Jim Pastore – Debevoise Data Blog

NYDFS

NYDFS Proposed Significant Changes to Its Cybersecurity Rules

By: Luke Dembosky, Avi Gesser, Erez Liebermann, Jim Pastore, Charu Chandrasekhar, HJ Brehmer, Michelle Huang and Mengyi Xu August 1, 2022

On July 29, 2022, the New York Department of Financial Services (“NYDFS”) released Draft Amendments to its Part 500 Cybersecurity Rules, which include a mandatory 24-hour notification for cyber ransom…

Artificial Intelligence

Debevoise Discusses AI and Civil Liability at the Athens Roundtable on AI and the Rule of Law (Recording Now Available)

By: Anna Gressel and Jim Pastore March 30, 2022

On December 7, 2021, Anna Gressel and Jim Pastore from Debevoise’s Data Strategy and Security and Commercial Litigation Groups participated in the third edition of the “The Athens Roundtable on Artificial…

Cybersecurity

A New Era of FTC Privacy and Cybersecurity Oversight: Top Ten Things Companies Should Know When Assessing FTC Compliance and Exposure

By: Luke Dembosky, Avi Gesser, Ted Hassi, Jim Pastore, Paul D. Rubin, Johanna Skrzypczyk, Christopher S. Ford, Leah Martin and Melissa Runsten January 14, 2022

Companies developing Federal Trade Commission (“FTC”) compliance programs, or under investigation by the FTC’s Bureau of Consumer Protection, should be aware of significant developments impacting the Commission’s regulatory authority and…

Announcement

Debevoise Authors 2022 Edition of the PLI Privacy Law Answer Book

By: Luke Dembosky, Jeremy Feigelson, Jyotin Hamid, Satish Kini, Henry Lebowitz, Maura Kathleen Monaghan, David A. O'Neil, Jim Pastore, David Sarratt, Jeffrey P. Cunard, Christopher Garrett, Kim Le, Tricia Bozyk Sherno, Johanna Skrzypczyk, Javier Alvarez-Oviedo, HJ Brehmer, Frank Colleluori, Josie Dikkers, Martha Hirst and Alexandra Mogul December 1, 2021

The Data Strategy and Security team at Debevoise & Plimpton LLP has authored the 2022 edition of the Privacy Law Answer Book (Practising Law Institute, 2021), a user-friendly guide to…

Cybersecurity

Six Quick Cybersecurity Takeaways from SEC Speaks 2021

By: Luke Dembosky, Jeremy Feigelson, Avi Gesser, Jim Pastore, Charu Chandrasekhar, HJ Brehmer and Matthew C. Rametta October 14, 2021

On October 13, the annual Securities and Exchange Commission Speaks seminar concluded with presentations from the Examination, Enforcement, and Investment Management divisions. As SEC regulated entities (including publicly traded companies,…

Regulation

China Passes the Personal Information Protection Law

By: William Y. Chua, Luke Dembosky, Jeremy Feigelson, Avi Gesser, Edwin Northover, Jim Pastore, Emily Lam, Philip Rohlik, Johanna Skrzypczyk and Tingting Wu October 11, 2021

On August 20, 2021, China’s Standing Committee of the National People’s Congress passed the Personal Information Protection Law (“PIPL”).1 The PIPL will take effect on November 1, 2021.2 A breakdown…

CCPA

More Privacy and Cyber Requirements Coming to California: Privacy Enforcer Invites Public Comment on New Rulemaking

By: Jeremy Feigelson, Avi Gesser, Jim Pastore, Christopher S. Ford and HJ Brehmer September 17, 2021

Last week, the California Privacy Protection Agency (the “Agency”) invited public comment on its preliminary rulemaking. As previously discussed, the California Privacy Rights Act (“CPRA”) established the Agency and tasked…

Enforcement

The Latest Round of SEC Cybersecurity Enforcement Actions Targets MFA Deficiencies, Inadequate Policies, and Misleading Breach Notifications

By: Avi Gesser, Jim Pastore and Mengyi Xu September 1, 2021

On August 30, 2021, the SEC filed settled enforcement actions against three groups of broker-dealers and investment advisers for failing to protect confidential customer information in violation of Rule 30(a)…

CCPA

Key Takeaways from the First Year of CCPA Enforcement

By: Jeremy Feigelson, Jim Pastore, David Sarratt, Johanna Skrzypczyk, Christopher S. Ford and HJ Brehmer July 26, 2021

On July 19, 2021, California Attorney General Rob Bonta announced his first-year enforcement update on the California Consumer Privacy Act (“CCPA”), and unveiled a tool to help the Attorney General’s…

Automated Decision Making

The Supreme Court TransUnion Case: Part 2—What It Means for Efforts to Defeat Class Certification?

By: Mark P. Goodman, Maura Kathleen Monaghan, Jim Pastore, Jacob W. Stahl and Adam Aukland-Peck July 13, 2021

This is Part 2 of a two-part article on the recent U.S. Supreme Court TransUnion decision. In Part 1, we discussed the implications of the decision for standing in cyber…