As companies manage or store increasing amounts of data, cybersecurity and data privacy issues and obligations transcend geographies to become huge assets or liabilities. The costs associated with a data breach or other cybersecurity event can be devastating, and thus protecting organizations from a breach has become the responsibility of senior executives and directors. Every company must implement appropriate safeguards and best practices to protect data, comply with the many regulations and statutes, and minimize risks. The failure to follow proper cybersecurity and data privacy protocols can expose an organization to significant liability.
–
Date | Title |
---|---|
January 2024 | New Cybersecurity Disclosure Rules for Public Companies: Update As we previously reported in July 2023, the U.S. Securities and Exchange Commission (the “SEC”) adopted new cybersecurity disclosure rules for public companies. As the heavy annual reports season approaches, we wanted to provide this reminder and update and to point out some recent clarifications from the SEC on several matters that we had previously highlighted. |
January 2024 | Digital Right to Repair Expands to Influential State of California New York pioneered right-to-repair legislation with the New York Digital Fair Repair Act (NY DFRA) in 2023, prompting similar acts in Minnesota and California. The California Right to Repair Act, effective from July 1, 2024, surpasses NY DFRA by imposing broader requirements on original equipment manufacturers (OEMs), mandating them to provide replacement parts, tools, and documentation to product owners and repair facilities for a specified period, irrespective of whether an authorized repair provider exists. |
January 2024 | Understanding Tech Terms: AI, Cybersecurity, Crypto, and Data Privacy — Part V The fifth installment in a series of terms and definitions that will help non-techies navigate the terminology associated with this area. |
December 2023 | New York DFS Finalizes Amendment to its Cybersecurity Regulations New York DFS adopted its long awaited Second Amendment to Cybersecurity Regulations, introducing a “Senior Governing Body,” stricter compliance for “Class A” companies, and additional reporting for Chief Information Security Officers, emphasizing the need for covered entities to promptly assess and implement measures to ensure compliance. |
November 2023 | New York City Seeking to Expand its Biometric Data Collection Law New York City has proposed amendments to its Biometric Identifier Information Law, expanding coverage to all public places, regulating the use of biometric recognition technology with written consent requirements, and prohibiting landlords from using such technology to identify tenants or guests. |
August 2023 | Latent Ambiguities in New York’s Digital Fair Repair Act as Finally Enacted New York has passed the Digital Fair Repair Act (DFRA), making it the first state to enact right-to-repair legislation for digital electronic devices, requiring manufacturers to provide replacement parts, tools, and documentation to independent repair shops and individuals on fair and reasonable terms, however questions remain about the interpretation of certain provisions, including a lookback period starting on July 1, 2023. |
July 2023 | SEC Adopts New Cybersecurity Disclosure Rules for Public Issuers This article discusses the SEC’s new cybersecurity rules for public companies, necessitating prompt disclosure of material cybersecurity incidents, annual reporting on cybersecurity risk management, and the addition of specific disclosure items in Form 8-K and Form 10-K filings. |
July 2023 | Understanding Tech Terms: Cybersecurity, Crypto, and Data Privacy — Part IV The fourth installment in a series of terms and definitions that will help non-techies navigate the terminology associated with this area. |
June 2023 | The Growing Risks of Collecting and Using Biometric Data: Regulations in New York and Elsewhere This advisory is important to clients that are subject to NYS statutes that store or use data. A reported 79% of companies are employing biometric tech (bypassing passwords for things like payment security). |
May 2023 | No Way Out: Antitrust Considerations Buttress Right To Repair Statutes The right to repair landscape is constantly changing, and a flurry of developments highlight a nationwide shift to require OEMs manufacturing products that depend on digital and electronic components to change how they provide diagnostic information, equipment, tools, and replacement parts in their relevant markets. |
May 2023 | StableCoins Are (Not Just Similar To) Money Market Funds Our article discusses a correlation of the proposition that digital assets are investment contracts and therefore are securities, namely that pools of digital assets are investment companies, as defined in the Investment Company Act of 1940. |
May 2023 | Understanding Tech Terms: Cybersecurity, Crypto, and Data Privacy — Part III The third installment in a series of terms and definitions that will help non-techies navigate the terminology associated with this area. |
April 2023 | SEC Addresses Cybersecurity Market Risks, Controls and Disclosures for Market Participants Through Proposed New Rules and Amendments The SEC has proposed rigorous regime changes for a wide range of market participants that maintain data about investors. This flurry of rulemaking activity by the SEC is intended to address cybersecurity and technology risks and their implications for the markets. |
April 2023 | Understanding Tech Terms: Cybersecurity, Crypto, and Data Privacy — Part II The second installment in a series of terms and definitions that will help non-techies navigate the terminology associated with this area. |
January 2023 | Understanding Tech Terms: Cybersecurity, Crypto, and Data Privacy — Part I The first installment in a series of terms and definitions that will help non-techies navigate the terminology associated with this area. |
Watch our SHIELD Act Video Series: