Six months after the SEC’s Cybersecurity Incident Disclosure Rule (SEC Rule) came into force, an April 2024 GT Alert summarized disclosure trends. The GT Alert identified that the companies who filed a mandatory form 8-K disclosing a cybersecurity incident had erred on the side of caution, hedged on whether the materiality threshold had been met
On Jan. 16, 2025 the European Data Protection Board (EDPB) published guidelines on the pseudonymization of personal data for public consultation. The Berlin Data Protection Commissioner (BlnBDI) played a leading role in drafting these guidelines (see the German-language BlnBDI press release). The consultation is ongoing, and comments can be submitted until Feb. 28, 2025
Cyber criminals constantly develop new ways to steal money from businesses. One common scam targeting law firms and corporate legal departments involves “imposters” pretending to be clients or other parties who are owed payment, then tricking the attorney into paying the imposters. This deception has led to a rise in lawsuits where parties are battling
On Oct. 22, 2024, the CFPB issued a final rule that will require covered financial institutions to provide consumers and authorized third parties with access and portability options for their financial data. The CFPB’s final rule, called the “Personal Financial Data Rights Rule,” implements Section 1033 of Title X of the Dodd-Frank Act, a to-date
On Oct. 22, 2024, the SEC announced settled administrative actions against four current or formerly public technology companies, finding that the companies all made materially misleading disclosures to investors in their periodic filings concerning the impact of the 2020 SolarWinds breach on their businesses.
David Zetoony, co-chair of Greenberg Traurig’s U.S. Data Privacy and Cybersecurity Practice, is a panelist on the “Privacy, Please: Practical Tips for Navigating Data Privacy Laws” session at the ABA’s Forum on Franchising on Oct. 16 from 11:00-4:30 p.m. PT.
With no national data privacy law in place in the United States
On Aug. 2, 2024, Illinois Gov. J.B. Pritzker signed SB 2979 into law, amending BIPA in two ways: significantly limiting potential damages and updating the Act’s definition of “written release” to include an “electronic signature.”
A U.S. district court dismissed all the SEC’s securities fraud and false filings claims against SolarWinds and its Chief Information Security Officer (CISO) Timothy Brown regarding the adequacy of cyberattack disclosures, finding that the SEC had impermissibly relied on “hindsight and speculation” to find those disclosures fraudulent. The court also dismissed the SEC’s claims that
Jena M. Valdetero, co-chair of Greenberg Traurig’s U.S. Data Privacy & Cybersecurity Practice, was named the “2024 Privacy & Data Protection Lawyer of the Year” by the Delinian Legal Media Group as part of its “Women in Business Law Awards Americas 2024.” Greenberg Traurig also received a regional firm award, “Best Law Firm