On July 14, 2023, California Attorney General Rob Bonta announced a California Consumer Privacy Act (“CCPA”) enforcement sweep focused on large California employers’ compliance with the CCPA’s requirements applicable to the personal information of employees and job applicants. This is a clear signal that the Attorney General will not wait to pursue enforcement of these provisions, even though the California…

The proliferation of AI tools and rapid pace of AI adoption have led to calls for new regulation at all levels. President Biden recently said “[w]e need to manage the risks [of AI] to our society, to our economy, and our national security.” The Senate Judiciary Subcommittee on Privacy, Technology and the Law recently held a hearing on “Rules for…

On June 28, 2023, the New York Department of Financial Services (“NYDFS”) announced its Revised Proposed Second Amendment to its Cybersecurity Regulation, 23 NYCRR Part 500 (the “Revised Amendment” or “June 2023 Amendment”), which reflects revisions made by the NYDFS as a result of comments it received on its Initial Proposed Second Amendment released in November 2022 (the “Initial Amendment”…

On Friday, July 7th, 2023, Eric Dinallo, Avi Gesser, Erez Liebermann, Marshal Bozzo, and Stephanie Thomas hosted a webcast that examined the Revised Proposed 2nd Amendment to the Part 500 Cybersecurity Rules released by the New York Department of Financial Services and discussed what changes were made, what still needs fixing, and the implications that the new draft may have…

On June 22, 2023, Robert Maddox, International Counsel, and Tristan Lockwood, Associate, delivered the latest instalment of the Debevoise London insurance industry webinar series, focusing on the European Union’s Digital Operational Resilience Act and what it means for the Insurance Sector. Topics included: The history and context of DORA; Management obligations and the role of the Board; Incident reporting, operational…