, we wrote about the SEC’s cybersecurity priorities. Since then, the SEC announced a settlement with First American Title Insurance and Services (“First American”) for violating Rule 13a-15(a)…
Companies face increasing risk to their operations resulting from a cyber breach of a critical vendor. We have recently written about creating a sensible cybersecurity and AI risk framework for…
This is Part 1 of a two-part article on the recent U.S. Supreme Court TransUnion decision. In Part 2, we will discuss the implications of the decision for efforts to…
Since the implementation of the California Consumer Privacy Act (“CCPA”) 18 months ago, more than 75 lawsuits have been filed seeking damages using the Act’s private cause of action. The CCPA…
On Monday, June 14, 2021, the Board of the California Privacy Protection Agency (“Agency”) hosted its first inaugural public meeting. As discussed in a prior posting, the California Privacy Rights…
May saw useful reminders for companies, including: (i) the need to appoint an EU – and/or UK – representative if caught by the (UK) GDPR’s extraterritorial effect; (ii) that regulators…
Our three previous articles in this series on the future of AI regulation have discussed the RFI on AI issued by U.S. banking regulators, the draft EU AI regulation, and…
In our first post in this series on the future of AI regulation, we discussed the recent request for information (“RFI”) from U.S. federal banking regulators on the use of…
On Monday, May 3, 2021, Anna Gressel and Avi Gesser from our Data Strategy and Security Group, had an interesting discussion with Stephen McDougall, Chief Counsel for Data and Privacy…
In this Part 2 of our series on the future of artificial intelligence (“AI”) regulation, we examine the draft EU legislation. Part 1 of the series (on U.S. banking regulators’…