By

Michael R. Roberts

24 September 2021

Five Key Considerations Regarding New U.S. Sanctions to Address Ransomware Threats

On September 21, 2021, the U.S. Department of the Treasury (Treasury) Office of Foreign Asset Control (OFAC) imposed sanctions on a virtual currency exchange called Suex OTC, S.R.O. (Suex), and published an updated advisory on potential risks for those who facilitate ransomware payments. These coordinated actions represent significant moves by … Read More

EmailShare
30 August 2021

SEC Continues Focus on Cybersecurity Disclosure Failures, Announces Settled Charges Against Pearson plc

Through its announcement of settled charges against Pearson plc (Pearson) on August 16, 2021, the U.S. Securities and Exchange Commission signaled its continued, high level scrutiny of companies’ public statements related to data security incidents.1 Without admitting or denying the SEC’s findings, Pearson agreed to a cease and desist … Read More

EmailShare
28 July 2021

West Coast, East Coast, and Now Mountains, Too: Colorado Joins the Comprehensive State Privacy Law Club

With the U.S. Congress continuing to stymie federal omnibus privacy legislation, states have decidedly taken up the call. Most recently, on July 8, 2021, Colorado Gov. Jared Polis signed into law Senate Bill 21-190, the Colorado Privacy Act (CPA). With the signing of the CPA, which will largely go into … Read More

EmailShare
24 June 2021

SEC Announces Settled Charges Against First American for Cybersecurity Disclosure Controls Failures – Lessons Learned

On June 15, 2021, the SEC announced settled charges against First American Title Insurance Company (First American) for disclosure controls and procedures violations related to a cybersecurity vulnerability that exposed sensitive customer information.1  Without admitting or denying the SEC’s findings, First American agreed to a cease-and-desist order and to … Read More

EmailShare
08 October 2020

Office of Foreign Assets Control: Making or Facilitating Ransomware Payments May Violate U.S. Sanctions

On October 1, 2020, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) published an advisory that highlights the risk of potential U.S. sanctions law violations if U.S. individuals and businesses comply with ransomware payment demands.1

Ransomware attacks use malware, often injected through phishing schemes, to encrypt a … Read More

EmailShare
20 August 2020

Third Time’s the Charm: CCPA Regulations Finally Approved With Limited Substantive Changes from June 2020 Version

On August 14, 2020, California’s Office of Administrative Law approved and filed with the California Secretary of State final regulations implementing the California Consumer Privacy Act.  The regulations, drafted by California’s Office of the Attorney General (OAG), went through three rounds of changes during the rulemaking process and were finally … Read More

EmailShare
19 August 2020

Historic Charges: First Enforcement Action Filed by New York Department of Financial Services Under Cybersecurity Regulation

On July 21, 2020, the New York State Department of Financial Services (NYDFS or the Department) issued a statement of charges and notice of hearing (the Statement) against First American Title Insurance Company (First American) for violations of the Department’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R. Part 500 … Read More

EmailShare
04 June 2020

CCPA Enforcement Date Rapidly Approaching: California Attorney General Proposes Regulations for Final Review With July 1, 2020 Less Than One Month Away

On June 1, 2020, California’s Office of the Attorney General (“AG”) moved one step closer to finalizing the California Consumer Privacy Act (“CCPA”) regulations when the AG submitted proposed final regulations for review and approval by California’s Office of Administrative Law (“OAL”).  This submission signals the end of the AG’s … Read More

EmailShare
07 May 2020

In Midst of COVID-19 Pandemic, Senators Propose Privacy Bill Aimed At Businesses’ Use of Consumer Data

On April 30, 2020, four Republican Senators announced plans to introduce the COVID-19 Consumer Data Protection Act.  The four Senators, John Thune (R-S.D), Roger Wicker (R-Miss.), Jerry Moran (R-Kan.), and Marsha Blackburn (R-Tenn.), are all Members of the Commerce Committee, with Wicker the Committee’s chair.

According to the April 30 … Read More

EmailShare
10 April 2020

CCPA Marches On: California Attorney General Proposes Further Revisions to CCPA Regulations, Industry Pleads for Enforcement Delay Amid COVID-19 Crisis

While the world seems to have ground to a halt in so many ways, time still marches on, and along with it, the California Consumer Privacy Act (“CCPA”) enforcement date (July 1, 2020) inches ever closer.   On March 11, 2020, the California Attorney General (“AG”) released the third turn of … Read More

EmailShare
XSLT Plugin by BMI Calculator