On April 14, 2021, the New York State Department of Financial Services (the “DFS”) announced that its cyber enforcement action against National Securities Corporation (“National Securities”) has been resolved by…
Earlier this week, Debevoise published an overview of the SEC’s Division of Examination Priorities for 2021. Today, we’re taking a deeper dive into one aspect of those priorities: cybersecurity as it…
Introduction For those following emerging artificial intelligence (“AI”) regulations and enforcement closely, one issue of great interest is remedies. In particular: in what circumstances, if any, would regulators or courts…
Regulators in the United States and abroad are showing increasing interest in pursuing enforcement actions against companies that deploy artificial intelligence, machine learning, or algorithmic-based applications (“AI”) in a way…
Tough Cookie: French CNIL Hits Google and Amazon with a Total of €135 million in Fines On December 7, 2020, the French data protection authority, the CNIL (“Commission Nationale de…
At many companies, employees are increasingly using non-business communication applications (“apps”) such as iMessage, WhatsApp and WeChat for business-related communications. This trend has likely accelerated in the COVID era, as…
Earlier this year, we shared a list of 13 technical and nontechnical measures companies can adopt to mitigate the risks of ransomware attacks. With ransomware and other malicious cyber-related attacks…
France’s supreme court for administrative matters, the Council of State (Conseil d’Etat), has upheld the €50 million fine imposed on Google LLC by the French data protection authority, the Commission…
The California Attorney General has released a second set of modifications to its proposed regulations implementing the California Consumer Privacy Act. We expect that companies planning their CCPA compliance programs will…