The Eighth Edition of The Privacy, Data Protection and Cybersecurity Law Review is Now Available

The eighth edition of The Privacy, Data Protection and Cybersecurity Law Review takes a look at the evolving global privacy, data protection, and cybersecurity landscape in a time of unique workplace challenges, new dimensions to cybercrime, significant new data protection regimes coming into effect around the world, and increased scrutiny from regulators, Boards of Directors and customers. Several lawyers from Sidley’s global Privacy and Cybersecurity practice have contributed to this publication. See the chapters below for a closer look at this developing area of law.

Read More

EmailShare

U.S. Banking Agencies Signal Closer Review of Cryptocurrency Activities

On November 23, 2021, the Office of the Comptroller of the Currency (OCC) published Interpretative Letter No. 11791 (the Letter) clarifying the authority of national banks and federal savings associations (Banks) to engage in certain cryptocurrency, distributed ledger, and stablecoin activities. The Letter also addresses the nature of the interaction between state law and the National Bank Act for purposes of OCC oversight of trust and fiduciary activities of national banks, including national trust banks. The Letter reflects the intent of Acting Comptroller Michael J. Hsu to reset expectations regarding the expansion of Bank activities related to cryptocurrency. Concurrently, the OCC, the Board of Governors of the Federal Reserve System, and the Federal Deposit Insurance Corporation (the Agencies) released a joint statement alerting the industry of their intent to provide additional guidance in the coming months concerning certain activities related to cryptoassets conducted by banking organizations. The guidance is expected to address topics such as legal permissibility, expectations for safety and soundness, consumer protection, application of capital and liquidity standards, and compliance with existing laws related to such activities.

Read More

EmailShare

A Software Primer For Attorneys After Cyber Executive Order

When President Joe Biden issued his major cybersecurity executive order on May 12, a White House press briefing said the order would invoke:

“the power of federal procurement to say, “If you’re doing business with us, we need you to practice really good — really good cybersecurity. And, most importantly, we really need you to focus on secure software development.”

Read More

EmailShare

European General Court Judgment in Google Shopping: Key Takeaways

On November 10, 2021, the European General Court (Court) issued its judgment in Case T-612/17 Google and Alphabet v Commission (Google Shopping).

The Court dismissed almost in its entirety the action brought by Google and Alphabet against the decision by the European Commission (Commission) of June 27, 2017, which found that Google had abused its dominant market position by favoring its own comparison shopping service (CSS) on its general results pages while demoting the results from competing CSSs. The Court also upheld the fine of €2.42 billion imposed on Google by the Commission. The judgment can be appealed to the Court of Justice of the European Union (CJEU).

Read More

EmailShare

U.S. Federal Bank Regulators Require Notifications For Material Cybersecurity Incidents

On November 18, 2021, a group of federal bank regulators announced a final rule requiring banks to notify their primary federal regulator of any “significant computer-security incidents.” Regulators must be notified no later than 36 hours after the bank has determined that the incident triggers the rule’s notification requirement. Further, bank service providers are now required to promptly notify all affected banks whenever a cybersecurity disruption lasts for four or more hours.

Read More

EmailShare

Governance Challenges 2021–2022: Digital Transformation Oversight

Privacy and cybersecurity concerns are expanding, and with them the proliferation of laws and regulations. Boards play a key role in ensuring that companies are positioned to comply with various jurisdictional requirements, that they understand and mitigate related risks, and that they are well-prepared to play a key role in response to security breaches and incidents.

Read More

EmailShare

SEC Identifies Deficiencies From its Electronic Investment Advice Initiative

On November 9, 2021, the U.S. Securities and Exchange Commission (SEC) Division of Examinations (EXAMS) released a risk alert (Risk Alert) concerning deficiencies it observed in its examinations of advisers providing electronic advisory services, including advisers known as “robo-advisers.”1 Those deficiencies were in the areas of the robo-advisers’ compliance programs, portfolio management practices (including advisers’ fiduciary obligations), and marketing/performance advertising.

Read More

EmailShare
1 2 3 106
EmailShare
XSLT Plugin by BMI Calculator