SEC

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

Connecticut Attorney General Report: CTDPA Enforcement Insights & Takeaways | Privacy World

California Attorney General Announces Industry Investigative Sweep into

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

2023 Cybersecurity Year In Review | Privacy World

FTC Consumer Protection and Data Protection Insights for 2024 | Privacy World

2023 was another busy year in the realm of data event and cybersecurity litigations, with several noteworthy developments in the realm of disputes and regulator activity.  Privacy World has been tracking these developments throughout the year.  Read on for key trends and what to expect going into the 2024.

Growth in Data Events Leads to Accompanying Increase in Claims

The number of reportable data events in the U.S. in 2023 reached an all-time high, surpassing the prior record set in 2021.  At bottom, threat actors continued to target entities across industries, with litigation frequently following disclosure of data events.  On the dispute front, 2023 saw several notable cybersecurity consumer class actions concerning the alleged unauthorized disclosure of sensitive personal information, including healthcare, genetic, and banking information.  Large putative class actions in these areas included, among others, lawsuits against the hospital system HCA Healthcare (estimated 11 million individuals involved in the underlying data event), DNA testing provider 23andMe (estimated 6.9 million individuals involved in the underlying data event), and mortgage business Mr. Cooper (estimated 14.6 million individuals involved in the underlying data event). Continue Reading 2023 Cybersecurity Year In Review

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

India Welcomes Landmark Data Protection Law | Privacy World

Join Us Live in Washington DC on September 19: Avoiding Litigation

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

The French CNIL’s New Guidance on Whistleblowing | Privacy World

SEC Adopts Final Cybersecurity Risk Management and Incident Disclosure Regulations

After much anticipation, the Securities and Exchange Commission (the “Commission”) has adopted Regulations (the “Regulations”) regarding public companies’ obligations to include disclosure in annual reports on Form 10-K (Form 20-F for foreign issuers) regarding material cybersecurity risks, risk management and governance, and to file current reports on Form 8-K (for 6-K for foreign issuers) to report material cybersecurity incidents. The Commission adopted many of the reporting requirements proposed in the March 2022 draft of the Regulations and discussed in our prior blog post. Notably, the obligation to disclose information regarding the Board of Directors’ cybersecurity expertise was eliminated from the final Regulations based on feedback from commentors who objected to this requirement. In the coming days, we will publish a thorough article regarding public companies’ new reporting obligations, but in this post we briefly summarize the new requirements adopted.Continue Reading SEC Adopts Final Cybersecurity Risk Management and Incident Disclosure Regulations

We are pleased to announce that SPB’s Kristin Bryan will be speaking at the upcoming Cybersecurity & Privacy Protection Conference on Thursday, April 20 at 8:15 a.m. EDT. Kristin will be joined by the Regional Director from the Federal Trade Commission and a staff attorney from the Securities and Exchange Commission. This live event will

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

UNSUBSCRIBED! — FTC Proposes Substantial Amendments to the Negative Option Rule to Cover all Autorenewals, including B2B Services, and Add

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

Divided SEC Proposes Slew of Cybersecurity Regulations for Securities Market Entities | Privacy World

Utah’s Social Media Regulation Act Signed

Privacy World’s Kristin Bryan recently caught up with finance industry resource CFO Dive on the Blackbaud Securities and Exchange Commission (SEC) settlement. The settlement, which stems from a 2020 ransomware attack that impacted more than 13,000 customers, offers public companies a warning for weak breach protocols as well as insight into the coming SEC cyber