Category

Cybersecurity

21 January 2021

A Digital Europe – Digital Health and other Recent EU Data Initiatives

Taking a step into the digital age, the European Commission announced that the 2020s shall become the EU’s Digital Decade.  The EU’s digitalization, including in the area of health, is one of the Commission’s key priorities and covers a wide range of actions and related initiatives.

Building on prior initiatives, in 2019 the Commission announced six key priorities (since supplemented by the COVID-19 recovery plan) that would shape the coming five years of policy making.  One of these six key priorities is to create a Europe fit for the digital age and work on a digital strategy that will empower people with a new generation of technologies.

(more…)

EmailShare
13 January 2021

Preparing Your 2020 Form 10-K: A Summary of Recent Key Disclosure Developments, Priorities, and Trends

This Sidley Practice Note highlights certain key disclosure considerations for preparing your annual report on Form 10-K for fiscal year 2020, including recent amendments to U.S. Securities and Exchange Commission (SEC) disclosure rules and other developments that will affect 2020 Form 10-K filings as well as certain significant disclosure trends and current areas of SEC staff focus for disclosures. Appendix A to this Practice Note sets forth a summary checklist of significant Regulation S-K amendments affecting 2020 Form 10-K filings, which are discussed in further detail. As always, we invite you to contact us with any questions on these topics or any other SEC reporting and compliance matters.

(more…)

EmailShare
08 January 2021

Trump Executive Order Blocks Transactions With Certain Chinese Software Applications

On January 5, 2021, President Donald Trump signed Executive Order (EO) 13971, banning certain transactions and activities with persons who “develop or control” eight Chinese “connected software applications,”1  specifically Alipay, CamScanner, QQ Wallet, SHAREit, Tencent QQ, VMate, WeChat Pay, and WPS Office. The prohibitions will come into effect 45 days after the issuance of the order, that is, February 19.

(more…)

EmailShare
24 December 2020

FinCEN Proposes Tracking and Reporting Virtual Currency Transactions Involving Unhosted Wallets

On December 18, 2020, the Financial Crimes Enforcement Network (FinCEN) issued a notice of proposed rulemaking (NPR) regarding a proposal to impose on banks1 and money service businesses (MSBs) new recordkeeping, reporting, and identity verification requirements in relation to certain transactions involving convertible virtual currency (CVC) or digital assets with legal tender status (legal tender digital assets or LTDA)2 if the counterparty to the transaction does not have an account with, including a digital asset wallet hosted by, a financial institution regulated under the U.S. Bank Secrecy Act (BSA) or certain foreign financial institutions not located in designated problematic jurisdictions. If adopted, the proposed rule will impose significant new burdens only on banks and MSBs involved in digital asset businesses and undercut the role of U.S. institutions in digital asset economies, including in the growing area of “decentralized finance.” The NPR proposes to exclude broker-dealers, futures commission merchants, and mutual funds, among others that are subject to the BSA from these new reporting requirements, but specifically requests the industry’s comment on whether these types of institutions should also be included within the scope of the rule.

Affected institutions will have very limited time to assess and comment on the NPR, as the comment period closes on January 4, 2021, notwithstanding two intervening federal holidays.

(more…)

EmailShare
23 December 2020

Comments Sought on Proposed Rulemaking: Computer-Security Incident Notification Requirements for Banking Organizations and Their Bank Service Providers

On December 15, 2020, the U.S. Federal Deposit Insurance Corporation (FDIC) approved and the federal banking agencies jointly announced on December 18 a notice of proposed rulemaking, Computer-Security Incident Notification Requirements for Banking Organizations and Their Bank Service Providers (NPR).1 The NPR is a joint proposal by the Office of the Comptroller (OCC), the Board of Governors of the Federal Reserve System (Board), and the FDIC.

(more…)

EmailShare
21 December 2020

European Union Implements Changes to Export Control Rules

The EU Dual-Use Regulation regulates exports outside the EU, transfers inside the EU, transit through the EU and the brokering of certain sensitive goods, services, software and technology (referred to as “items”) that are considered “dual-use.” Dual-use items have both military and civil applications. The EU has updated its export control rules for dual-use items to (1) take account of Brexit, (2) ensure consistency with recent developments in international non-proliferation regimes and export control arrangements, and (3) address cyber-surveillance and other security threats stemming from new technologies, reinforce cooperation among competent EU authorities, and impose enhanced compliance obligations (including a requirement to adopt internal compliance programs) on businesses. These updates, which are addressed in turn, will have significant implications for businesses dealing in dual-use items.

(more…)

EmailShare
28 October 2020

TRM Podcast on DOJ’s Cryptocurrency Enforcement Framework features Sidley Partner Sujit Raman

Sidley’s newest partner, Sujit Raman, former U.S. Associate Deputy Attorney General at the Department of Justice (DOJ), was among three panelists on the TRM Talks inaugural podcast, titled “Unpacking DOJ’s Crypto Enforcement Framework.” The panel discussed the DOJ’s recently-published Cryptocurrency Enforcement Framework on legitimate uses of cryptocurrencies, the inherent risks and challenges, and the federal government’s enforcement strategies in this space.

Tune in at https://blog.trmlabs.com/trm-talks/unpacking-doj-crypto-framework.

EmailShare
09 October 2020

Changes in Chinese Securities Law and Draft Data Security Law Affect Cross-Border Investigations

Recent changes to Chinese law have broad implications on cross-border data transfer in the course of investigations conducted by non-Chinese regulators. Clients work closely with counsel to navigate potential legal landmines in any defense of an investigation involving data from China.

Just over six months ago, on March 24, 2020, the People’s Republic of China’s (PRC) revised Securities Law (revised on December 28, 2019) (中华⼈民共和国证券法(2019年修订) went into effect. While the revised Securities Law affects many aspects of China’s securities law framework (including the registration of new securities for initial public offerings, disclosure requirements, and investor protection rules), a new “blocking” provision is particularly notable. Specifically, Article 177 of the revised Securities Law prohibits non-Chinese securities regulators from conducting investigations within China and prevents Chinese individuals and entities from providing information to such regulators without first receiving approval from the China Securities Regulatory Commission and/or other competent departments under the State Council.

(more…)

EmailShare
08 October 2020

Office of Foreign Assets Control: Making or Facilitating Ransomware Payments May Violate U.S. Sanctions

On October 1, 2020, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) published an advisory that highlights the risk of potential U.S. sanctions law violations if U.S. individuals and businesses comply with ransomware payment demands.1

Ransomware attacks use malware, often injected through phishing schemes, to encrypt a victim’s data files or programs, followed by a ransom demand by the threat actor that offers the decryption key in exchange for payment. Payment is often demanded in bitcoin, and thus third-party services are often used to make such payments. Increasingly, ransomware attacks not only lock data up but steal data from the victim and threaten to publish sensitive files belonging to victims. According to OFAC, ransomware attacks have been increasing over the last two years and are a special risk during the COVID-19 pandemic, with cybercriminals targeting not only large corporations but also small to medium enterprises, hospitals, schools, and local government agencies.2

(more…)

EmailShare
29 September 2020

An Early Recap of Privacy in 2020: A US Perspective

*This article was adapted from “Global Overview,” appearing in The Privacy, Data Protection and Cybersecurity Law Review (7th Ed. 2020)(Editor Alan Charles Raul), published by Law Business Research Ltd., and first published by the International Association of Privacy Professionals Privacy Perspectives series on September 28, 2020.

Privacy, like everything else in 2020, was dominated by the COVID-19 pandemic. Employers and governments have been required to consider privacy in adjusting workplace practices to account for who has a fever and other symptoms, who has traveled where, who has come into contact with whom, and what community members have tested positive or been exposed.

As a result of all this need for tracking and tracing, governments and citizens alike have recognized the inevitable trade-offs between exclusive focus on privacy versus exclusive focus on public health and safety.

(more…)

EmailShare
1 2 3 22
XSLT Plugin by BMI Calculator