Regulators’ enforcement priorities evolve alongside technological changes and in response to consumer-impacting activities that are emphasized in news headlines. This trend can be seen in the SEC’s relatively recent focus on monitoring and bringing formal actions against opportunistic stock trading by corporate insiders who have knowledge of enterprise security incidents and data breaches.

As the SEC described in its 2018 guidance intended to assist public companies in preparing disclosures about cybersecurity risks and incidents: “Companies and their directors, officers, and other corporate insiders should be mindful of complying with the laws related to insider trading in connection with information about cybersecurity risks and incidents, including vulnerabilities and breaches.”

What follows is an overview of an article published in Cybersecurity Law Report (subscription paywall) last week by Greenberg Traurig’s Darren Abernethy regarding the interplay between corporate insider trading and cybersecurity incidents, including some possible planning steps for businesses to consider with legal counsel.
Continue Reading Insider Trading in the Data Breach Context: Proactive Corporate Planning and Regulatory Enforcement

On February 7, 2020, the California Attorney General’s Office (OAG) issued proposed changes to the California Consumer Privacy Act Regulations (Modified Regulations), which were originally issued on October 11, 2019. Organizations have until February 24 to submit written comments on the proposed changes to the regulations implementing the CCPA.

Key Changes

Some of the major

YouTube Content Creators Must Act

As of January 6, 2020, YouTube creators must designate their videos (both new as well as all videos previously posted) as either made for kids or adults. The new requirement has left esport, gaming, musician, vlog, and many other creators scrambling to correctly categorize their videos; otherwise, they face a

In the wake of the California Consumer Privacy Act of 2018 (CCPA) and an updated Nevada privacy law that took effect in October 2019, states are wasting no time in 2020 introducing new privacy laws of their own.

Joining the chorus of Virginia and Florida, this month state lawmakers in New Hampshire,

On Nov. 22, 2019, the representatives of the EU member states rejected the Finnish Presidency’s proposed text for the ePrivacy Regulation, making the future of ePrivacy Regulation uncertain. The ePrivacy Regulation, which if adopted would be binding across all EU member states, will govern direct electronic marketing messages, cookies, and similar tracking technologies. The ePrivacy