Mengyi Xu – Debevoise Data Blog

CCPA

CPPA Proposed Rulemaking Package Part 3 – Privacy Requirements

By: Avi Gesser, Johanna Skrzypczyk, Mengyi Xu, Melyssa Eigen and Katie Heath May 5, 2025

In Part 1 of this series, we discussed the annual cybersecurity audit requirements in the California Privacy Protection Agency (the “CPPA”)’s proposed rulemaking package (the “Draft Regulations”). In Part 2,…

CCPA

CPPA Proposed Rulemaking Package Part 1 – Cybersecurity Audits

By: Avi Gesser, Matt Kelly, Johanna Skrzypczyk, HJ Brehmer, Amer Mneimneh, Ned Terrace and Mengyi Xu December 3, 2024

On November 22, 2024, the California Privacy Protection Agency (the “CPPA”) opened the formal public comment period for its recently approved formal proposed rulemaking package for annual cybersecurity audits, automated…

Ransomware

Lessons Learned from DOJ’s Takedown of Hive Ransomware

By: Luke Dembosky, Avi Gesser, Erez Liebermann and Mengyi Xu January 27, 2023

On January 26, 2022, the FBI, DOJ, and international law enforcement partners dropped a bombshell of an announcement: they had dismantled the infrastructure of one of the most prolific ransomware…

Cybersecurity

NYDFS Publishes Official Amendments to Its Cybersecurity Regulation

By: Luke Dembosky, Avi Gesser, Erez Liebermann, Caroline Novogrod Swett, Johanna Skrzypczyk and Mengyi Xu November 10, 2022

On November 9, 2022, the New York Department of Financial Services (“NYDFS”) announced the publication of the official proposed amendments to its 2017 Cybersecurity Regulation 23 NYCRR 500 (“Proposed Amendments”).…