The U.S. Department of Homeland Security (DHS)’s Cybersecurity and Infrastructure Security Agency (CISA) has released updated chapters to its Cyber Essentials Toolkits (revised August 17, 2020). CISA, the U.S. risk advisor, is tasked with key responsibilities in relation to defending cyber threats against “.gov” networks while collaborating with federal government partners to build more secure
On August 14, 2020, the California Attorney General (AG) announced that the Office of Administrative Law (OAL) approved the California Consumer Privacy Act (CCPA) regulations, which will take effect immediately. The OAL’s approval concludes the expedited review process requested by the AG on June 1. For more information on the review process, see GT’s June
The Court of Justice of the European Union (CJEU) declares invalid a decision of the European Commission which attested that the EU-U.S. Privacy Shield provided adequate protection to personal data transferred from the EU to the U.S., if the receiving party had self-certified its adherence to the Privacy Shield Principles. At the same time, the
On June 24, the California Secretary of State announced that the California Privacy Rights Act (CPRA) has qualified as a statewide ballot initiative to be listed on this November’s General Election ballot.
The announcement follows official confirmation that the nonprofit group behind the ballot initiative, Californians for Consumer Privacy, obtained in excess of the 623,212
Following much anticipation, the Office of the California Attorney General (OAG) moved one step closer to the California Consumer Privacy Act (CCPA)’s wide-ranging implementing regulations becoming enforceable by law by filing the final CCPA Regulations with the California Office of Administrative Law (OAL) on June 1.
The CCPA grants the OAG the authority to begin
EDPB says that cookie walls require a tracking-free alternative (not necessarily free of charge) – and the German Federal Supreme Court rules against opt-out consent for tracking cookies under German law
Introduction
In 2019, various EU member states issued guidance as to whether opt-in consent is necessary for non-essential cookies, with some guidance suggesting opt-in
Regulators’ enforcement priorities evolve alongside technological changes and in response to consumer-impacting activities that are emphasized in news headlines. This trend can be seen in the SEC’s relatively recent focus on monitoring and bringing formal actions against opportunistic stock trading by corporate insiders who have knowledge of enterprise security incidents and data breaches.
As the SEC described in its 2018 guidance intended to assist public companies in preparing disclosures about cybersecurity risks and incidents: “Companies and their directors, officers, and other corporate insiders should be mindful of complying with the laws related to insider trading in connection with information about cybersecurity risks and incidents, including vulnerabilities and breaches.”
What follows is an overview of an article published in Cybersecurity Law Report (subscription paywall) last week by Greenberg Traurig’s Darren Abernethy regarding the interplay between corporate insider trading and cybersecurity incidents, including some possible planning steps for businesses to consider with legal counsel.
Continue Reading Insider Trading in the Data Breach Context: Proactive Corporate Planning and Regulatory Enforcement
With the California Attorney General’s enforcement of the California Consumer Privacy Act (CCPA) beginning on July 1, 2020, businesses are eagerly awaiting the forthcoming final version of the CCPA Regulations to ensure that their compliance is in line with the law and its Regulations. Due to the upcoming CCPA enforcement deadline, and California’s shelter-in-place status,
In an April 8 letter to the Federal Trade Commission (FTC), Senator Edward Markey (D-MA) urged the FTC to issue formal privacy and cybersecurity guidance for companies engaged in producing online conferencing services, and best practices for users of such services. This request comes in response to an exponential increase in the usage of videoconferencing
Today, the California Office of the Attorney General (OAG) released a second set of modifications to its proposed California Consumer Privacy Act (CCPA) Regulations.
The proposed regulations were first published and noticed for public comment on October 11, 2019. On February 10, 2020, the OAG released modifications to the proposed regulations based on the earlier