Christopher S. Ford – Page 2 – Debevoise Data Blog

Cybersecurity

Four Takeaways from the SEC’s Proposed Cybersecurity Rules

By: Luke Dembosky, Avi Gesser, Julie M. Riewe, Charu A. Chandrasekhar, Christopher S. Ford, HJ Brehmer and Matthew C. Rametta February 16, 2022

On February 9, 2022, the SEC released its much-anticipated proposed rules relating to cybersecurity risk management, incident reporting, and disclosure for investment advisers and funds. Many of the proposals follow…

CCPA

CCPA Enforcement Update: California AG Announces a New Enforcement Sweep Targeting Customer Loyalty Programs

By: David Sarratt, Christopher S. Ford and HJ Brehmer January 31, 2022

On January 28, 2022, California Attorney General Rob Bonta announced that his office sent notices alleging noncompliance with the California Consumer Privacy Act (“CCPA”) to a number of companies operating…

CISA

SEC Cybersecurity Update: Chair Gensler Offers Insight into Upcoming Regulation

By: Avi Gesser, Charu A. Chandrasekhar, Christopher S. Ford, HJ Brehmer and Matthew C. Rametta January 25, 2022

On January 24, 2022, SEC Chair Gary Gensler gave a speech on cybersecurity rulemaking to the Annual Securities Regulation Institute, outlining a number of key points he expects the SEC…

Cybersecurity

A New Era of FTC Privacy and Cybersecurity Oversight: Top Ten Things Companies Should Know When Assessing FTC Compliance and Exposure

By: Luke Dembosky, Avi Gesser, Ted Hassi, Jim Pastore, Paul D. Rubin, Johanna Skrzypczyk, Christopher S. Ford, Leah Martin and Melissa Runsten January 14, 2022

Companies developing Federal Trade Commission (“FTC”) compliance programs, or under investigation by the FTC’s Bureau of Consumer Protection, should be aware of significant developments impacting the Commission’s regulatory authority and…

Announcement

Banking Regulators Finalize 36-Hour Data Breach Notification Rule

By: Luke Dembosky, Avi Gesser, Satish Kini, Gregory Lyons, Johanna Skrzypczyk, Christopher S. Ford, Alexandra Mogul and Erik Rubinstein November 23, 2021

On November 18, 2021, federal banking regulators published a Final Rule that imposes new notification requirements on banking organizations for certain cybersecurity incidents. Most significantly, the Final Rule requires that…

Cybersecurity

Six Takeaways from Debevoise’s SEC Cybersecurity Year in Review 2021

By: Julie M. Riewe, Christopher S. Ford, HJ Brehmer and Matthew C. Rametta November 5, 2021

On November 2, members of our Data Security & Strategy and White Collar & Regulatory Defense teams hosted a webcast on the SEC’s Cybersecurity Year in Review 2021. The panelists,…

SEC

Webcast – The SEC’s Cybersecurity Year in Review 2021: Disclosures, Enforcement, and More

By: Julie M. Riewe, Christopher S. Ford and HJ Brehmer October 20, 2021

On November 2, 2021, Julie Riewe of Debevoise’s White Collar & Regulatory Defense Group and Christopher Ford and HJ Brehmer of Debevoise’s Data Strategy & Security Group hosted an engaging…

CCPA

More Privacy and Cyber Requirements Coming to California: Privacy Enforcer Invites Public Comment on New Rulemaking

By: Jeremy Feigelson, Avi Gesser, Jim Pastore, Christopher S. Ford and HJ Brehmer September 17, 2021

Last week, the California Privacy Protection Agency (the “Agency”) invited public comment on its preliminary rulemaking. As previously discussed, the California Privacy Rights Act (“CPRA”) established the Agency and tasked…

CCPA

Key Takeaways from the First Year of CCPA Enforcement

By: Jeremy Feigelson, Jim Pastore, David Sarratt, Johanna Skrzypczyk, Christopher S. Ford and HJ Brehmer July 26, 2021

On July 19, 2021, California Attorney General Rob Bonta announced his first-year enforcement update on the California Consumer Privacy Act (“CCPA”), and unveiled a tool to help the Attorney General’s…

CCPA

Seven Tips for Reducing CCPA Litigation Risks – Lessons from the First 18 Months

By: Jeremy Feigelson, Avi Gesser, Jim Pastore, Johanna Skrzypczyk, Christopher S. Ford, Alexandra P. Swain and HJ Brehmer June 22, 2021

Since the implementation of the California Consumer Privacy Act (“CCPA”) 18 months ago, more than 75 lawsuits have been filed seeking damages using the Act’s private cause of action. The CCPA…