Data Protection in Financial Services Week 2022
WEBINAR
From February 28-March 3, Sidley and OneTrust DataGuidance hosted their annual Data Protection in Financial Services (DPFS) Week, a series of webinars looking at the impacts of data privacy across the financial sector. Industry speakers covered a range of issues including:
- How the latest privacy and cybersecurity developments in
U.S. Government Issues Warning of Threat Against U.S. Critical Infrastructure
On February 25, 2022, in light of Russia’s attack on Ukraine, and months of continuing Russian state-sponsored cyberattacks on Ukrainian government and critical infrastructure organizations, the Cybersecurity and Infrastructure Security Agency (CISA) issued a “Shields Up” warning to American critical infrastructure organizations and businesses, stating that “[e]very organization—large and small—must … Read More
California Privacy Agency: CPRA Regs Not Likely Until Late 2022
Final regulations implementing the California Privacy Rights Act (CPRA) may not be issued until Q3 or Q4 2022, as reported by Executive Director Soltani of the California Privacy Protection Agency (“CalPPA”) at its February 17th Board meeting. This means that businesses subject to CPRA will not have regulatory guidance on … Read More
FTC Announces it May Pursue Rulemaking to Combat Discrimination in AI
On December 10, the Federal Trade Commission (FTC) announced it is considering a rulemaking on commercial Artificial Intelligence (AI). The purpose of the rulemaking, according to an advanced notice of proposed rulemaking (ANPRM) titled “Trade Regulation in Commercial Surveillance,” would be “to curb lax security practices, limit privacy … Read More
West Coast, East Coast, and Now Mountains, Too: Colorado Joins the Comprehensive State Privacy Law Club
With the U.S. Congress continuing to stymie federal omnibus privacy legislation, states have decidedly taken up the call. Most recently, on July 8, 2021, Colorado Gov. Jared Polis signed into law Senate Bill 21-190, the Colorado Privacy Act (CPA). With the signing of the CPA, which will largely go into … Read More
COVID-19: Key EU And U.S. Cybersecurity Issues and Risk-Remediation Steps
The COVID-19 crisis has created significant cybersecurity risks for organizations across the world, particularly arising from remote working, scams and phishing attacks, and weakened information governance controls. These risks warrant attention by legal counsel and information security officers in light of potentially significant adverse legal, financial and reputational consequences that … Read More
Oregon Requires Vendors to Report Data Breaches
While much of the New Year attention has been focused on California due to the effective date of the California Consumer Privacy Act, a new Oregon law also went into effect on January 1, 2020 complicating compliance with data breach obligations. The law is unique among state data breach … Read More
Maine’s Act to Protect the Privacy of Online Consumer Information
Since the passage of the California Consumer Privacy Act (Cal. Civ. Code §1798.100 et seq.) (“CCPA”), several states are following in California’s footsteps and adopting privacy bills that would allow consumers to object to the sale of their personal information.
Ohio Law Recognizes Safe Harbor in Data Breach Litigation
Companies with robust cybersecurity programs may still be vulnerable to attack. A new, first-of-its-kind law in Ohio now recognizes this fact. On November 1, 2018, the Ohio Data Protection Act (SB 220) establishes a safe harbor from state tort actions in data breach cases for entities that have developed an … Read More
Senate Hearing on Federal Privacy Law: Question is Not Whether But What Form
On September 26, the Senate Commerce Committee invited tech and telecom companies to the Hill to discuss safeguards for consumer data privacy. “The question,” noted Chairman John Thune, “is no longer whether we need a federal law to protect consumers’ privacy. The question is what shape that law should take.” … Read More