On November 22, 2024, the California Privacy Protection Agency (the “CPPA”) opened the formal public comment period for its recently approved formal proposed rulemaking package for annual cybersecurity audits, automated…
On October 16, 2024, the New York Department of Financial Services (the “NYDFS”) issued an Industry Letter providing guidance on assessing cybersecurity risks associated with the use of AI (the…
As companies slowly ramp up the depth and breadth of their AI adoption, one of the most difficult challenges they face is managing third-party risk. Most companies contemplating AI adoption…
On July 11, 2024, the New York State Department of Financial Services (the “NYDFS”) adopted Insurance Circular Letter No. 7 regarding the Use of Artificial Intelligence Systems and External Consumer…
Luke Dembosky, Avi Gesser, Erez Liebermann, Jim Pastore, Matt Kelly, and Johanna Skrzypczyk were all recognized by The Legal 500 US in the category Cyber Law (Including Data Privacy and Data…
On April 26, 2024, the Federal Trade Commission (the “FTC”) issued a controversial final rule (the “Final Rule”) that, among other things, expands the scope of the Health Breach Notification…
On May 16, 2024, the SEC adopted amendments to Regulation S-P (“Reg S-P”) one year after its proposed amendments (the “Proposed Amendments”). The finalized amendments (“Amended Reg S-P”) largely track…
On March 27, 2024, the U.S. Department of Treasury (“Treasury”) released a report on Managing Artificial Intelligence-Specific Cybersecurity Risks in the Financial Services Sector (the “Report”). The Report was released…
On January 17, 2024, the New York State Department of Financial Services (the “NYDFS”) issued a Proposed Insurance Circular Letter regarding the Use of Artificial Intelligence Systems and External Consumer…
On December 19, 2023, the Federal Trade Commission (the “FTC”) announced a complaint and a proposed stipulated order against a large drugstore chain (the “Company”) in connection with the Company’s…