By

Alan Charles Raul

09 December 2021

U.S. Commerce Department Proposes Expansion of Information and Communications Technology and Services Review Process

On November 26, 2021, the U.S. Department of Commerce (Commerce) issued a notice of proposed rulemaking (Proposed Rule) implementing Executive Order 14034 on Protecting Americans’ Sensitive Data from Foreign Adversaries (EO 14034). The Proposed Rule would bring “connected software applications” into the scope of Commerce’s authority to review certain transactions … Read More

EmailShare
22 November 2021

U.S. Federal Bank Regulators Require Notifications For Material Cybersecurity Incidents

On November 18, 2021, a group of federal bank regulators announced a final rule requiring banks to notify their primary federal regulator of any “significant computer-security incidents.” Regulators must be notified no later than 36 hours after the bank has determined that the incident triggers the rule’s notification requirement. Further, … Read More

EmailShare
19 November 2021

Governance Challenges 2021–2022: Digital Transformation Oversight

Privacy and cybersecurity concerns are expanding, and with them the proliferation of laws and regulations. Boards play a key role in ensuring that companies are positioned to comply with various jurisdictional requirements, that they understand and mitigate related risks, and that they are well-prepared to play a key role in … Read More

EmailShare
22 October 2021

Governance of Data Innovation: Risks and Rewards for Business – Key Takeaways from our Discussion with the UK Information Commissioner’s Office

On September 21, 2021, Sidley partners Alan Raul and William Long engaged in a fireside chat with Elizabeth Denham and Claudia Berg of the United Kingdom (UK) Information Commissioner’s Office (ICO). Elizabeth Denham is due to end her five-year tenure as UK Information Commissioner on October 31, 2021. Claudia Berg
Read More
EmailShare
14 October 2021

The U.S. Federal Government Continues Its Focus on Ransomware Attacks: CISA, FBI, and NSA Publish Technical Advisory on the Conti Group

On September 22, 2021, the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and National Security Agency (NSA) published a cybersecurity advisory (the “Advisory”) outlining the Conti ransomware group’s tactics, techniques, and procedures (“TTPs”) to help companies protect against their attacks. This Advisory is especially … Read More

EmailShare
04 October 2021

Changes to FTC Rulemaking Procedures Herald More Aggressive Action on Consumer Privacy

On July 22, 2021, the Federal Trade Commission finalized important changes to its procedures for rulemaking under Section 18 of the FTC Act. Section 18 authorizes the Commission to make regulations, termed “Trade Regulation Rules,” (or “Magnuson-Moss Rules” after their authorizing statute), which “define with specificity” conduct that violates the … Read More

EmailShare
23 September 2021

Get Prepared for Data Privacy Compliance Under China PIPL

On August 20, 2021, China’s National People’s Congress passed the Personal Information Protection Law (PIPL), which will become effective starting November 1, 2021. As an overarching law in China with respect to data privacy, PIPL shares many similarities with the EU General Data Protection Regulation (GDPR). If a company has … Read More

EmailShare
30 August 2021

SEC Continues Focus on Cybersecurity Disclosure Failures, Announces Settled Charges Against Pearson plc

Through its announcement of settled charges against Pearson plc (Pearson) on August 16, 2021, the U.S. Securities and Exchange Commission signaled its continued, high level scrutiny of companies’ public statements related to data security incidents.1 Without admitting or denying the SEC’s findings, Pearson agreed to a cease and desist … Read More

EmailShare
09 August 2021

Connecticut Strengthens Data Breach Notification Requirements and the Uniform Law Commission Approves and Recommends Comprehensive and Uniform State Privacy Legislation

In recent weeks, Connecticut passed An Act Concerning Data Privacy Breaches (“The Act”), and the Uniform Law Commission approved and recommended the Uniform Personal Data Protection Act (“UPDPA”).  With the growing patchwork of state data privacy laws continuing to pose challenges for compliance—and the potential for federal data privacy legislation … Read More

EmailShare
1 2 3 13
XSLT Plugin by BMI Calculator