On October 27, the Federal Trade Commission (“FTC”) announced it was updating the data security safeguards rules that banks are required to implement in order to protect customer information as part of Gramm-Leach Bliley Act (the “Safeguards Rule”). The FTC’s update follows a string of data breaches in recent years […]
Technology & Intellectual Property Update
New Bill Would Require Companies to Disclose Ransomware Payments
A new proposed law would require businesses in the U.S. to disclose any ransomware payments within 48 hours of the transaction. The bicameral Ransom Disclosure Act, drafted by Sen. Elizabeth Warren and Rep. Deborah Ross, would mandate companies and organizations (but not individuals) to provide the U.S. Department of Homeland Security […]
The Securities Exchange Commission Enacts New Data Breach Requirements
The SEC entered into a settlement agreement with Pearson PLC (“Pearson”), an educational publishing company[1] emanating from a data breach suffered by Pearson. In the agreement, the Commission found that Pearson “made material misstatements and omissions regarding a 2018 cyber intrusion.” The 2018 breach encompassed a large amount of data […]
California Enacts New Laws to Protect Genetic Data
Over the course of the past several years, California has pursued an aggressive approach in adopting legislation intended to protect the privacy and security of personal information, including through the adoption of the California Consumer Privacy Act (“CCPA”) and the enhancement of certain rights provided under the CCPA that were […]
CPPA Seeks Preliminary Comments on Rulemaking for the CPRA
The newly formed California Privacy Protection Agency (“CPPA”) issued an Invitation for Preliminary Comments on Proposed Rulemaking under the California Privacy Rights Act of 2020 (the “CPRA”), on September 22. Earlier this year we detailed the specifics of the CPRA, and now the CPPA, which was established under the CPRA, […]