The Federal Rules of Civil Procedure, as well as state procedural rules, permit parties to a lawsuit to conduct discovery, in search of information and documents that may be relevant to the litigation. Parties can issue requests for documents, information (called interrogatories), and admissions of fact to other parties to the lawsuit; parties may use
The Federal Rules of Civil Procedure, as well as state procedural rules, permit parties to a lawsuit to conduct discovery, in search of information and documents that may be relevant to the litigation. Parties can issue requests for documents, information (called interrogatories), and admissions of fact to other parties to the lawsuit; parties may use
After Europe blazed the trail by passing the sweeping General Data Protection Regulation (“GDPR”) in 2016, California followed closely in the footsteps of European efforts by passing the most comprehensive data privacy law in the United States, the California Consumer Privacy Act (the “CCPA”). Effective January 1, 2020, the CCPA provided a number of obligations
On Aug. 8, 2022, the Department of the Treasury’s Office of Foreign Assets Control (OFAC) imposed economic sanctions on Tornado Cash, a popular cryptocurrency mixing service that allows customers to obscure the original source of virtual currency transactions by “mixing” multiple transactions and then redistributing them. While mixing may have legitimate benefits in some transactions,
In this article, we discuss today’s most prevalent types of ransomware attacks, considerations for whether to make the ransom payment, the Financial Crimes Enforcement Network (FinCEN) and Treasury’s Office of Foreign Asset Control’s (OFAC) ransomware guidance, and the U.S. government’s efforts in connection with these attacks.
On May 19, 2022, the Department of Justice announced it would not charge good-faith hackers who expose weaknesses in computer systems with violating the Computer Fraud and Abuse Act (CFAA or Act), 18 U.S.C. § 1030. Congress enacted the CFAA in 1986 to promote computer privacy and cybersecurity and amended the Act several times, most
As part of a larger spending bill signed by President Biden on March 15, 2022, Congress passed the Cyber Incident Reporting for Critical Infrastructure Act (CIRA) to increase funding for the federal Cybersecurity and Critical Infrastructure Agency (CISA). CIRA requires companies considered to be in a “critical infrastructure” sector to notify CISA within 72 hours
Continuing its focus on cybersecurity, on March 9, 2022, in a party-line vote, the SEC proposed rules and amendments governing cybersecurity reporting requirements for public companies subject to the Securities Exchange Act of 1934.
The California Consumer Privacy Act (CCPA) provides plaintiffs with a private right of action to pursue statutory damages following data security breaches that impact certain sensitive categories of personal information and are caused by a business’s failure to institute reasonable and appropriate security. Although the CCPA does not permit private suits with respect to alleged
On Feb. 25, 2022, one of the top 10 ransomware threat actor groups, Conti, issued a statement announcing its “full support” of the Russian government and threatening “to use all our possible resources to strike back at critical infrastructures of an enemy” who “organize[s] a cyberattack or any war activities” against Russia. Conti followed up