As we wrote in previous posts, on August 11, 2022, the Federal Trade Commission (the “FTC”) announced its Advance Notice of Proposed Rulemaking (the “ANPR”) seeking public comment on 95 questions focused on harms…
As we noted in previous posts, on August 11, 2022, the Federal Trade Commission (“FTC”) announced its Advance Notice of Proposed Rulemaking (“ANPR”) seeking public comment on 95 questions focused…
On 18 July 2022, the UK government published the Data Protection and Digital Information Bill (the “Bill”), which proposes reforms to the UK’s data protection and e-privacy landscape in-line with…
On August 11, 2022, the Federal Trade Commission (the “FTC”) announced its Advance Notice of Proposed Rulemaking (the “ANPR”) seeking public comment on 95 questions focused on harms stemming from…
On August 11, 2022, the Federal Trade Commission (“FTC”) announced its Advance Notice of Proposed Rulemaking (“ANPR”) seeking public comment on 95 questions focused on purported harms stemming from “commercial…
On July 29, 2022, the New York Department of Financial Services (“NYDFS”) released Draft Amendments to its Part 500 Cybersecurity Rules. We provided our initial thoughts on the Draft Amendments…
On July 27, 2022, the Securities and Exchange Commission (“SEC”) separately charged three financial institutions with violations of Rule 201 of Regulation S-ID (“Reg S-ID”), also known as the Identity…
On Friday, August 5, 2022, Eric Dinallo, Luke Dembosky, Avi Gesser, Erez Liebermann, and Charu Chandrasekhar participated in a webcast on the proposed draft amendments to the NYDFS cyber rules.…
On July 29, 2022, the New York Department of Financial Services (“NYDFS”) released Draft Amendments to its Part 500 Cybersecurity Rules, which include a mandatory 24-hour notification for cyber ransom…
On July 8, 2022, the U.S. Department of Justice (the “DOJ”) announced that Aerojet Rocketdyne (“Aerojet”), a California-based aerospace and defense contractor, agreed to pay $9 million to resolve allegations…